This page explains MiiTel's operation environment and security measures.

1. Data breach prevention

Encryption

• All transmission between the customers' environment and RevComm will be encrypted by TLS 1.2.
• The database and storage are encrypted and stored using the encryption system of AES 256 and higher.

Security measures

• We perform third-party vulnerability checks on our web apps and have installed WAF (Web Application Firewall) to protect against all cyber attacks by leveraging the vulnerability.

Login restrictions

• IP address range restrictions can be set by the access requestor's IP address.
• If you get the password wrong consecutively, your account will be locked temporarily.
• We are responding to the single sign-on (SSO) with SAML and OIDC.

Training and auditing

• We regularly conduct internal audits by external consultants.
• We conduct security training programs (e-learning) constantly for all employees.

2. Data integrity and protection

Backup

• The system is configured to restore the data from the point where the backup was performed before the system failure.
• We have two backup systems deployed in case of human errors.
• We operate by duplicating the data in multiple data centers. All data centers are in Kanto area.

Redundancy

• All servers are operated with redundancy, as our service can continue to be used even in the event of system failure caused by hardware or other reasons.

Data storage period

• After you cancel MiiTel services, we will physically delete your data within one month of the expiration of the data browsing period in accordance to your contract.
• We will delete phone numbers, call times, and other data within one month after the above.
• However, the above does not apply to cases of business reasons, such as billing, abuse, or complaint issues. Feel free to contact us for more details.

Operation Log

• For Login, User Management, Group Management, and Security Settings, the history of creating, modifying, and deleting the data can be checked in MiiTel Analytics' Audit log.

Malware Protection

• All files uploaded by customers and by the API are scanned by anti-virus software.

3. Services and support structure

Service delivery time

• 24 hours a day, 365 days a year (excl. suspension of service from planned and scheduled maintenances)

Support hours

• Weekdays 9:00 - 19:00 (JST)
• Any issues that occur outside of support hours will be handled on the next business day.

System maintenance

• System maintenance will be done outside support hours. When the system maintenance is scheduled, we will email you twice (the week before and the day before).

Failure updates

• You can check updates about service failure in MiiTel Status.

Release updates

• You can check the release updates in Release Note.
• We will also provide updates on major changes to the service, integration with external services, and end of service for features through the website  at least one month in advance.

How to report to our team

• Please contact support@revcomm.co.jp.

Our operation percentage goal

• 99.9 % (excl. suspension of service from planned and scheduled maintenance. Failures caused by the customer's network environment are not included in the total service failure time.)

4. Cooperation with external organizations

Obtaining third-party certifications

• RevComm Inc. (Japan) are certified for the Information Security Management System (ISMS, ISO/IEC 27001).
  • Certification number: JP19/080577
• PT. RevComm APAC Indonesia are certified for the Information Security Management System (ISMS, ISO/IEC 27001:2022).
  • Certification number: 627612
• We have been granted the Privacy Mark.
  • Registration number: No. 17003754(01)

Collecting vulnerability information

• We have a system that automatically collects and notifies vulnerability information announced by JPCERT/CC.

Vulnerability assessment by external organizations

• Vulnerability assessment by an external organization is constantly performed.