Thinking about the security

Since the beginning of this year, there appear to have been many incidents, including ransomware attacks on companies such as Asahi and Askul, that could potentially bring corporate operations to a halt. As a company engaged in the development and operation of software, we continuously examine measures to prevent information leaks and to strengthen information security. I would like to introduce some of these initiatives. The following measures are extremely fundamental. If your company has not yet implemented such practices, we strongly encourage you to consider them.

【Company Measures】

Do not disclose the physical location of servers to employees.

Conduct regular unannounced security inspections.

Prohibit email attachments (this setting is available in most email systems).

Segment the internal network by completely separating business systems, internet access, and guest networks.

Physically block USB ports (configure them so that only keyboards and mice can be used).

Install biometric authentication-enabled login systems on all PCs.

Prepare two separate PCs per user: one dedicated to email and internet access, and another exclusively for internal LAN use.

Conduct regular social engineering training.

Embed decoy files as traps.

【Employee Measures】

Do not bring personal PCs into the workplace.

Do not bring personal mobile phones into the workplace.

Do not bring USB flash drives into the office.

Do not use Google Drive or Dropbox.

Do not store information on local PCs. Store all information on the server.

【Software Measures】

Implement two-step password authentication. Send the second password to the registered email address every morning.

Add a file copy detection function.

Add a screenshot detection function.

Add a camera usage detection function.

Add an abnormal behavior detection function.

Lock the PC immediately upon detection of suspicious behavior.