Our entire company has been working hard to protect private information with internal improvement, training, and operation. As a result, we have successfully passed the certifying audit for Privacy Mark by JIPDEC on April 20th, 2004, and started presenting the logo since May 10th of that year.
With the objective evaluation by a third-party as a springboard, we will promote further awareness and continuously improve our system to protect personal information.
The Room Access Control using a Contactless IC Card has been introduced in each business center. Each door is electrically locked and can be unlocked by waving the card to its card reader.
Central management screen allows access control according a position and his/her belonging department with ID card containing ID information of each card holder. In case if a card is lost or stolen, such card can be instantly disabled. Access to the management screen is limited and require special physical key for logon to the system.
Surveillance cameras are installed near the doors on each floor and are working 24x7. Video is recorded and is saved at a pre-defined period of time.
In addition to the entry control system mentioned above, fingerprint authentication, a kind of biometric authentication, is implemented for zones which require higher security. Only specific numbers of employees (approx. 2% of all the employees) are registered for access and access log is stored.
Our Navi-telephony terminals require an appropriate IC card to boot to show its logon screen, and allows operation only after entering the correct password there. Unlike magnetic cards, IC card is difficult to forge and it makes Navi-Telephony highly secure system.
As thin client terminals do not carry internal data storage such as hard disk drive, and do not support external storage such as USB devices either, it is well protected from unauthorized data export and/or intrusion with malicious programs/data. Some other advantages of thin client terminal include easy deployment/installation and ease in replacement in case of hardware failure.
Terminal servers, which drive thin client machines, database servers storing personal data, as well as all the core system are placed in data centers certified with ISMS. There are a total of 5 doors to go through the facility from the entrance to the racks of those servers. Among them are 2 doors with security guards and 2 more doors with biometric authentication thus making it difficult to reach without proper permission and practically impossible to bring something out of the facility. Only less than 1% of our employees are registered with the biometric authentication and without permission in advance it is impossible to access the data center.
Connection from the datacenter to Sapporo, Sendai, Osaka and Kushiro sites are wide-area Ethernet, while IP-VPN is deployed for connection to Iwamizawa and Tokyo. Firewalls are deployed between the datacenter and each sites to monitor network traffic. Restrictions to connect to internal network from outside the company is implemented and it is not possible to access the email servers and file servers from outside.
By restricting web access only to the domains required to perform one's duties, we prevent virus infection from the internet. Also, restriction to posting to internet bulletin board and blogs are enforced. In this way, we achieve prevention of unintended information leakage.