Building a foundation for digital transformation with enhanced security as the foundation

Konoike Transport was established in 1945 when the logistics division of Konoike Gumi was spun off. Currently, the company is actively expanding its business into the Asian and North and Central American markets. In addition to logistics, the company also provides outsourcing services to provide professional support in a wide range of specialized fields, including steel, food, medicine, and airports.

In 2022, the company announced the "KONOIKE 2030 VISION," with the message, "People reach higher with technology." This means that the company aims to create a world where each individual working in the specialized fields mentioned above can pursue higher goals and find happiness. The company also stated that it will utilize "technology" to anticipate the needs of customers and society one step ahead and improve society and the world. The company's policy is to actively incorporate cutting-edge technology while placing "people" and "bonds" at the center of its corporate philosophy. Specifically, the company established the ICT Promotion Headquarters in 2018 and the Digital Transformation Promotion Department, a specialized department, in 2020, and began full-scale DX promotion.

As a specific example of this, there are cases where technology is used to help reduce the workload at steelworks, such as using drones to inspect conveyor belts and using robots to collect materials that have fallen around conveyors. Another example of DX is the provision of "KBX," an international logistics cloud service for external parties. In office work, the company is also working to solidify its foothold through business DX, such as by proactively using SaaS to promote paperless operations.

"Business DX is difficult and we are only halfway there, but we are focusing on building the foundation so that each business division can easily promote DX in line with their needs. To do this, strengthening security is essential. Since the establishment of our department, we have striven to build a safe and stable foundation from both a technical and operational standpoint," says Masaya Sato, Deputy General Manager of the ICT Promotion Headquarters and General Manager of the Digital Transformation Promotion Department at Konoike Transport.

Eliminate the dependency on individuals for privilege management and achieve company-wide integrated management

Konoike Transport, which had implemented multi-layered security measures up until now, still had issues with privilege management. There were various servers running within the company, but they used the old method of each person managing their own account with their own responsibility. Some systems were operated with shared accounts, which could cause problems when members were transferred or left the company. In addition, in systems subject to SOX, there were cases where the auditing firm pointed out the need for improvement, and although they tried to address the issue by strengthening manuals and systems, the manual operation itself was seen as a problem.

"There's no denying that privileged accounts are highly dependent on individuals, and the management burden cannot be ignored. We also had difficulty managing information such as who used privileged accounts, when, and how, and the visibility needed to respond to incidents was insufficient. We felt that we needed to achieve more advanced operations, so we decided to introduce a privilege management tool," said Sato.

That's why Konoike Transport turned its attention to CyberArk Privileged Access Manager (PAM). After comparing several tools, Sato recalls that CyberArk PAM had the following outstanding features:

First, it has comprehensive functionality for privilege management. It also has a workflow for applying for and approving the use of privileges, and records operations after logging in. It was evaluated not only for its integrated management of privileges, but also for its functionality for preventing internal fraud and responding to incidents.

In addition, as Konoike Transport is increasingly using the cloud, support for web services was also a priority. CyberArk PAM is multi-compatible with a wide range of platforms and can easily incorporate various cloud services.

Finally, "CyberArk Secrets Manager" is an area for future enhancement. We want to properly protect accounts used in our in-house developed applications. With CyberArk, we can prepare for future enhancements and hope to aim for company-wide integrated management.

"CyberArk is an expert in providing reliable solutions, and we decided that they could provide the privilege management we needed," said Sato.

Konoike Transport first started applying CyberArk PAM to important systems managed by the Digital Transformation Promotion Department, then expanded it to systems managed by other departments that require SOX compliance. After that, they are moving forward with introducing it to departments that support the core transportation business. Because it will be necessary to change the operations of a variety of users, including group companies and cooperative partners, the company plans to take the time to thoroughly implement it.

Proper support for smooth implementation and safer system operation

Konoike Transport's previous privilege management system had a problem in that it tended to leave security in the hands of users. The quantity and quality of logs for each system varied, and collecting, organizing, and analyzing them required a considerable amount of effort and time.

"We believe that the greatest benefit of CyberArk PAM is that it enables us to closely monitor the use of privileges. We expect it to be effective in deterring fraud and mistakes, and because logs are centralized, it has become easier to manage incidents with SIEM. In the future, we would like to use it for more advanced security management, aiming to speed up and automate the process from threat detection to response," says Satoshi Tomatsu, deputy general manager of the Digital Transformation Promotion Department at Konoike Transport.

Mr. Tomatsu also reflected that it was helpful to receive full support from Macnica when implementing CyberArk PAM. As the implementation was widespread, there were small questions and issues, but he highly praised Macnica for their quick and accurate responses.

"Macnica has a wealth of knowledge and always strives to provide high-quality communication. They have never been unable to answer our inquiries, and I felt they were an extremely trustworthy partner. When we ran into trouble, they worked closely with CyberArk to quickly resolve the issue. They also proactively provided us with update information in regular meetings. We would like to make better use of CyberArk PAM, so we look forward to even further support." (Tomatsu)

Regarding the originally planned privilege management and security enhancement, Mr. Sato and his team evaluated the results of the implementation, saying, "We were able to raise the safety level by more than 200%, exceeding our expectations." They plan to apply it to all systems and also consider expanding it to overseas bases. They are also considering introducing Secrets Manager, and intend to firmly protect privileges for the entire system, including applications.

"We now have all the pieces in place, from external security to internal security. Going forward, we would like to further establish the system, including privilege management, and optimize our management system, including improving the efficiency of operations during normal times and strengthening our response during incidents. CyberArk provides us with cutting-edge technologies such as AI management, while Macnica provides us with the know-how to utilize these technologies. We hope that they will play an active role as our strong partners as we move toward further utilization," said Sato.

*Information and company names in the text are current at the time of the interview.

Customer story 1st page sample