Previous issues: Creating a secure remote work environment and strengthening measures to prevent information leaks

Dirbato has helped various industries and companies solve problems through IT consulting services that utilize their extensive knowledge and track record in the IT/digital field. Since its founding in October 2018, the company has attracted attention as an up-and-coming group of specialists, achieving 28 billion yen in sales in six fiscal years, the fastest in the consulting industry. Currently, the company is strengthening its structure, including group companies, to provide even more value to clients. It is promoting diversification management in order to create synergy with existing strengths, such as IT-based consulting and support during the execution phase.

Now, the company has seen an increase in remote work since the COVID-19 pandemic began in 2020. As a result, the use of cloud services (SaaS) has also increased sharply. Even after the COVID-19 pandemic subsided and office work resumed, consultants continued to work mainly remotely, so strengthening security measures in external environments became an urgent task. Shuichi Nigo, Senior Architect of the company's Consulting Group and Director of the Information Systems Department, explains, "Currently, members of the Corporate Group, which corresponds to human resources and general affairs, come to the office, but members of the Consulting Group, who deal with customers, basically work from home and only come to the office when necessary. Therefore, we needed to create an environment where they could work securely regardless of location."

Additionally, the consulting industry sees a high rate of job changes, with employees coming and going frequently, so measures to prevent information leaks (taking data outside the company) are essential. There are also many opportunities to work as a team with external collaborating staff. "Given this situation, we needed a service like CASB (Cloud Access Security Broker), which can visualize each employee's cloud service usage and monitor and control data uploads. We also wanted to introduce a VPN to ensure secure connections to cloud services," says Nigo.

[Product Selection] CASB and VPN connection can be used with one service. Secure access using ZTNA is also evaluated.

Dirbato began gathering information in 2022 and compared and examined several solutions, focusing on products claiming to be CASBs. Finally, Dirbato decided to use Cato SASE Cloud. Dirbato's CEO, Mr. Kurt Steinberg, explains: "Cato SASE Cloud was the only product that met both of our requirements, CASB and VPN connectivity, in a single product. Other products required a combination of the two services, which would have been complex to operate and manage and cost extra. In fact, the difference in cost between CatoSASE Cloud and the other service was about 1.5 times the cost of the other service," said Nigo.

In addition, when using SaaS, the company does not connect via the company's internal network, but directly to each service via local breakout. For this reason, it was necessary to ensure a system that allowed safe access from outside the company. In this regard, Cato differs from general VPN connections in that it uses ZTNA (Zero Trust Network Access), which inspects all communications even after allowing a connection to Cato Cloud. This makes it possible to finely control security measures, such as restricting access destinations to cloud services beyond, and blocking malicious or dangerous access. This was also a key consideration in the company's decision to adopt it.

The company contacted Macnica in September 2022 and conducted a PoC in February 2023. After verifying the response, the pilot operation started in April. In July, it moved to full-scale operation across the company. Due to the nature of the company specializing in IT consulting, the IT literacy of employees is high, so there were no particular problems with the introduction and the rollout was completed smoothly.

[Effects of implementation] Data cannot be taken out, and reliable measures against information leaks have been implemented. The screen is easy to understand, and the situation can be easily grasped.

Dirbato currently has nearly 2,000 licenses in place. All company data is stored on the cloud, and file sharing is limited to OneDrive. OneDrive can only be accessed via Cato SASE Cloud, and different access rights are assigned to different groups, such as employees and external staff. "Internal data can only be accessed on company-issued devices. Access to cloud storage contracted by individuals is prohibited, and devices such as USB memory sticks cannot be used, so data cannot be taken out. By introducing Cato SASE Cloud, we believe we have achieved a fairly reliable method of preventing information leaks," says Nigo.

In addition, the use of various cloud services requires an application system, and access rights are granted by linking Entra IDs. Yuko Kitagawa of Corporate Group Employee Success says, "Rule 1 was stronger than in the pilot period, and immediately after full operation, we received a lot of requests to 'drill holes', asking for permission to access websites used for work. We use Cato's event logs as a basis for deciding whether or not to permit these drillings. Cato also allows us to visualize communications by category, which makes it possible to prevent inappropriate use of SharePoint or email exchanges."

The company's consultants work with clients from a wide variety of industries and business sectors, and the websites they use to gather and access information for their work are also different, making it difficult to impose uniform access restrictions. Therefore, the company deals with this by creating holes according to individual requests.
"Our basic policy was to lock everything down at once, and then unlock it as necessary. I think it worked well in the sense that it increased the strength of security, and in this regard, the CASB, which allows for fine-grained control, played an important role. Security and business efficiency are in a balance; increasing one inevitably decreases the other. With this latest implementation, there were initial complaints about the reduced convenience, but once people got used to it, they came to understand that this is just how it is," says Nigo.

Regarding ease of use of Cato SASE Cloud, the company says that the dashboard, events, and other screens are easy to understand, making it easy to grasp the situation.
"Events can also be narrowed down by individual user actions and timelines, so you can closely track which domains are being accessed and whether those domains are appropriate. In addition, many new employees join the Company every month, and Microsoft 365 and Cato users are linked, so when a Microsoft 365 license is granted, it is automatically granted to Cato as well, which reduces the management burden," says Kitagawa.

Macnica 's support was also highly praised for its thoroughness. The response was quick, and they were able to share their screens on Teams and receive guidance, or communicate directly with Cato Networks' support staff in English to receive real-time support. Tatsuya Matsushita of Corporate Group Employee Success also said, "There are many staff members with a wealth of knowledge, especially in the security field, where trends change quickly, and we have learned a lot from them."

[Future Developments] Hopes for support from Cato's AI to detect cyber attacks before they become a reality

Looking ahead, Dirbato plans to consider introducing XDR (Extended Detection and Response). "By introducing Cato SASE Cloud, we've been able to acquire a lot of data. We hope to use this to detect cyber attacks and network failures before they become noticeable. To do this, we need to select what's necessary from a huge amount of data, which is difficult to do by hand alone. We expect the AI added to the CatoSASE cloud to take on this role, and then link it with logs from other PCs," says Nigo.

User Profile