Website Information Security Management System

Website Information Security Management System

Information Release Registration System

1. . When connecting to the information source, implement security protection technical measures to ensure the safe operation of this network. All-in-one information security;
2. . Our company accesses the system via virtual hosting, so it’s important to properly configure user permission settings. It does not have operational permissions to access directories other than its own information directory.
3. Register and archive the departments and individuals who have entrusted us with the publication of information.
4. The information provided by the source department shall be reviewed to ensure that it does not contain any content that violates the “Administrative Measures for the Security Protection of International Connection of Computer Information Networks.”
5. . It was found that there was a violation of the “Administrative Measures for the Security Protection of International Internet Access via Computer Information Networks.” In the event of an incident, the relevant original records shall be retained and reported to the local public security authorities within twenty-four hours. Announcement.

Information Content Review System

1 We must rigorously implement information release review and management procedures to prevent violations of the “Computer Information…” Network International Internet Connection Security Protection The situation described in the “Management Measures” has arisen.

2 Carefully review the information provided by the source departments that publish information on this website. It must not endanger national security, leak state secrets, or infringe upon the interests of the state, society, or collectives. The content concerning interests and the legitimate rights and interests of citizens appears.

3 Establish a comprehensive review and inspection system for sections where public statements are posted, such as news bulletin boards. The system, and conduct regular inspections to prevent violations of the “Regulations on Security Protection for International Connection of Computer Information Networks.” The remarks in the "Regulations" have emerged.

4 Once information listed below is discovered on this website being created, copied, accessed, and disseminated by users:

1. . Inciting resistance to, and undermining the implementation of, the Constitution, laws, and administrative regulations.
2. .煽动颠覆国家政权，推翻社会主义制度
3. . Inciting secession and undermining national unity.
4. . Inciting ethnic hatred, ethnic discrimination, and undermining ethnic unity.
5. Fabricating or distorting facts, spreading rumors, and disrupting social order.
6. . Promoting feudal superstition, obscenity, pornography, gambling, violence, murder, terrorism, and cults. Inciting crime
7. . Openly insulting others or fabricating facts to defame others.
8. . Damage the credibility of state organs
9. . Other violations of the Constitution, laws, and administrative regulations In accordance with relevant national regulations, delete the addresses and directories containing the aforementioned content from this network, or shut down the website. Also, retain the original records and report to the local public security authorities within twenty-four hours.

Information Monitoring, Retention, Erasure, and Backup System

To promote the healthy, secure, efficient application and development of the company’s website, and to safeguard national and social interests. Ensure stability and prevent all kinds of illegal and criminal activities from occurring, in accordance with the “Computer Information Network” regulations. In accordance with the provisions of the “Administrative Measures for the Protection of International Internet Security,” this system is hereby established:

1. This policy applies to information published on this website as well as to information posted on the website by department personnel.

2. Strictly enforce the information security regulations formulated by the national and local authorities.

3. Information published on this website itself must be carefully reviewed to ensure that content implying the following behaviors is strictly prohibited:

(1) Inciting resistance to, or undermining the implementation of, the Constitution, laws, and administrative regulations;

(2) 煽动颠覆国家政权，推翻社会主义制度；

(3) Inciting secession and undermining national unity;

(4) Inciting ethnic hatred, ethnic discrimination, or undermining ethnic unity;

(5) Fabricating or distorting facts, spreading rumors, and disrupting social order;

(6) Promoting feudal superstition, obscenity, pornography, gambling, violence, murder, and terrorism, Inciting crime;

(7) Openly insulting others or fabricating facts to defame them;

(8) Damage the credibility of state organs;

(9) Other violations of the Constitution, laws, and administrative regulations.

1. Website personnel must cite the source when quoting information from others.
2. Website personnel must first undergo procedural verification before publishing any information, and their published content... It is permissible to conduct inspections, filtering, and restrictions. If other websites are found to contain harmful or undesirable information, You should proactively report it.
3. Website personnel must conduct daily manual checks when publishing information.
4. The website information database must be updated every... 7 Daily backup 1 Next, and it should be ensured that 30 Ten-day deadline Data query within.

