Objectives of Chofn IP
information security project

To protect customer core technology secrets and trade secrets

Procedure and Data Security

Different companies pays different attention to information security, different stages of company have different strategy.

To Chofn IP, our management has now understood that given our size, achieving growth is not a problem; The focus should be put on docketing procedure, risk management and sustainability.

DATA TYPE AND DEFINITION

  • Personal info

    Data pointing to a natural person; Data one's not willing to open.

    Example:Employee personal info, cvs, etc.
  • Key Asset Data

    Data asset that has great commercial value, that makes the company at competitive advantage, that have great effects on business model and product development.

    Example:Source code, consultancy solutions, etc.
  • Business Secret

    Unpublished technical and business data that can bring commercial benefits to the right holder, and have practicality and taken confidential measures .

    Example:COntracts, compensations, cost&profits
  • Sensitive info

    To protect our client's core interests, Chofn IP implements strict rules and comprehensive solution on IT infrastructure and company system.

    Technical disclosure, unpublished patent applications, etc.

SOLUTION GUIDELINES

Building
Security Boundaries

  • Seperation of internal and external network

    Protection against external attacks and prevent internal unintentional disclosure.

  • Intranet partition management

    Building data security management system and matching security strategy for different business nature.

  • Outer net + Physical Media + Email + IM Software DLP control

    Implement different management strategies on each port through the DLP (data loss prevention) tool.

Building Security Boundaries

Permission Management

  • IAM unified identification

    Centralized management of logins and permissions.

  • Job permission management

    Through job requirements and responsibilities, setting the data security permissions of the confidential info, landing on DLP.

Permission Management

Standardized process management Ernst & Young System and culture

  • Improving management and supervision

  • Promote information security culture among organization

Standardized process management Ernst & Young System and culture
TOP