Last Updated: July 8th, 2025 at 1:39:10 AM GMT+9
Welcome to eSolia on GitHub. We're a Tokyo-based IT management consultancy, and we're glad you're here. We are a security conscious company, incorporating ISO 27001 good practices in our work, including software development.
Specifically, the following are the requirements mandated in ISO 27001:2022 Annex A Control 8.25 as "rules for the secure development of software and systems", and how we address them.
| Requirement | Actions |
|---|---|
| 1. Keeping development, testing, and production environments separate. | For typical jamstack websites (most of our sites), development refers to the developer's local environment, testing refers to a protected branch published for the client to review, and production is the published website. In the case of our PROdb cloud database, it is possible to make a combined dev and test environment, which is separate from production, then merge it to production when approved. |
| 2. Offering guidance on security in the software development life cycle, in terms of general methodology and languages use. | We handle this via SOP. |
| 3. Implementing security requirements during the specification and design phases. | Every project considers and specifies security during initial projects, or changes. |
| 4. Developing and using security checkpoints in projects. | We establish the basic security framework for a project in the specification phase, develop per the basic guideline established in the spec, then finally report how the project has implemented security. |
| 5. Engaging in security and system testing. | For most website projects, security scanning entails checking security headers are in place. For cloud database projects, the platform vendor is running basic security penetration tests regularly, and we check relevant security areas at every step, in specific configuration areas such as table, view, form security. |
| 6. Establishing secure repositories for storing source codes and configurations. | Only permitted personnel have write permissions (commit or merge access) to repositories. |
| 7. Ensuring security in version control during change management. | Change management process considers version control security. |
| 8. Ensuring all personnel involved in development have the required application security knowledge. | We are engaged in an ongoing effort to develop this knowledge. |
| 9. Ensuring developers have the capacity to recognise and avert security flaws. | We take care to understand security and the lack thereof, within the websites we develop and the apps we configure. |
| 10. Adhering to licensing requirements. | We are aware of licensing and adhere to all requirements. |
- 📣 New Blog Post Is your company’s SharePoint Online migration going smoothly? “We can’t open the files!” — Sound familiar? We’re tackling this common issue with a 2-part blog series on the causes and solutions. Check out Part 1 below: https://blog.esolia.pro/en/posts/20250702-sharepoint-online-post-migration-problems-solutions-en/ #MustReadForIT #Microsoft365
- 📣 New Blog Post 社内のSharePoint Online移行、トラブルなく進んでいますか? ファイルが開けない…そんな“あるある”トラブルの原因と解決法を【2週連続】でお届けします! 第1弾の記事はこちらから https://blog.esolia.pro/posts/20250702-sharepoint-online-%E7%A7%BB%E8%A1%8C%E5%BE%8C%E5%95%8F%E9%A1%8C%E5%8E%9F%E5%9B%A0%E3%81%A8%E5%AF%BE%E7%AD%96-ja/ #IT担当者必見 #Sharepoint #Microsoft365 #業務改善
- 📣 New Blog Post "Are you neglecting password reuse?" We've summarized 5 highly practical tips every IT professional should know to strengthen internal password management. Check out the article here: https://blog.esolia.pro/en/posts/20250623-how-to-strengthen-password-management-in-your-company-en/
| Item | Value |
|---|---|
| Repo Total Files | 1 |
| Repo Size in MB | 149 |
| Lume Version | v2.4.2 |
| Deno Version | 2.4.1 |
| V8 Version | 13.7.152.6-rusty |
| Typescript Version | 5.8.3 |
| Timezone | Asia/Tokyo |
We're generating this readme using the Lume static site generator from within the eSolia .github repository. See this page for details to get your own dynamic readme!
