ISO 27001 Cyber Security Policy osTicket Documents Synology Drive Abnormal Synology Drive Synology Chat Mac Mail Mac Outlook Windows Outlook Phone, Fax Adobe Acrobat Sign

ISO/IEC 27001 Goal Guide Lines
(updated 20 Jan 2024)

  1. Computer Lab’s Job Description
    1. To help users on computer and network trouble-shooting calls.
    2. Backup the data and configurations from Servers.
    3. Record and backup the outgoing telephone calls.
    4. Computer Lab staff is not allowed to speak or divulge any information outside the Computer Lab office.
    5. Computer Lab does not responsible for the computers (or any other hardware) which are not under Supercomnet Group's properties.
  2. Firewall (Sharetech, Taiwan)
    1. Our firewall is daily updated to prevent and stop any malware or viruses to our internal network from outside.
    2. All internet browsing and email incoming/outgoing are filtered by firewall for security protection.
    3. Any special login from outside (employees, contractors or customers) must be approved by department head.
    4. If anything goes wrong with the current firewall (primary), we will have a secondary firewall as a backup.
  3. Networking Status
    1. We are fully networking from STB to SAC and SMP with 1000Mbps (1Gbps).  From building to building, we use Fiber.
    2. Some print servers are running 100Mbps.
    3. Departments’ iPhone and iPad will connect to our WiFi, the speed is depending on the current environment.
    4. Supplier(s) or visitor(s) needs to request WiFi if they need. The password changes every time.
  4.  Internet (Maxis ONE, Business Fibre)
    1. We are using Maxis ONEBusiness Fibre.
    2. Only managers can have the full access to the Internet.
    3. If the users need to access some websites, they need to issue the osTicket with their manager's approval.  The websites will be added to whitelist in firewall once approved.
    4. For fax, we use the VoIP function from Maxis 4G Router for Supercomnet Group.  The router is somehow not stable.
  5. The Communication Apps
    1. Some of the departments are allowed to use the Apps to call/message to suppliers or the customers: Skype, LINE, WhatsApp, WeChat, iMessage.... etc..
    2. We are not able to backup the data from any of the Apps, so email is the formal and final confirmation.
  6. E-Mail System (Sharetech, Taiwan)
    1. Mail Server will automatically check the e-mails. Once the new mail has arrived, user will be noticed by the system.
        1) STB's email address format: username@supercomnet.com.my
        2) SAC's and SMP's email address format: username@supercomal.com.my
    2. Sales users are using their own name as the user name.  Each department is using the department's short name to be the user name.
    3. Every user has the limitation of the storage of 30GB.  System will inform users when their storage is reached 90%.
    4. All of the users are able to open their web based e-mail at any workstations.
    5. For security reasons, we will monitor all incoming and outgoing e-mails.
    6. If sender (either outside or inside Supercomnet Group) sends any e-mail that is not for business (including boring, funny, sensitive and sexual related wording, texts, pictures), or sends to a their e-mail address, the System will delete the message(s) and notice the sender. We may have to block the sender if it is getting serious.
    7. If we have found that the e-mail is sending from/to personal-like e-mail address, Supercomnet Group has the rights to ignore or deny the message if anything went wrong between Supercomnet Group and other suppliers/customers.
    8. The E-Mail Server only allows sending/receiving every e-mail with the maximum size of 20MB (calculated by computer, users to expect bigger size from screen) in case of any networking "traffic jam".
  7. Mail Archive System (Sharetech, Taiwan)
    Mail Archive System is intended to provide long-term email retention, ensuring that email correspondence is available when needed.  With a mail archive system, STB Group can store large volumes of email and users can retrieve it quickly and easily, without the need for specialised expertise.  It ensures data integrity, meaning that the email remains unchanged and is stored in a secure location, reducing the risk of email breaches or corruption.
    1. While Mail Server is limited to 30GB, Mail Archive has no limit of storage, but will auto delete old emails after 10 years. (10 years calculation is counted on the day when we migrated the emails)
    2. The security rules are based on ISO BS7799.
    3. Some emails may be searched from 2007, if it is applicable.
    4. We will store everyone's emails to Mail Archive Server up to last month.
  8. Data Archive System
    Data Archive System is intended to provide long-term data retention, ensuring that data is available when needed.  With a data archive system, STB Group can store large volumes of data and users can retrieve it quickly and easily, without the need for specialised expertise.  It ensures data integrity, meaning that the data remains unchanged and is stored in a secure location, reducing the risk of data breaches or corruption.
