Beijing GreatWe Technology Development Co. Ltd

1. Overview
In recent years, with the spread and application of network system, increasingly more users have recognised the significance of data. Instead of network hardware, they find the most valuable possession of a company is the business data stored in network. However, data loss can be caused by many accidents, such as system crash, virus attack, human error, power failure, fire and accidental damage. Such loss would have many serious impacts on normal operation of daily business, such as business opportunity loss, dissatisfaction of customers, decrease in operating income and damage to corporate reputation. The security of electronically stored information is therefore gaining more attention. Different methods have been used to ensure data security, including multiple backups to prevent data from accidental loss, firewall to protect data from external attacks, anti-virus software to guard against virus damage and strict management system to avoid data leak.

Corporate data security is not simply the accumulation of devices and cannot be accomplished by mere firewall or IPS; similarly, security is not purely a technical issue and cannot be fulfilled by technical means alone. After considering all the factors mentioned above, GreatWe establishes a whole set of information security system from the two aspects of technical and management system.

2. Content
1. Company staff should always keep information safety in mind. Additionally, employers should take measures to guarantee information safety, including incorporating it into the employee assessment system and regarding it as an important reference for staff selection and promotion; raising the awareness and strengthening the training of it; ensuring it by effective control methods and technical support; implementing a valid reward and punishment system and relying on law support.

A. Law: Employees and third party co-operators are required to sign confidentiality agreements;

B. Reward and punishment: Employees who violate the information security strategy should be punished according to the severity of violation. The punishments include informed criticism, fine, pay cut and other measures;

C. Training and advocacy: New employees and third party co-operators should regularly learn the processes and requirements of information security policy;

D. Technical support: When leaving service, employees should hand in all the information involving company business, and give up the access rights to all systems;

E. Assessment: The information security should be incorporated into the employee assessment system and regarded as an important reference for staff selection and promotion.

2. After the establishment of management system, the technical methods are needed to implement and supervise this system. A comprehensive security system is needed to protect the commercial secrets from every aspect. GreatWe innovatively builds the corporate security platform from five security aspects, namely network, terminal, application, data and circumstance security, completely preventing security threats.

A. Network security

Targeting the growing network threats from viruses, hacker attacks and system vulnerabilities, the security solutions provided by GreatWe deploy high-performance security devices near the network borders and enhance the defence capability of security devices by integration and convergence, thus safeguard the network border to the maximum extent.

Internal network security has been the focus of network security construction. However, it is also a difficulty of security construction due to the pure Layer 2 switching environment, large quantity of nodes and complex node distribution. Based on the extensive experience in Ethernet security, GreatWe provides a large number of security features, safeguarding LAN against DDOS attacks, worms and IP masquerading.

B. Terminal security

(A) Terminal access security

The Endpoint Admission Defense (EAD) system of GreatWe checks the authentication of the users logging in intranet, restricting the casual use of illegal terminals and unauthorised external users.

(B) Port security

Taking out documentation by removable storage media is a major way of information leak. Therefore the information leak prevention of storage media and media information of PC terminal is a very important function. The third party waterbox can be used for storage media and media protection, including floppy disk memory, removable storage and CD-ROM protection. The removable storage mentioned above contains all removable storage devices of USB interface, including U disk and mobile hard disk. The best preventive effect can be achieved through port control of computer terminal over the ports which may cause leak.

C. Application Security
With the development of network, the popular applications based on internet such as QQ and email are vulnerable to the attacks from viruses and hackers, resulting in document leak. As for internet applications, GreatWe controls output devices and PCs and deploys applications to control gateway, preventing using the internet tools which may cause leak.

As for email, through deploying the email audit system, GreatWe filters the "sensitive words (words concerning touchy issues)" and key words in emails, or postpones email sending to wait for administrator approval. It is required to check the sender, time, theme, content and attachments of sent emails to ensure traceability. Once email has leaked, it can be traced back to the responsible person.

3. Features
1. The information security provided by GreatWe avoids data leak and ensures system safety. Multiple security and network monitoring and analysis can monitor the direction of data flow during data backup and network connection, detect illegal intrusion, interdict illegal network connection and prevent data leak;

2. With multiple permission management and certain permission to corresponding level, users need to access according to their permission. This method substantially strengthens the data security;

3. Custom encryption enables data encryption to change with the environment;

4. Our security monitors and supervises the use of network. The unique function of network security audit will implement a comprehensive analysis during data storage and backup, increasing the reliability of backup.

About Us	Solutions	Services	Products	Links
Why GreatWe Management team Management hierarchy Culture Milestones Honors Partners	Total Solution for Inform... Coal Industry Unified Inf... Coal Industry Supply and ... Middleware Solution ... IP Phone solution... Value-add Network Solutio... Machine Room Construction... More	IT planning services... system integration... Data Storage Service... Legacy systems transplant... Software custom R&D... IT O&M... Corporate Information Sec... More	Gadalin Master Data Manag... Galadin SMS... Enterprise Service Bus... Galadin Reporting Platfor... Galadin Contract Manageme... Galadin Integrated Coal S... Galadin Manufacturing Exe... More	SCIEG Digital Product Business Sunshine Project Sunshine consultation Downloads Service item Recruitment