About Us

TEL 03-3355-1168

Customer Confidentiality

Information security management

At SunFlare, we fully recognize the importance of maintaining the confidentiality of our customers’ information, both business and personal. Consequently, we take all possible measures to safeguard confidentiality.

1. Personnel measures

(1) Non-disclosure agreement

We begin a project only after all the parties involved have signed our non-disclosure agreement to ensure complete confidentiality.

(2) Confidentiality rules

We have created confidentiality rules governing the handling of confidential information that apply to both internal staff and external contractors. Compliance with these rules is required under our non-disclosure agreement. These rules define what constitutes confidential information and stipulate how such information is to be managed, what acts are prohibited, and the penalties that will be imposed if these rules are violated. They also describe the methods to be employed for sending, copying, transporting, storing, and disposing of such information.

(3) Employee training

We have created a booklet that describes our rules regarding the use of internal information systems, and we carry out training every year to ensure that all of our employees are aware of and comply with these rules.

(4) System administrators

Specialist staff at our affiliated company ANDROMETEC develop, implement, manage, and maintain our systems. A specialist network administrator checks the system log every day.

2. Technical measures

(1) ANDEX, SunFlare’s proprietary encrypted file exchange system

We use ANDEX, our proprietary encrypted file exchange system, to exchange confidential information. ANDEX uses Secure Socket Layer (SSL)—a technology commonly used to transmit credit card information—to encrypt data sent over communication pathways, and authenticates users by ID and password to ensure data is kept secure.

(2) Server access control

Access to the file server used to store data on the company premises is controlled by an authentication system for the management of IDs and passwords.

(3) Virus checking

We use centrally managed anti-virus software to check our servers and client PCs for viruses. Installed on dedicated servers, our anti-virus software downloads the latest virus patterns every day, while emergency virus patterns are downloaded as needed. Moreover, we use a separate gateway system to perform an additional virus check when sending and receiving e-mails, which is a time when systems are vulnerable to virus infection.

(4) Data backup

We back up all data on a tape drive late at night every Saturday, and make a differential backup of work data once a day from Monday to Friday. We store the tapes in a fireproof safe on a different floor to ensure that, should we need to perform a restore, we have point-in-time backups of all files for the preceding four weeks.

3. Physical measures

(1) Office access control

We employ an office access control system to ensure that unauthorized personnel cannot gain access to our office.

(2) Server room management

The temperature of the server room is regulated by a dedicated air-conditioner. The room is locked at all times and only the system administrator is allowed access.