Last Updated: July 17th, 2025 at 1:40:16 AM GMT+9
Welcome to eSolia on GitHub. We're a Tokyo-based IT management consultancy, and we're glad you're here. We are a security conscious company, incorporating ISO 27001 good practices in our work, including software development.
Specifically, the following are the requirements mandated in ISO 27001:2022 Annex A Control 8.25 as "rules for the secure development of software and systems", and how we address them.
| Requirement | Actions |
|---|---|
| 1. Keeping development, testing, and production environments separate. | For typical jamstack websites (most of our sites), development refers to the developer's local environment, testing refers to a protected branch published for the client to review, and production is the published website. In the case of our PROdb cloud database, it is possible to make a combined dev and test environment, which is separate from production, then merge it to production when approved. |
| 2. Offering guidance on security in the software development life cycle, in terms of general methodology and languages use. | We handle this via SOP. |
| 3. Implementing security requirements during the specification and design phases. | Every project considers and specifies security during initial projects, or changes. |
| 4. Developing and using security checkpoints in projects. | We establish the basic security framework for a project in the specification phase, develop per the basic guideline established in the spec, then finally report how the project has implemented security. |
| 5. Engaging in security and system testing. | For most website projects, security scanning entails checking security headers are in place. For cloud database projects, the platform vendor is running basic security penetration tests regularly, and we check relevant security areas at every step, in specific configuration areas such as table, view, form security. |
| 6. Establishing secure repositories for storing source codes and configurations. | Only permitted personnel have write permissions (commit or merge access) to repositories. |
| 7. Ensuring security in version control during change management. | Change management process considers version control security. |
| 8. Ensuring all personnel involved in development have the required application security knowledge. | We are engaged in an ongoing effort to develop this knowledge. |
| 9. Ensuring developers have the capacity to recognise and avert security flaws. | We take care to understand security and the lack thereof, within the websites we develop and the apps we configure. |
| 10. Adhering to licensing requirements. | We are aware of licensing and adhere to all requirements. |
- 📣 New Blog Post What should you do if your laptop gets wet? With all the rain this season, it's good to know the do's and don'ts of emergency response. Written from an IT support perspective 👉 Read the article here: https://blog.esolia.pro/en/posts/20250716-when-your-pc-gets-soaked-en/
- 📣 New Blog Post ノートPCが水に濡れた!そんなとき、まず何をすればいい? 雨が多いこの時期に知っておきたい、応急処置とNG行動をまとめました。 ITサポート目線で解説してます👉 記事はこちらから https://blog.esolia.pro/posts/20250716-pc%E3%81%8C%E6%B0%B4%E6%B2%A1%E3%81%97%E3%81%9F%E3%81%A8%E3%81%8D-ja/ #梅雨対策 #PC水没 #応急処置
- 📣 New Blog Post Is your company's migration to SharePoint Online going smoothly? "We can't open the file..." — We're sharing common issues like this and how to solve them in a two-part series! This week, Part 2 is now available! Check out the article here: https://blog.esolia.pro/en/posts/20250709-sharepoint-online-post-migration-problems-solutions-part-2-en/
| Item | Value |
|---|---|
| Repo Total Files | 1 |
| Repo Size in MB | 149 |
| Lume Version | v2.4.2 |
| Deno Version | 2.4.2 |
| V8 Version | 13.7.152.14-rusty |
| Typescript Version | 5.8.3 |
| Timezone | Asia/Tokyo |
We're generating this readme using the Lume static site generator from within the eSolia .github repository. See this page for details to get your own dynamic readme!
