AIZOTH Inc. provides Multi-Sigma® with security measures compliant with international standards.
Security of the Multi-Sigma® Platform
The AI analytics platform Multi-Sigma®, developed and provided by AIZOTH Inc., is software built on the globally proven Google Cloud Infrastructure. The cloud services which AIZOTH uses deliver both high availability and robustness, protecting customers’ data with a defense-in-depth architecture. Data is encrypted at rest and in transit, and access controls and audit logs reduce the risks of unauthorized access and information leakage.
Security Measures Compliant with International Standards
AIZOTH Inc. is certified to the international standard for information security management, ISO/IEC 27001, and the international standard for cloud service security controls, ISO/IEC 27017 (https://aizoth.com/2025/10/iso_certification/). This demonstrates that appropriate security measures are implemented in AIZOTH’s information management and in the development and provision of Multi-Sigma®. Key items include the following:
Policy Development and Publication and Publication of Security Governance Policies
AIZOTH Inc. has established an Information Security Policy and a Cloud Service Information Security Policy, which are published on our website. We conduct regular reviews of these policies and update their contents in response to changes in our operating environment.
Clear and Rigorous Information Asset Management
To help customers using Multi-Sigma® manage their information appropriately, AIZOTH Inc. provides directory-based file management features. This enables labeling (tagging) of information assets and supports customers in managing them properly. We also maintain a clear separation between customers’ information assets and the information assets required to operate Multi-Sigma®. In addition, after a specified period following termination of a Multi-Sigma® contract, analysis data is automatically deleted to ensure rigorous management.
Implementation of Access Control
Privileged utility programs are restricted to use with administrator privileges only, thereby limiting privileged access.
Information Security Education and Management
AIZOTH Inc. provides information security training to all employees and periodically assesses their understanding to ensure they possess sufficient knowledge of information security. We also establish a range of information security rules that all employees must follow, thereby enforcing rigorous information security management across the organization.
Audits and Assessments of the Security Management Framework and Implementation
AIZOTH Inc. prepares an annual security management plan and conducts regular internal audits of both the management framework and its implementation. In addition to these internal audits, we undergo ongoing external assessments associated with our ISO certifications, covering our security management and its execution. Through these audits and assessments, we maintain and continually improve our information security management framework.
■ About ISO Certifications
▢ ISO/IEC 27001
| Certification standard | ISO/ISO/IEC 27001:2022 / JIS Q 27001:2023 |
| Certificate No. | IS 826837 |
| Scope of certification | Design, development, and provision of SaaS-based machine learning systems, consulting, support, and contract research and development in data science. |
| Certification body | BSI Group Japan K.K. |
| Initial certification date | September 30, 2025 |
▢ ISO27017
| Certification standard | ISO/IEC 27017:2015 |
| Certificate No. | CLOUD 826838 |
| Scope of certification | ISMS Cloud Security Management System for the system development, operation, and maintenance performed as a cloud service provider in offering the AI analytics platform Multi-Sigma® and the ISMS Cloud Security Management System for the use of Google Cloud as a cloud service customer. |
| Certification body | BSI Group Japan K.K. |
| Initial certification date | September 30, 2025 |
Please refer to the Security White Paper for details on security.
