Security Overview 安全概況
HARCAI LLC applies minimal yet rigorous safeguards while the platform is in pre-release. We document every control here and update this page as defenses mature. 在產品封測期間,HARCAI LLC 以簡潔但嚴謹的方式布建資安防護。所有控管措施都公開於此,並會隨著防禦成熟持續更新。
Encrypted transport 加密傳輸
harcai.com is served exclusively over HTTPS with HSTS enabled. Certificates are managed through automated renewal and monitored for expiry. harcai.com 全站強制 HTTPS 並啟用 HSTS,憑證採自動續約並監測有效期限。
Data access limits 資料存取限制
Waitlist records are stored in segregated databases with role-based access. Only designated team members handling onboarding can view submissions. 等候名單資料存放於隔離的資料庫,採角色權限控管,僅負責導入的指定團隊成員得以檢視。
Monitoring & logging 監控與記錄
Access logs, authentication attempts, and form submissions are retained for at least 90 days. Anomalies trigger manual review. 存取紀錄、驗證嘗試與表單提交至少保留 90 天,如有異常會啟動人工審查。
Email security 郵件安全
SPF, DKIM, and DMARC are configured for harcai.com domains to protect outbound messages and verify inbound communications. harcai.com 網域已設定 SPF、DKIM 與 DMARC,以保護外寄郵件並驗證來信。
Incident response 事故應變
Report suspected security issues to [email protected]. We acknowledge within two business days and document remediation steps. 若發現資安問題,請通知 [email protected]。我們會在兩個工作天內回覆並記錄處置流程。
Future enhancements 未來強化項目
- Automated penetration testing as the platform approaches beta. 在接近 Beta 階段時導入自動化滲透測試。
- Expanded audit trails covering agent actions and human approvals. 擴充代理操作與人工核可的稽核軌跡。