INTELLILINK Zero Trust Security Service | NTT DATA INTELLILINK Corporation

We propose the "Zero Trust" model of security measures to address the new challenges in cybersecurity faced by companies and organizations amidst the demand for reforms in work styles, new lifestyles, etc.

Examples of New Challenges in Cybersecurity

Safe telework practices
We would like to review the measures necessary to protect confidential information accessed from outside the company and from terminals used outside the company.
Secure use of cloud services
We wish to address the risk of information breach arising from inappropriate use of cloud services (shadow IT) that the information systems department is unaware of.
Migration from VPN (Virtual Private Network)
The IP addresses of VPN devices are open to the outside world and thus vulnerable to attack; we wish to address security issues such as the vulnerability of the devices themselves, as well as issues concerning communication stability and scalability.
Unified security policies for headquarters, branch offices, overseas offices, etc.
We want to apply a unified policy to raise the level of security to a certain standard, which varies from location to location.

"Zero Trust" Model

Zero Trust (Zero Trust Network, Zero Trust Architecture), which, as the term implies, means "trust nothing," is a security concept in which any access to corporate resources, both inside and outside the network, is verified before being granted. Unlike the conventional model of defending at the boundary between the company's own network and the Internet (outside the company), the system allows operations to be conducted "securely" from anywhere at any time.

Steps to achieve Zero Trust Security

In implementing security measures based on the Zero Trust Model, we provide comprehensive support for clients' security measures - from sorting out current issues, proposing services and products necessary to solve them, to implementation and post-implementation operations.

Organizing Issues

Identifying the configuration of current security measures, as well as identifying the security issues and requirements.

Service Selection

Selecting and proposing services to be implemented to achieve the ideal security image. *Solutions are selected from our product lineup.

PoC

Assistance in the design and validation of the selected service/product for implementation.

Full-scale implementation

Assistance in the implementation of the selected service/product.

Operation and Monitoring

Operational support and security monitoring of the installed products.

Zero Trust Security Compliant Solutions

Three technical elements to achieve Zero Trust

The technical elements required to achieve the mechanism for providing security independent of device and user location is categorized into three perspectives.

Solutions based on three technical elements

The three technical elements of resource, network, and endpoint and their compliant solutions are combined and applied according to client's requirements.

*Inquire separately to know whether certain products can be linked and how.
* "Compliant Solution" is an example. Contact us for inquiries concerning products other than those listed below.

-

IDaaS is a service that provides ID management and authentication based on the cloud. In addition to the basic ID management requirements of conventional Active Directory (AD) and LDAP Server, we provide single sign-on (SSO), multi-factor authentication, access control, and other functions for convenience and security not only on-premise, but also for cloud services (SaaS).

■Compliant Solution

Azure Active Directory (Azure AD)
https://www.microsoft.com/ja-jp/ (This will take you to Microsoft.com)

[Network] Private Access: SDP (Software Defined Perimeter)

SDP is a security mechanism of building a network perimeter via software and check, centrally control and manage all the access conditions to data for each user and device. The application server-side connection is invisible to the outside world, and no connection is made until the user and device are authenticated and authorized, ensuring a high level of security without relying on physical boundaries.

■Compliant Solution

Zscaler Internet Access/Zscaler Private Access
https://www.zscaler.jp/ (This will take you to the website of Zscaler)

[Network] Cloud Control: SWG (Secure Web Gateway)

SWGs inspect web communications in the cloud (web proxies) and perform many functions; typical function being filtering URL to control access to specific websites. In addition to security, the system automatically determines where the access is coming from and establishes the appropriate access route. If you are connecting from Japan, you will be guided appropriately to a server in the Japanese cloud, and if you are connecting from the U.S., you will be guided to a server in the U.S. cloud, allowing for smooth connections without communication delays.

■Compliant Solution

Zscaler Internet Access/Zscaler Private Access
https://www.zscaler.jp/ (This will take you to the website of Zscaler)

[Network] Shadow IT Countermeasures: CASB (Cloud Access Security Broker)

CASBs can monitor access to the cloud services you use and allow you to use certain cloud services, but only the functions you need within those services. This is an effective countermeasure against so-called shadow IT, which is the use of unapproved PCs or smartphones for business purposes or unauthorized cloud services in a company or organization.

