Device and Office Security Procedure

All electronic devices inside the offices must be inventory-approved and defined devices by the Board.

Regardless of their position and title, all employees must follow necessary security procedures (such as face scanning, fingerprint) when entering office buildings.

Employees should not leave their devices unattended and unlocked in the offices.

All devices must use anti-virus software recommended by the Board, and operating system updates should be monitored.

The Board provides written information about measures and recovery scenarios for natural disaster threats, especially fire, in the offices.

In case of security concerns about devices to be used in the office, the Information Security Officer should be notified in writing (email).

Taking photographs, recording video or audio with any device inside the offices is prohibited.

R&D offices are closed to entry and visits except for their own personnel. There should be no exceptions to this restriction.

Ordered packages to offices must be received at the office door.

Visitor access to the office’s private network is prohibited.

Backup files containing sensitive data are saved in environments specified in relevant procedures. These files should not be downloaded to any device, including defined devices within the office.

It is prohibited to take defined devices outside the offices. For situations like repair and maintenance, if planned, notify the Board; if unplanned, notify the Information Security Officer.

Entry of undefined devices into offices is prohibited. In cases such as repair and maintenance, if devices need to be brought from outside the office, notify the Board if planned, otherwise notify the Information Security Officer.