    1. Users may search the files from 2014 until last month (The "last month" is after Lab has done the backup job).  Basically it will store as the said years from ISO procedure, but we will keep files as long as if the storage is still available.
    2. Everyone is READ only (no change, modify or delete), but users can copy to users' own folder if needed.
    4. The files are basically Microsoft Office (now Microsoft 365) documents, PDf...etc..
    5. The ways to access from Mac and PC are different.  Users need to follow the instructions from the portal menu.
  9. Workstation Surveillance
    1. Lab is able to monitor all Mac workstations.
    2. Users are not allowed to copy files/data on the desktop or install any other software to the computer.  If users do so, we will delete them without notice.  A warning letter will come out if necessary.
    3. If users need to change or install new software to the computer, they must issue Ticket to Computer Lab.
    4. Windows users are only allowed to use their own D drive.  If applicable, maybe E, F or others.
    5. Mac users don’t have the D drive, only the mounted Data drive.
    6. Users are NOT allowed to put their user id and password on the table or stick on iPad and around the computer.  Users need to keep it securely that no one else could see it.
  10. Workstations / Servers Operating Hours
    1. The operating time for Servers (Data, ERP, Payroll/e-HR, Globodox...etc.) is Monday - Saturday @ 6:00am ~ 10:00pm.
    2. The Mail Server is running 24/7.
    3. If the user needs to work more than the normal hours, they need to fill in the “Request Extending Server” form to Computer Lab before 5:40pm. Otherwise Computer Lab will ignore the request.
    4. To work on Sunday, holiday or shutdown day(s), the request might be rejected.  It is in case if the voltage would be unstable and would be suddenly too big (> 240V), it might damage the UPS or Workstation.
  11. osTicket - Support Ticket System
    1. For the better record of all questions and trouble-shooting, we use osTicket.
    2. Users log in with email address and must issue a ticket to Lab with the correct Help Topic so Lab can do the job according to the inquiry and “Closed” the case once it’s done. User can also attach picture(s) or document(s) with the ticket.
    3. All the submission/issue problems/questions must be issued from the osTicket System to keep all the records.
    4. Click "Open a New Ticket" and fill in the necessary information and the description, attach the picture(s) if you wish. Click "Create Ticket" once you have done. The system will email the issuer the ticket number so issuer could check the latest states.
    5. Some of the forms need the approval from the manager, then to Lab.  The issuer will receive the results in email from Lab within the ticket system. Do Not directly reply the email, just click the link on the footer of the email.
  12. Trouble-shoot & Fix the Computer Problems
    1. If users face any problems, they may call or issue ticket to Computer Lab for help.
    2. Computer Lab will solve the problems in 3 ways:
       1) Small problem: Computer Lab will try to solve by phone or by remote user's computer.
       2) Medium problem: Computer Lab will bring some tools and equipment to solve the problem.
       3) Big problem: Computer Lab will bring the PC/Mac back to fix.
    3. The time to fix will depend on the situation.  It may take few hours or few days.
    4. If there would be any files/data on the desktop, we will not responsible for them.
  13. Anti-Virus
    1. We installed the anti-virus to the Windows Clients.
    2. Even with the Anti-Virus installed and update regularly, we still can not 100% guaranty that no virus will effect us.
    3. For Virtual Windows Servers, we have firewalls as bridged to scan and filter.
    4. Mac users do not have Anti-Virus software installed because Mac has its own defender by normal updating.
  14. No Floppy Drives / Disks Allowed
    1. No floppy drives or disks are allowed to purchase and at all the workstations.
    2. Only some pointed workstations are allowed to use floppy for some special cases (i.e. HR).
    3. All of the floppy disks that Computer Lab has collected before are stored in a drawer with some dryers (deoxidised).
  15. USB Drive (Pen drive/Thumb drive)
    1. No USB drive is allowed for workstations, except for managers.
    2. If users may need USB drive to transfer data for auditors, customers, vendors or special cases, they need to request from Computer Lab and copy the data from Computer Lab.
    3. If auditor, customers or vendors need to use USB drive to transfer data to Supercomnet Group, the accompanied user should bring the USB drive to Computer Lab to transfer the data.
  16. Housekeeping the Data Servers
    1. Computer Lab will search any non-business pictures or files (funny, boring, sensitive and sexual related) from Servers from time to time, we will delete those pictures or files directly.
    2. We have set the storage limitation for all the users.
    3. All users have to do housekeeping from time to time.
  17. Data Backup
    Backup systems are designed to protect against data loss due to system failures or disasters.  We zip the data with password protected.
