■ Network Security
For certain tools that require special security measures, we implement a closed network environment using VPN and restrict access based on the source IP addresses.
■ Account Security
User IDs are issued on a principle of one per person, and we do not share user IDs.
The issuance of production management accounts and authorization of permissions are executed only with the approval of the Information Security Officer, and we conduct regular reviews of accounts and permissions.
Two-factor authentication is required when accessing the production infrastructure environment, and all operation commands on the production infrastructure are recorded and monitored.
When issuing various management accounts, we require and enforce password policies that comply with NIST SP 800-63B as specified in our Information Security Handbook.
Note: As the Ministry of Internal Affairs and Communications has indicated that periodic password changes are unnecessary, we do not implement periodic password change requirements.
http://www.soumu.go.jp/main_sosiki/joho_tsusin/security/business/staff/01.html