MiiTel's Operating Environment and Security Policy

This page introduces the security measures MiiTel is taking and the environment in which we are operating to ensure that all customers can use our services with confidence.

Contents

1. Information Leakage Countermeasures

2. Data Preservation and Protection
3. Service Offerings and Support
4. Cooperation with external organizations

1. Measures against information leakage

Encryption

  • All communication between your environment and ours will be encrypted by TLS 1.2.
  • The database and storage are encrypted and stored using AES 256 or higher encryption method.

Security measures

  • We perform third-party vulnerability checks on our web applications and have installed a WAF (Web Application Firewall) to protect against attacks that exploit vulnerabilities
  • .

Login Restrictions

  • You can restrict the access source by the access source IP address.
  • If the password is wrong multiple times in a row, the account will be locked temporarily.

Training and Auditing

.
  • We conduct internal audits by external consultants on a regular basis.
  • We conduct regular security training (e-learning) for all employees.

2. Data Preservation and Protection

Backup

  • The system is configured to be able to restore the data to the point where the backup was taken before the failure occurred.
  • In case of human error, we have two backup systems.
  • We duplicate our data in multiple data centers in Kanto area.

Redundancy

  • All servers are operated with redundancy, so that the service can be continued even in the event of a failure caused by hardware or other factors.

Data retention period

  • After you declare your cancellation, we will perform a physical deletion of your data within one month after the expiration of the data viewing period based on your contract.
  • Physical deletion will be carried out within three months after the above for the phone number and call time.
  • However, the above does not apply to cases where there is a business reason, such as billing, abuse, or complaint handling.

Operation Log

  • For "Login", "User Management", "Group Management" and "Security Settings" actions, the creation, modification and deletion history is stored in MiiTel Analytics' operation log.

3. Service Offerings and Support Structure

.

Service Delivery Time

  • 24 hours a day, 365 days a year (excluding planned and scheduled maintenance outages)

Support Hours

  • Weekdays 9:00-19:00 (Japan time)
  • In principle, any problems that occur outside of support hours will be handled on the next business day.

Maintenance work

  • Basically, the maintenance work will be done outside of the above support hours. In case of maintenance work, we will notify you twice a week before and the day before via email.
.

Outage Information

Release Information

  • Release Notes for your reference.
  • We will announce major changes to the service, major changes to features that affect integration with external services, and feature retirements on the website and via email at least one month in advance.

How to report a bug

    Target Occupancy Rate

    • 99.9 % (excluding outages due to planned and scheduled maintenance) Outages caused by the customer's network environment are not included in the outage time)

    4. Cooperation with external organizations

    Obtaining Third Party Certification

    • We have acquired the Information Security Management System (ISMS, ISO/IEC 27001). Certification number: JP19/080577
    • .
    • We are a Privacy Mark certified company. Registration number: No. 17003754(01)

    Collection of vulnerability information

    • We have introduced a system to automatically collect and notify vulnerability information announced by JPCERT/CC.

    Vulnerability Assessment by a Third Party

  • Vulnerability assessment by a third party is conducted on a regular basis.

Was this article helpful?