    1. We backup everything (almost everything) every working day from Servers to Backup Servers.  This is on-site backup.
    2. We will upload to Cloud (Dropbox) monthly.  This is off-site backup.
    3. The burned data in Blue-Ray and DVD-R discs are only until 2020-12.  After 2020, it is copied in HDDs.
    4. We will destroy the Blue-Ray and DVD discs after the retention years, according to ISO.
  18. Password's Length & Age
    1. All of the passwords (Windows, Mac, E-Mail, and ERP... etc.) will be renewed every 3 months.
    2. All the passwords are 5 lower letters + 1 number + 1 symbol + 3 upper letters= 10 characters.
  19. Digital Signature
    1. In the coming 21st Century, we are trying to do the Green environment.  To do that, we use Digital Signature with iPad for PDF on the App of Documents.  We expect to save some papers and time and other related sources/materials.
    2. Windows users to use Adobe Acrobat Reader to "sign" PDF with their saved signature(s).
    3. Mac users to use the build-in application, Preview, to "sign" PDF with their saved signature(s).
  20. Synology Chat
    1. Synology Chat (or just Chat) - to allow internal communication and attach files between PCs, Macs, iPads and iPhones.
    2. User can chat with files to one user or multi-users.
    3. User can modify or delete their Chats at anytime.
  21. Synology Drive for Single/Group/Department Sharing
    1. User can share the files to other user(s) or other department(s) between PCs, Macs, iPads and iPhones.
    2. The maximin size for each file is 100MB.
    3. Two-way sync or one-way upload/download to meet different collaboration needs.
  22. Printers
    1. For the purpose of future Green environment, we may not purchase new printers for users or replace the broken printers.  We encourage users to use our current systems and equipment to save, send or pass the internal information, do not print any if possible.
    2. If there would be any problems for printer, Computer Lab will try to fix it.
    3. Currently we only allow users to print documents that are for outside and some formal documents (i.e. Invoices, DO, production testing reports... etc.).
  23. Security and Traceability of Applications after each month (depends....)
    1. For security seasons and to avoid unneeded “surprises”, Lab will export the system logs from our software of the last month to PDF and send to all related departments' head/manager.  All departments’ head/manager will need to sign the system logs to confirm all the events happened are all correct.  This is to check and ensure that everything was working correctly as it should be.
    2. The names of the software:
    - E-Soft (Payroll, e-HR)
    - ERP
  24. Business Continuity Plan / Disaster Recovery Plan
    1. High Heat/Fire
    Prevent Plan:
    - The server room is with 2 air conditioners rotate switched on and one humidity machine, to keep the temperature in the server room between 18°C to 27°C. With SMATRUL Tuya Wifi Temperature Humidity Sensor, it will record temperature hourly, 24/7 in the App.  It would trigger the alarm and send notification to App when it is out of range and we would adjust whatever that is needed.
    - The Fire Extinguisher is in the hallway.
    Emergency Plan:
    - If it was on fire, we would try to use the fire extinguisher to stop the fire.
    - If the fire burned too serious and data was gone, we could use the off-site backup - Cloud Data to restore the data.
    2. Blackout
    Prevent Plan:
    - We installed UPSs with all of our workstations and Servers, and also all of our switches. Each UPS is able to hold one Server or one workstation up to 10 minutes allowing the users to save their work and shut down.
    - We have batteries standby if any of the UPS’s battery is dead.
    Emergency Plan:
    - If the UPS(s) is dead, and if the department would urgently need to use data, use the power generator from Maintenance department to continue the Servers and other necessary workstations and equipment.
    3. Internet (Maxis ONEBusiness Fibre 800MB)
    Prevent Plan:
    - Maxis has provided 4G router for zero down time. We also have one UPS closed to TM modem (lobby).
    Emergency Plan:
    - If the Internet was down, we would use Maxis 4G router. However, the speed of the Internet would be slower and we would limit users to use Internet. VoIP (hunting line) and Mail Server would be first priority to use 4G router.
    4. Internet Telephone - VoIP
    Prevent Plan:
    - We use Server grade of UPS for VoIP system and PBX.
    Emergency Plan:
    - We could use the prepaid mobile phones.
    - People may use their own mobile phones and claim from account.
    5. Data Corrupted/Damaged
    Prevent Plan:
    - As mentioned on the above (Backup), we do backup everyday.
    Emergency Plan:
    - The only problem is, the Backup takes time (hours) to restore data to Servers.
  25. Before You Go Home
    1. Turn off the air conditioner.
    2. Turn off your computer, monitor, scanner, printer, UPS, and other devices.

@Designed by Mimi, Computer Lab

Created with Mobirise free theme