applippli’s security system

Microsoft AI Cloud Partner

applippli Co., Ltd. is a Microsoft partner company.

Microsoft azureのパートナー契約

IP address restrictions available [IP SETTING]
Passwords for users used by customers are not held [NoHoldPass]
User accounts are only for connecting to the cloud environment
Specification that does not allow any control within the cloud environment
*Resolved by using the functions of the Yayoi products you use within the cloud environment
*Account additions and deletions will be handled by our company upon request (no privilege management) [USERS CHANGE]
No provision of a multi-tenant cloud environment (logical separation)

Development in accordance with development guidelines from trusted organizations such as CERT, OWASP, SANS, and IPA
Perform vulnerability assessments and penetration tests on a regular basis (at least once a year)

Implement operation monitoring/configuration management/change management/malware countermeasures/vulnerability management/time synchronization
*Implement measures according to the severity of vulnerabilities when they are discovered
*Stopping of unnecessary services and closing of unnecessary ports
Service continuity plan complies with ISMS (ISO27001:2022)
Document management complies with ISMS (ISO27001:2022)

Complies with Microsoft Azure
*All communications from client to cloud are encrypted
*Maintenance and management of encryption keys by Microsoft
Complete data erasure when service ends

The management system and training are in compliance with Microsoft/ISMS (ISO27001:2022)

*Data center: Disaster prevention measures/Entrance/exit restrictions/Entrance/exit record management/Work management (monitoring)