■Compliant Solution

McAfee MVISON Cloud
Microsoft Cloud App Security
https://www.microsoft.com/ja-jp/ (This will take you to Microsoft.com)
Zscaler Internet Access/Zscaler Private Access
https://www.zscaler.jp/ (This will take you to the website of Zscaler)

[Endpoint] Mobile Device Management (MDM)

MDM is a system for mobile device management, which can be installed to remotely manage multiple mobiles. MDM helps prevent the installation of unauthorized apps and force OS updates, thus avoids the risk of mobile devices being exposed to malware infection and other threats. MDM also includes a functionality to remotely delete information from a mobile device.

■Compliant Solution

Microsoft Intune　
https://www.microsoft.com/ja-jp/ (This will take you to Microsoft.com)

[Endpoint] Data Management: DLP (Data Loss Prevention)

DLP is a security tool to prevent information leaks. Unlike log management systems, which monitor users who access the information, DLP monitors the data itself to protect confidential information. By restricting the taking out and copying of specific data, it is possible to address misuse and unauthorized access by authorized legitimate users.

■Compliant Solution

Contact us separately.

[Endpoint] Terminal Security: EDR (Endpoint Detection and Response)

EDR is an endpoint security solution to detect cyber threats like by targeted attacks and ransomware. Dedicated agent software is deployed on endpoints (PCs) to capture logs at all times. The acquired logs can be analyzed to detect traces of suspicious behavior so that problems can be addressed before they become serious.

■Compliant Solution

Tanium Endpoint Management
https://www.intellilink.co.jp/business/security/tanium
Endpoint Monitoring Service with IntellilinkARGUS
*"Tanium Endpoint Management" - a 24/7 Monitoring and Operation service
Microsoft Defender ATP
https://www.microsoft.com/ja-jp/ (This will take you to Microsoft.com)
Cybereason EDR
https://www.cybereason.co.jp/ (This will take you to the website of Cybereason)

Log Analysis

In the zero-trust model, the principle is that only those that have been confirmed as safe are allowed access to the system. To achieve this, a system for collecting and analyzing log information is required, such as SIEM (Security Information and Event Management), which integrates and analyzes distributed logs in a centralized manner, or UEBA (User and Entity Behavior Analytics), which automates the analysis and detection of suspicious activities.

■Compliant Solution

Microsoft Azure Sentinel
https://www.microsoft.com/ja-jp/ (This will take you to Microsoft.com)
Exabeam, a user and equipment behavior analysis solution
https://www.intellilink.co.jp/business/security/exabeam
Threat Hunting Service
https://www.intellilink.co.jp/business/security/threat_hunting
*Threat Hunting involves investigating, analyzing and searching for any traces of threat intrusion based on the threat intelligence accumulated by receiving logs. We recommend using this service when conducting research and analysis on a spot basis.

Related Information

Columns/Article Contributions

[Mynavi News] Why Zero Trust Now?

Part 1: "What is Zero Trust Security?"
https://news.mynavi.jp/article/zerotrust-1/

Part 2: "Overview of Zero Trust"
https://news.mynavi.jp/article/zerotrust-2/

Part 3: "Solutions Required by Zero Trust - Part 1"
https://news.mynavi.jp/article/zerotrust-3/

Part 4: "Solutions Required by Zero Trust - Part 2"
https://news.mynavi.jp/article/zerotrust-4/

Part 5: "Introducing the Zero Trust Model"
https://news.mynavi.jp/article/zerotrust-5/

[@IT Publication] Special Feature: Integrating Security and Networks with "SASE" Using the Cloud (2)

Where and to What Extent Should Companies Aim for the Ideal of Zero Trust/SASE--Why NTT DATA INTELLILINK Introduced it Early
https://www.atmarkit.co.jp/ait/articles/2103/09/news003.html

Introductory Materials

[Presentation Material] Don't Stop at 90% Developer Remote Work Ratio - Steps to Achieve "Zero Trust" Security
(PDF: 43 pages, 2.29MB)

Video

[Lecture Video] Thinking about Zero Trust Security - What we Found while Increasing the Remote Work Rate of Developers to 90% -
https://www.youtube.com/watch?v=02UTm3Gnt6k