email
phyllis.liu@shuztung.com.tw

On Duty: 8am - 5pm

Shuz Tung Information Security

Shuz Tung Machinery Industrial has won considerable trust and support from domestic and international major companies from semiconductor, flat panel display processes, intelligent medical imaging, turnkey planning for bicycles, and parts processing of automobiles, scooters, and variety of industries.

Information Security

Shuz Tung Information Security

Information Security Policy

In order to promote and strengthen information security management and to establish a secure and reliable electronic enterprise, Shuz Tung Machinery ensures the security of data, systems, equipment and networks to protect the rights and interests of the company. We conduct information security risk assessment, determine the level of security requirements for various information operations, and implement appropriate and sufficient information security measures to ensure the security of information collection, processing, transmission, storage and circulation. Comply with information security related policies, regulations and relevant laws and regulations.

    Information Security Strategy

  • Confidential data and files shall not be transmitted by e-mail or other electronic means. If there is a need for electronic transmission of sensitive information and files other than confidential information, appropriate security technology will be used as necessary.
  • The use of the Internet and the global information network to publish and circulate information is subject to data security assessment, and confidential, sensitive, and personal privacy information and files without the consent of the subject are not allowed to be published on the Internet.
  • The network points connected to the external network are equipped with firewalls and other necessary security facilities to control the data transmission and resource access between the external and internal networks.
  • Information systems that are open for external connection operations, depending on the importance and value of the information and systems, use security techniques or measures to prevent intrusion, destruction, tampering, deletion, and unauthorized access to the information and systems.
  • Uses the Internet to transmit information or process transactions, assesses possible security risks, and determines the security requirements for data transmission with respect to integrity, confidentiality, and availability.
  • If visitors need to bring laptops or mobile phones with cameras into the company's controlled areas, they must attach a tear-proof label to the external storage device's plug and camera lens. When leaving, the receptionist will check that all tear-proof labels are intact. If any violation is found, the receptionist will immediately report to the information department personnel for further inspection.
  • Regular information security education and training are conducted to establish employee awareness of information security and enhance information security standards. Departmental managers are responsible for supervising the information operations security of their employees, preventing illegal and improper behavior..
  • Enhance the training of information security management personnel to improve their abilities in managing, maintaining, designing, and operating important information systems. Personnel should be appropriately divided and assigned responsibilities, with the establishment of checks and balances mechanisms as needed. Job rotations should be implemented, and a personnel backup system established.
  • Establish an information security audit system and conduct information security audits from time to time, and prohibit arbitrary deletion and modification of audit records in the system.
  • Establish a disaster emergency call handling mechanism and take contingency measures to minimize damage in the event of an information security incident in accordance with the provisions of the disaster emergency response workflow to ensure continuous business operations.
    Information Security

  • Deploys anti-virus software on computers, and regularly updates virus codes and upgrades the operating system to patch system vulnerabilities.
  • External mail filtering mechanism, in order to prevent the leakage of confidential information, all incoming and outgoing external mail are recorded in detail by the monitoring system of the information department for the purpose of information security checks.
  • Computer deployment information security software, it is strictly prohibited to install or upgrade unauthorized software.
  • Network firewall mechanism, the computer's external network service privileges are clearly listed and controlled.
  • All drawing files (both 3D and 2D) generated by the research and development department are automatically encrypted through the encryption system.