Virus Detection and Cybersecurity Vulnerability Detection System

To ensure the normal operation of the company’s website and prevent various viruses and hacking software from affecting our company, To minimize losses caused by threats posed by networked master systems, this system is hereby established:

1. Each connected department’s computers should be equipped with antivirus software, anti-hacking software, and garbage disposal tools. Spam removal software, with regular software updates.
2. It is strictly prohibited to install virus software or hacking software on computers in all connected departments. Attack other networked hosts; strictly prohibited is the dissemination of hacking software and viruses.
3. The network management center should regularly release virus information and conduct scans to detect viruses and security vulnerabilities within the website. Cavities, and take necessary measures to prevent and treat them.
4. The primary server located within the leased server or storage space should be equipped with a firewall. Systematically strengthen cybersecurity management.
5. The network management center conducts regular checks on network security and virus detection, and identifies any issues that arise. Handle it promptly.

Reporting System for Illegal Cases and Assistance in Investigation and Prosecution

1 Each user of the access terminals shall consciously abide by network regulations and is strictly prohibited from using computers to... Acts of illegal and criminal behavior.

2 Regarding computer-related illegal and criminal activities occurring within this unit, the network security administrator or the issuer... The personnel on site should promptly intervene and immediately report to the network management center, while also ensuring proper system maintenance. Nursing care.

3 As for the attacks they have experienced, each access terminal user should also report them to the network management system. Focus on the core center while also ensuring thorough system protection.

4 Each user of the access terminals is obligated to cooperate with the company’s network management center and their superior supervisory authorities.

Supervise and inspect the doors, and actively cooperate in investigating and handling illegal and criminal incidents.

5 The network management center should promptly keep track of any instances of online illegal activities committed by users of access terminals within the company’s network. And regularly report to the network supervisor and higher-level authorities, and shall also assist the competent authorities. Do a good job of investigation and enforcement.

Website Account Registration and Operation Permission Management System

1 Any individual meeting the eligibility requirements must first submit an application to the company and complete the required information. Only after approval can they become a website user.

2 Users of websites that have already been built and put into use may, for various reasons, request the administrator in writing to suspend or temporarily interrupt their network user services. The duration of the suspension shall be determined by the respective departments concerned based on applicable regulations and actual circumstances.

3 Any account user enjoys completely equal rights to network access. This right is not affected by the creation of the account. It varies depending on the timing of establishment and the order in which networks are connected.

4 No user shall privately steal another person’s internet account.

5 For server systems and various network devices, regular backups should be performed to ensure that... It can be promptly restored when a system failure occurs.

Job Responsibilities of Safety Management Personnel

1 According to the information center’s regulations regarding computer and network operations, the company’s computers and networks… Use of the network system Conduct standardization Implement standardized management and promptly put a stop to any violations.

2 Perform daily maintenance on computer and company network systems, and conduct regular inspections of network equipment. Carry out inspection and security prevention work to ensure the network remains unimpeded.

3 Diligently perform data logging, secure backups, and user management for computer and network systems. Perform technical work to ensure the accuracy and authenticity of various operational data records. Temporal 。

4 Provide technical support for the company’s work on information networks and ensure the company… Computer Environmental requirements for the secure operation of network devices.

5 — Ensure the company's internal network and... Internet Monitor the access status and promptly provide information to the network administrators at the relevant information centers.

6 According to the company’s management philosophy, plan and design... Making and Manage the company’s website, responsible for information publication and daily maintenance of the company’s website.

7 Timely collect dynamic information from both inside and outside the company, and promote the company’s achievements through the company website. The various achievements will expand the company's influence.

8 Provide technical support to help company employees effectively utilize website resources.

9 Responsible for the security protection and operational monitoring of the company’s website, and ensuring the proper management of website operational data. Record and securely back up data, and promptly provide information to the relevant information centers.

Emergency Response Mechanism and Procedures for Sudden Events

1. For the setup and modification of website systems and various network devices, proper registration and filing procedures shall be carried out.
2. Carry out backup work as required and cooperate with various security inspections. Once you encounter any inappropriate information, Average In accordance with relevant national regulations, delete the addresses and directories on this network that contain the aforementioned content, and... Retain the original records and report to the Cyber Monitoring Division of the Municipal Public Security Bureau within twenty-four hours.

Zhejiang Fengli Intelligent Technology Co., Ltd.

April 20, 2018