IMPORTANCE

The protection of information against organizational risks

Apply the organizational information security policy to prevent unauthorized disclosure, disruption, access, use or modification of information assets.
INTRODUCTION

Security Policy

The Information Security Policy of MTI Technology conforms to security policies of MTI Group (a prestigious technology group in Japan with multiple domestic and international subsidiaries, including MTI Technology in Vietnam). We are proud to provide customers with diverse products and solutions that are safe, secure, and trusted.

Security Certificate

① ISMS (Information Security Management System) (ISO/IEC 27001:2013)

Security Policy
(Extracted)

  • Antivirus/Malware prevention.
  • Apply scheduler operating system security patch.
  • Only certificated PCs can access to internal network.
  • Guest and partner devices can access guest network only (which is separated from internal network). Guest WIFI password is regularly changed.
  • Employees only work with licensed software, or trial/demo software versions.
  • Prohibit the use of the software without working purposes.
  • Apply blacklist software.
  • Prohibit bringing personal computers into company. Taking office computers away only when working at home.
  • Prohibit bringing in storage devices such as USB, external disks, etc.
  • Apply security solutions from MTI's Security department
WorkshopImg

Environment security policy
(Extracted)

  • The main workplaces are in the company offices.
  • The remote workplaces are flexible but limited to employees' homes. Working in public places is not allowed. Using virtual private network (VPN) and multi-factor authentication (MFA) when working remotely is a must.

Physical security policy
(Extracted)

  • Employees use fingerprints and smart cards to access company with access logging history being stored.
  • Camera data was stored for a specified period.

Security training

  • Security policy training for all employees.
  • Security awareness training for all employees.
  • Professional training for technical experts.

Security Audit

  • Execute security internal audits.
  • Execute ISMS audits to maintain ISO/IEC 27001:2013 certificate
WorkshopImg