Security Policy

Information security basic policy

Digital Arts Inc. (hereinafter referred to as "the Company"), which operates in the field of information security, has a social responsibility to contribute to the improvement of information security by providing products and services to customers, as well as its own information security. Futhermore,recognizing that those are important to ensure sufficient safety and reliability, the basic policy for information security is shown below.

  • We will fulfill our contractual responsibilities while complying with laws, regulations and norms related to information security and information processing.
  • We appoint a person responsible for managing information and assets related to information, and clarify our responsibility for information security.
  • We analyze and evaluate the risk of assets, determine controls to manage risk appropriately, and establish procedures for implementing these.
  • We regularly implement information security education and training for employees and measures to raise awareness, and require them to carry out their daily work with an awareness of security.
  • We will establish a response system in the event of an information security accident.
  • We will deal with violations related to information security in accordance with laws and internal rules.
  • We have a business continuity plan to deal with business interruptions caused by disasters.
  • We strive to continuously improve our information security efforts.

March 18, 2020
Digital Arts Inc.
Representative Director, President and CEO
Toshio Dogu

Cloud security basic policy

The Company's cloud services are provided while forming a comprehensive supply chain that utilizes the cloud services of other companies while providing us as a service provider. As a company that "contributes to a more convenient, more comfortable, and safer Internet life," we will provide services while managing information security risks in this supply chain and taking appropriate measures. The basic cloud security policy for that purpose is shown here.The "Cloud Security Basic Policy" is a subordinate policy of the "Information Security Basic Policy".

  • We define information security requirements to be applied to the design and implementation of cloud services, and develop and provide services. In addition, we will evaluate whether the cloud services we use meet our information security requirements, and then select and use the appropriate cloud services. This evaluation is carried out on a regular basis.
  • We evaluate information security risks related to cloud services and conduct risk assessments on a regular basis. In addition, based on the results, we will implement appropriate information security measures.
  • We appropriately manage the information (including cloud service customer data and cloud service derivative data) stored on the cloud services we use and their related assets as information assets.
  • We will disclose the contact system in the event of a cloud service incident to cloud service customers. In addition, if an incident occurs, we will take prompt action and take corrective action.
  • We identify and properly manage legal requirements (applicable laws, contractual requirements) specific to cloud services.

October 18, 2020
Digital Arts Inc.
Representative Director, President and CEO
Toshio Dogu

About Information Security Management System (ISMS)

We have acquired "ISO / IEC 27001: 2013" certification from March 18, 2020. Regarding the information security of cloud services, we have acquired "ISO / IEC 27017: 2015" certification for the services listed in the table below as of November 26, 2020.

ISO27001
ISO27017
Coverage: Development department ( iFBC / i-FILTER Section、FinalCode Section、newproduct Section、ServiceOperation Section )

Authentication registration summary

Management standard ISO/IEC 27001:2013 JIS Q 27001:2014
Authentication registration number MSA-IS-427
Scope Digital Arts Inc.
  • The planning and development of information security software and appliance products
  • The planning, development, operation and maintenance of information security cloud services
Statement of Applicability version 5.0,approved 12.12.2023
First registration date March 18, 2020
Certification body Management System Assessment Center Co.,Ltd.
Management standard JIP-ISMS517-1.0 (ISO/IEC27017:2015 JIS Q 27017:2016)
Authentication registration number MSA-IS-427-CL
Scope
  1. ISMS cloud security management system related to system planning, development, operation and maintenance as a cloud service provider related to the provision of i-FILTER browser & cloud, m-FILTER MailAdviser (Microsoft 365 version), StartIn, f-FILTER, and use as a cloud service customer of Amazon Web Services
  2. ISMS cloud security management system related to system planning, development, operation and maintenance as a cloud service provider related to the provision of DigitalArts@Cloud, and use as a cloud service customer of Amazon Web Services and SmartConnect Cloud Platform
  3. ISMS cloud security management system related to system planning, development, operation and maintenance as a cloud service provider related to the provision of Desk series, and use as a cloud service customer of Amazon Web Services and Oracle Cloud Infrastructure
Statement of Applicability version 5.0,approved 12.12.2023
Coverage Development Department
(iFBC/i-FILTER Section、FinalCode Section、New Product Section、Service Operation Section)
First registration date November 26, 2020
Certification body Management System Assessment Center Co.,Ltd.