NexusJX Co., Ltd. Declares SECURITY ACTION “Two-Star”
NexusJX Inc. has declared “Two-Star” under SECURITY ACTION, a program operated by the Information-technology Promotion Agency, Japan (IPA). To clarify our fundamental approach to information security and our implementation policy, we have established and published our Information Security Policy, and we will continue to promote information security initiatives on an ongoing basis.
SECURITY ACTION Overview
“SECURITY ACTION” is a self-declaration program operated by the Information-technology Promotion Agency, Japan (IPA). Under the program, small and medium-sized enterprises declare that they will actively work on information security measures. There are two levels based on the company’s target level of commitment: “One-Star” and “Two-Star.”
“One-Star” Declaration
This declaration indicates that the company will work on the “Six Information Security Measures” described in the information security guidelines for small and medium-sized enterprises.
“Two-Star” Declaration
In addition to the One-Star initiatives, this declaration indicates that the company has completed the “5-Minute Information Security Self-Assessment” and has established and externally disclosed its Information Security Policy, thereby committing to further information security measures.
SECURITY ACTION helps companies demonstrate their information security initiatives externally, contributing to greater trust among users, business partners, and customers.
Background of the SECURITY ACTION “Two-Star” Declaration
NexusJX Inc. develops and operates “JobX,” a career experience app that enables users to experience a variety of professions in a game-like format. We also provide commissioned development services for Android and iOS applications. Through these businesses, we may handle information related to users, business partners, and other stakeholders. For this reason, we regard information security not merely as a technical measure, but as an important management priority for providing services that users can rely on with confidence. In recent years, information security risks—including cyberattacks, unauthorized access, information leaks, and incidents caused by human error—have continued to increase regardless of company size. In this environment, we have declared SECURITY ACTION “Two-Star” in order to properly protect our information assets and continuously review and improve our information security measures.
Our Main Initiatives
Based on our Information Security Policy, we will promote the following initiatives.
1. Management Responsibility
Under the leadership of management, we will promote information security measures in an organized and continuous manner, and strive to improve and enhance information security.
2. Establishment of an Internal Framework
We will establish the necessary management framework to maintain and improve information security. We will also define and appropriately operate rules regarding the handling of information assets, access control, account management, use of external services, incident response, and related matters.
3. Management of Information Assets
We will appropriately manage customer information, personal information, contract information, development materials, source code, authentication information, sales information, and other information assets handled in the course of business, and will strive to prevent unauthorized access, leakage, loss, falsification, destruction, and similar risks.
4. Efforts by Employees and Related Parties
Our officers, employees, contractors, and others involved in our business will acquire the knowledge necessary for information security and handle information assets appropriately. We will also work to raise awareness of information security and reliably implement measures in daily operations.
5. Implementation of Technical Measures
For devices, software, cloud services, networks, and other systems we use, we will work to reduce information security risks by implementing antivirus measures, software updates, vulnerability response, backups, use of multi-factor authentication, and access permission management.
6. Management of Contractors and External Services
When using subcontractors, external partners, cloud services, and similar resources, we will consider information security risks and conduct appropriate selection and management. We will also review contracts and terms of use as necessary and strive to protect information assets.
7. Compliance with Laws and Contractual Requirements
We will comply with laws, regulations, standards, guidelines, and contractual obligations related to information security. Personal information will be handled appropriately in accordance with laws and regulations concerning the protection of personal information.
8. Response to Violations and Incidents
If any violation of information security-related laws or contracts, information leak, unauthorized access, or other incident—or the risk of such an incident—occurs, we will promptly assess the situation and work to prevent the spread of damage, investigate the cause, and prevent recurrence. We will also report appropriately to relevant parties and authorities as necessary.
9. Continuous Improvement
We will periodically review the status of our information security measures and continuously review and improve this policy and related measures in response to changes in the business environment, technology trends, laws and regulations, and risk landscape.
Looking Ahead
Through the development and operation of our own services, including “JobX,” as well as our app development business, NexusJX Inc. aims to provide services that users and business partners can use with confidence. We will continue to strengthen the appropriate management of information assets and ongoing security measures based on our Information Security Policy.
Related Links
Inquiries
For inquiries regarding this matter, please contact us through our inquiry form.