39 CORPORATE GOVERNANCE ENRA GROUP BERHAD ANNUAL REPORT 2023 • Microsoft One Drive ENRA shifted over the traditional server-based shared folder to Microsoft One Drive Solutions. • Microsoft SharePoint Introduced Microsoft SharePoint Collaboration for staff and department working portal. vi. Cloud antivirus ENRA continued to subscribe to PANDA ADAPTIVE 360 Antivirus for all its computers to protect from spam, virus and malware. The installation of the antivirus software is done remotely. b. IT policy and procedures Some of our IT policies and procedures that are currently in place include: i. New joiner policy Group HCA will notify Group IT at least two weeks before the start date of new staff to prepare a new computer, e-mail, One Drive account and IT-related items. The same policy applies when there is a separation of staff. ii. Centralised procurement policy for the entire Group to standardise equipment and systems brand, model, solutions, etc. iii. Implemented Group Policy Object (GPO) on all company computers to control the computer settings. iv. No users/staff can install software without the knowledge of Group IT. Access to the computer is limited with an Administrator Password. c. Cyber security The cyber security features and controls include on-premises data privacy and protection, internet & network security, and backup & disaster recovery of ENRA’s systems and infrastructure. These are protected with the expertise of our Group IT which oversees all of our IT assets across companies in the Group and multiple locations including Myanmar. The control and monitoring processes include: i. Strict adherence to Group IT standard operating procedures and manual; ii. Multiple-interval daily data backups; iii. Interconnecting all branches’ office networking & infrastructure with headquarters for remote monitoring and technical support; iv. Standardising the use of Microsoft Windows operating systems, and business-approved type of applications such as Microsoft Teams, BASSnet CMMS, TeamViewer and SQL Accounting; v. Standardising the use of laptops and desktops within the Group; vi. Restriction of access to certain internet sites that are susceptible to scams, phishing, cyberattacks and security breaches; vii. Prompt alerts and warnings from Group IT on suspicious e-mails; viii. Segregation of WI-FI access for visitors that require registration to facilitate monitoring; ix. Application of up-to-date virus protection programs; Sustainability Report (Cont’d)
RkJQdWJsaXNoZXIy NDgzMzc=