矽聯科技股份有限公司 - E首發票加值服務中心資訊安全政策
SYSTEMLEAD TECHNOLOGIES CO., LTD. - E-Invoice Value-Added Service Center Information Security Policy
企業級資安防護與法規遵循指引 / Enterprise-Grade Cyber Security & Compliance Guidelines
為保障加值服務平台之數據完整性、機密性與可用性,矽聯科技遵循國際最高標準,建構全面性資訊安全防護體系,戮力確保所有企業用戶與消費端數據免受潛在威脅。
To guarantee the integrity, confidentiality, and availability of our value-added service platform, SYSTEMLEAD TECHNOLOGIES adheres to the highest global standards to construct a comprehensive information security framework, steadfastly safeguarding all enterprise and consumer data against potential threats.
一、資訊安全措施 / I. Information Security Measures
| 安全項目 / Security Item | 中文說明 / Chinese Description | 英文說明 / English Description |
|---|---|---|
|
1. 網絡監控與入侵偵測 Network Monitoring & Intrusion Detection |
使用進階網路入侵偵測系統,持續監控網路流量,有效偵測及防止未經授權的存取、修改或破壞行為。 | Advanced network intrusion detection systems are employed to continuously monitor network traffic and effectively detect and prevent unauthorized access, modification, or destruction. |
|
2. 防火牆與防病毒技術 Firewall & Antivirus Technologies |
裝設高效能防火牆,以防止非法入侵、破壞或資料竊取。定期更新並運行先進的防病毒軟體,保障網站及使用者資料安全。 | High-performance firewalls are installed to prevent illegal intrusion, destruction, or data theft. Advanced antivirus software is regularly updated and run to ensure the security of the website and user data. |
|
3. 多因素身份驗證 (MFA) Multi-Factor Authentication (MFA) |
對於敏感操作(例如登入、資料修改等)實施多因素身份驗證,以增強賬戶安全。 | Multi-factor authentication is implemented for sensitive operations (such as login, data modification, etc.) to enhance account security. |
|
4. 資料加密 Data Encryption |
對所有用戶數據進行強力加密,無論是在傳輸還是存儲過程中,以確保資料安全。 | All user data is strongly encrypted, whether in transit or storage, to ensure data security. |
|
5. 安全事件應對與恢復 Security Incident Response & Recovery |
定期進行模擬駭客攻擊演練,以測試並優化系統回復程序。實施定期數據備份至備援主機,確保數據的可靠恢復。 | Regular simulated hacker attack drills are conducted to test and optimize system recovery procedures. Regular data backup to a backup server is implemented to ensure reliable data recovery. |
|
6. 系統更新與維護 System Updates & Maintenance |
自動接收並響應作業系統和應用軟件的安全更新通知,定期安裝修補程序(Patch)。 | Automatically receive and respond to security update notifications from operating systems and application software, and regularly install patches. |
|
7. 內外部安全審計 Internal & External Security Audits |
定期進行內部和外部安全審計,以確保安全政策之合規落實與持續優化。 | Rigorous internal and independent external security audits are conducted methodically to evaluate compliance postures and foster continuous enhancement of our security controls. |
透過導入完備的資安政策與嚴格的防護邏輯,e首發票不僅將技術潛在風險降至最低,更能確保跨境與在地電商模式,完全符合財政部與國際資訊安全標準的要求。
By implementing comprehensive information security policies and rigorous defensive logic, eInv minimizes potential technical risks, ensuring that cross-border and local e-commerce models strictly comply with the Ministry of Finance and international information security standards.