Security
eSolia Periodic implements comprehensive security measures to protect your DNS and email security data.
Encrypted Communications
All traffic is encrypted via HTTPS (TLS 1.3).
Multi-Factor Authentication
TOTP-based two-factor authentication with backup codes.
Secure Passwords
PBKDF2-SHA512 hashing (600k iterations, OWASP 2024 compliant).
Access Control
Role-based access control with client data isolation.
Secure Sessions
HttpOnly, Secure, and SameSite cookie attributes.
Security Headers
CSP, X-Frame-Options, X-Content-Type-Options, and more.
Data Protection
Encryption at Rest
All data is encrypted at rest in Deno KV. Sensitive information like password hashes and MFA secrets are never exposed through the API.
Client Isolation
Each client's data is strictly isolated. Client users can only access their own data, and only administrators have cross-client access.
Reporting Vulnerabilities
If you discover a security vulnerability, please report it responsibly.
Contact: security@esolia.co.jp
Please do not disclose vulnerabilities publicly before they have been addressed.
Compliance
eSolia Periodic adheres to the following security standards:
| Standard | Status |
|---|---|
| OWASP Top 10 | Addressed |
| HTTPS/TLS | Required |
| Password Policy | Strong |
| Multi-Factor Auth | Available |