Security

• Do you implement education and other measures related to cybersecurity personnel?
• How is security ensured for terminals used for maintenance as a service provider?
• System and Regulations for Information Security Policies
• Are you storing evidence and other materials necessary for investigations in preparation for security incidents?
• What happens to the information retained on the service when service use is terminated; is it properly discarded or returned?
• Are appropriate physical security measures implemented at the location where the system is installed?
• Where are the data centers located
• Is the Information Security Basic Policy defined and published?
• How are notifications sent for new feature releases, feature updates, and maintenance?
• Are vulnerability management processes and patch application frequencies defined?
• Is the communication using secure protocols and encrypted?
• Service availability rate and estimated time for recovery after a failure
• Does the company have public certifications (such as ISMS) from external organizations?
• Are you publicly sharing your security checklist?
• Security-related Initiatives: Is there any material available that provides an overview?
• How are you notified when a disability/incident occurs?
• Do you regularly perform service outages for maintenance?
• Does the Data Center meet the safety standards of FISC (Financial Information System Center)?
• Can we audit offices or data centers for new contracts or contract renewals?
• External Attacks (Unauthorized Access, DDoS Attacks, etc.): Have You Implemented Appropriate Countermeasures?
• Is periodic vulnerability diagnosis, etc., conducted by a third party?
• Content Created in Teachme Biz (Text, Images, Videos) - Is There a Risk of It Being Published or Used Without Permission?