The World Wide Web of Yushan National Park respects and protects your privacy and security, we explain the Website Information Security Policy for you to safeguard your rights. We’d like you to read in detail the following content:
Information Collection and Usage
Protected by related regulations, we will not expose your personal information to others except to provide services you’ve requested.
When browsing the website, we will automatically collect following information: date, time, browsed web pages, your IP, your browser, and what you have done on the website (eg. download etc.) The information will be used to improve the efficiency of the website. We also monitor IP that causes great burden to the website.
The Responsibility of Information Security and Training
For those who have the administrator authority involving sensitive and confidential information, we will assign tasks properly, decentralize the responsibility and form an evaluation and assessment system. If necessary, we will establish personnel supporting system.
For those who quit or being sacked from their job, according to related procedure, we will immediately cancel their administrator authority in all systems.
Based on each one’s role and functions on the job, we hold various seminars on training and promotion. We want our staff to fully understand the importance of information security, all the possible risks, and elevate their consciousness to make them abide the regulations concerning information security.
Information Security and Protection
To establish process of handling information security event, we give necessary authority to related personnel to handle information security events with great efficiency within the minimal of time.
Establish reporting mechanism of information and system changes to prevent leaks of system security.
According to related regulations, we will handle and protect personal information with great care.
Set up system-support equipment, execute necessary data, software backup and support actions, so if there is any accident or hardware failure, the office work would soon be operational.
Network Security Management
Every node that connects to the outside network will be protected by firewall to control information transferring and data access. We will also execute identification process.
We will not save sensitive and confidential information, documents on the system that is open to external users. We will not send confidential documents via email.
We will periodically assess internal network information security equipment and virus detection application. We will also update virus code in the virus detection application and every security measures.
System Access Control Management
Based on computer operating environment and security requirements to stipulate password verification and change procedure. We will also document the procedure.
When log in an operating environment, we will decide the authority perimeter of each staff in every level. The administrator will set up account and password and update them periodically.