Strengthening security measures is one of the social responsibilities of regional banks

The Joyo Bank, which has its head office in Mito City, Ibaraki Prefecture. As a regional bank representing Ibaraki Prefecture, the bank is working to collaborate with municipalities and create new businesses in order to respond to the issues faced by the region and its customers, and is prepared to provide one-stop services that include group subsidiaries. We will expand comprehensive financial services, such as We aim to be the best partner bank that co-creates new value.

For a regional bank like the Bank, which entrusts personal and corporate information, information leaks must never happen, and strengthening security measures is one of the social responsibilities that should be fulfilled. Therefore, the bank has actively adopted the latest technology under the leadership of top management and has worked to strengthen information security. However, in response to the recent increase and sophistication of targeted cyberattacks, it was decided to review the measures again. At that time, Yuji Gorai, Executive Officer and General Manager of the System Department, said, "The most serious problem was endpoint security. Therefore, we decided to take further measures for Internet banking, homepages, and Internet access (Internet-connected PCs), which are considered to be in a high-risk environment."

Of these, for Internet-connected PCs, we had introduced a tool that automatically deleted local data each time it was started and refreshed it to the previous state. Anxiety remained. Masaki Miyota, Deputy General Manager of the System Department, said, "Of course, we need to prevent attacks on PCs and prevent information leaks, but we also have to prevent devices from being hijacked and used for other attacks. In addition, in the event of an emergency, in order to investigate the cause, it is necessary to have a mechanism that can check the record of what happened.Therefore, we are considering a solution that can reliably store logs and countermeasures against targeted cyberattacks. I decided to do it," he says.

Can be introduced without changing the network In addition to preventing targeted cyberattacks, it also remotely manages each PC collectively

Joyo Bank began collecting information in earnest in 2016, but when it visited the Information Security EXPO held in May of the same year, CrowdStrike (CrowdStrike Meet the next-generation endpoint security "CrowdStrike Falcon" made by the company. The bank evaluated its high level of functionality and picked it up as one of the leading candidates. After comparison and examination with other companies' products, we finally decided to adopt it. Mr. Takaaki Eto, Chief Investigator of the Systems Department, explains the points of selection as follows.
"Most of other companies' products with similar functions could only be introduced after consolidating access lines from PCs to the Internet. However, the Bank does not consolidate the lines, and each PC accesses the Internet independently. Changing this would require a major infrastructure overhaul, which would be quite time-consuming and costly. In that regard, CrowdStrike Falcon can be used as a cloud service, so there is no need to aggregate circuits and can be deployed without changing the network. In addition, it was attractive because it was multifunctional and cost-effective, such as being able to detect, investigate, and respond to targeted cyberattacks with a single tool, and being able to manage each terminal remotely."

The bank evaluated and verified CrowdStrike Falcon from October to November 2016, and officially decided to adopt it in March 2017. The introduction started in April, and the introduction to all banks was completed in July.

Reduce the effort and time required to respond to incidents Peace of mind from monitoring services by security experts

Currently, Joyo Bank has installed CrowdStrike Falcon on 600 Internet-connected PCs at each branch. As a result, countermeasures against targeted cyberattacks have been greatly strengthened, and labor can be expected to be reduced in investigations when something happens. “When an incident occurs, it is difficult to accurately grasp the situation over the phone, so the person in charge may go to the site, but this is a heavy burden for the system department, and there are cases where they cannot handle it. In that respect, CrowdStrike Falcon can remotely monitor detailed behavior, so even a PC in a remote location can accurately grasp the situation.It is a big advantage that it can reduce the labor and time required for response." (Mr. Miyota)

In addition, the bank also highly evaluates CrowdStrike Holdings、Inc. 's monitoring service "Falcon OverWatch (threat hunting)" that accompanies CrowdStrike Falcon.
"In addition to reliably acquiring logs for each PC, security experts constantly monitor events. If there is a problem behavior, an alert will be sent and support will be given to respond, which gives me a sense of security." (Eto) Mr)

In addition, CrowdStrike Falcon also shows the operating status of the software installed on each PC, so PCs with low usage can be allocated to other staff and departments, which can be used for optimal placement of clients. Until now, the head office and each department at the bank had purchased PCs at their own discretion, and there were PCs that the system department could not sufficiently manage. changed to operation where the system department purchases in bulk.

Also planned to be used at overseas bases Reduce costs by unifying security measures

Joyo Bank introduced CrowdStrike Falcon to create a secure and centralized management environment without changing the existing system environment such as lines. Taking advantage of the fact that CrowdStrike Falcon is a cloud service, it has also started to be used at overseas bases.

The company is also considering integrating security measures into CrowdStrike Falcon to reduce costs. Mr. Gorai said, ``CrowdStrike Falcon has many functions, and there are still some areas that we are not fully able to use.In that sense, we would like Macnica to give us advice that will further advance its use.On the other hand, there is no end to security measures. "No. It is important to always consider solutions using the latest technology. I hope they will continue to introduce excellent products in the future," he said, expressing his expectations for the future.

User Profile