High-tech products account for more than 30 percent of the total Taiwan’s export,high-tech sector apparently will keep providing Taiwan an engine for future growth and a model that is now being emulated by many Asian neighbors, it’s also facing new challenges in protecting intelligence information from competitors. Intelligence information is the most valuable resource of high-tech companies, it’s loss or compromise can destroy an organization, therefore, how to protect corporate information asset in current fierce competition arena is a top priority for many companies. The main purpose of this study is to search for the most suitable information security system and also the best practices from available documents and from author’s past experiences in Motorola Taiwan company, although there is no panacea for all the security problems in the internet age but if to start the efforts earlier to deal with an ever-increasingly complex set of problems systematically and to follow the best practices then it should be a great help for local companies to minimize potential security risks and maintain it’s future competitive advantages. On the premise of three most important security principles: Confidentiality, Integrity and Availability, the first suggested step in designing the information security system is to determine what are the company’s risk management issues and decide what level of vulnerability a company can afford, but the bottom line is that security must meet organization’s business objectives, and to ensure full supports from all employees’ compliance is definitely a key element to carry out information security system successfully. Security project should cover following processes: (1) Risk assessment; (2) Security Policy; (3) Appoint Security organization; (4) Security plan; (5) Security Implementation; (6) Awareness and Training; (7) Monitor, Feedback, Review and Adapt. and there are five main Security domains : (1)Physical Security; (2) Operational/Procedural Security; (3) Personnel Security; (4) System and Data Security; (5) Network Security. My report obtains following conclusions: (1) Security is vital in protecting company’s investment in technical and other resources, therefore, security should be treated as important as a part of company’s strategy rather than as a trifle afterthought , developing a security system should be within a well-defined and risk-based concept. (2) To bench mark the best practices of international companies of high-tech industry should be a suitable approach to save security developing cost and understand the future security trends. (3) To develop a security checkpoint list in each security process for use to monitor and control the compliance also to identify the threats and vulnerabilities should be the easiest and effective communication method with management levels and all employees. (4) Security is a continuous process and not an end product in itself, security should be reviewed at a regular intervals. (5) Only employees are aware of that security is organization’s first priority issue and hold them for responsibility and accountability then a successful security system can be guaranteed.