Security Policy

XBOARD has following policies to ensure site security. We're taking various measures to protect customers data and prevent malicious attacks from the outside.

Data Management

All data is stored and managed by Amazon Web Service(AWS) Tokyo/Osaka region. Amazon S3 is used for storage and is designed to ensure 99.999999999% durability. This means the probability of losing data is extremely low.

Refer to the Amazon S3 official site for details.

All data stored in our databases is replicated in real time and stored in multiple servers. In case failures occur on the active server, the system will initiate an automatic switchover to a reduntdant server, thus providing users with continued access to the site. To prepare for system failure, we carry out database switchover tests including failover/failback testing on a regular basis.

Unauthorized Access

Once authentication fails over a certain number of times, we'll lock the corresponding account immediately and prohibit any unauthorized access. All connections on this site are https encrypted. This site is designed to remain encrypted at all times even if accessed by http.

Remote access to our server is strictly managed to only allow connections from our office network environments. Logins are only allowed by our operation team members. We set continuous monitoring systems to monitor unauthorized access to our server.

For unauthorized-access/anti-virus measures, Intrusion Detection Service (IDS)/Intrusion Prevention Service(IPS) has been installed. When a virus file is detected, the system will delete/disable it in real-time while sending an alert to the system administrator. Additionally, we are always monitoring logs and files to ensure no malware has been installed.

Vulnerability Countermeasures

We're regularly testing our site security with vulnerability diagnostic tools. Our system meets the required security standards to withstand hundreds of thousands of attacks. If any high risk vulnerabilities are found, we will promptly fix the program.

Security patches are rapidly applied based on the reports from our company's security division. amana Inc., service management company has acquired ISO/IEC27001:2013 certification, the international standard for information security management systems.

Refer to amana Inc. security policy for details.

Data Backup

We retain the media files (still images, videos, Office files, etc.) of generations from the past seven days. Our database is backed up three times a day, and the backup files are stored in a separate storage system. Users can also back up data by themselves using the XBOARD API (paid plan).

User Support

Upon the conclusion of the contract, we will set up a help desk to respond to questions by email or phone. For inquiries or consultations about our service, please contact us using the inquiry form. We will respond to your inquiry within business hours.