Systemization of expertise acquired from building and operating a zero trust model for NTT DATA’s 140,000 employees across 55 markets
TOKYO – Dec. 8, 2021 – NTT DATA, a global digital business and IT services leader, announces that it will begin offering its "Zero Trust Security Service" as of today. This new service will provide organizations with a work environment suited to today’s flexible working styles, without restricting users by work location, such as the office or home, or by type of device, whether smartphone or PC. Further, this service will contribute to damage reduction from security incidents by providing a high level of security with technologies such as multi-factor authentication and log monitoring, and allowing for rapid detection, response, and recovery in the event of an external cyberattack.
NTT DATA considers today’s increasingly complex cyberattacks to be a management risk and has revised its security governance globally, introducing a zero-trust architecture used by 140,000 employees in 55 markets worldwide. Based on this experience, which is detailed here, NTT DATA has systematized its expertise to provide customers with a comprehensive service from consulting to architecture implementation and operation. Together with strategic partner companies with extensive track records globally in a wide range of technical fields, NTT DATA has created a structure with more than 1,000 specialists able to provide this service.
Organizations may assess their security environment by contacting an expert at NTT DATA.
For additional insights into the zero trust model, read Zero Trust: Your Digital Transformation Requires a Risk Transformation.
Amid changes in working styles and greater use of cloud services and remote work environments, implementing a highly secure environment globally to counter increasingly sophisticated cyberattacks has become an urgent issue. Cyberattacks target the most vulnerable areas of an organization, so companies with multiple business locations in countries around the world need to have a uniform level of security measures within the corporate group, beyond a certain standard. NTT DATA, as part of the strategy to “Expand Global Digital Offerings” in its medium-term management plan, is focusing on security as a primary domain, and has now begun offering a service to provide comprehensive support for zero trust security architecture, from consulting to implementation and operation.
Service Overview and Features
Comprehensive service from consulting to architecture implementation and operation.
NTT DATA is able to identify the issues in the customer’s IT environment and provide a comprehensive service from consulting for design planning, to implementation and operation of the system architecture.
Fig. 1: Overview of the zero trust security service
Phase 1: Planning
Important aspects of strengthening global security governance are executive management understanding, securing of human resources, and establishing rules that consider factors such as local regulations. NTT DATA provides a consulting service based on its accumulated know-how that includes a security assessment to identify the issues in the current system, along with planning of measures, establishment of rules, and design proposals for introducing technology.
Phase 2: Design and Implementation
NTT DATA utilizes security solutions with proven effectiveness in a broad range of fields including ID management and authentication, cloud access controls, terminal management, and monitoring, to implement a zero trust architecture worldwide. Together with its strategic partner companies, NTT DATA combines the latest technologies in an optimal configuration to provide an environment that meets the requirements of its customers.
Phase 3: Operations
Cyberattacks can happen at any time, so NTT DATA monitors all locations globally 24 hours a day, 365 days a year. This monitoring allows NTT DATA to quickly detect cyberattacks from outside the network, implement countermeasures and restore operations, minimizing damage to customers from security incidents.
NTT DATA’s strategic security partner companies include, but are not limited to:
Fig. 2: Worldwide standard information security management framework
Fig. 3: Zero Trust Security Service technology line-up
Fig. 4: NTT DATA’s security operations bases
Ability to provide service globally
NTT DATA has a global team of around 1,000 specialists with expertise in zero trust security models, allowing it to provide support in multiple countries and languages around the world.
Zero trust model introduced for NTT DATA’s 140,000 employees worldwide.
NTT DATA currently operates in 55 markets worldwide, employing around 140,000 people across its corporate group. As a result of global business expansion from a proactive program of M&A, the proportion of overseas employees has increased from less than 1% in 1997 to nearly 78% today, with around 90,000 members of the workforce outside Japan. While NTT DATA had built a global network and formed operational and business alliances, the IT and security platforms of the group companies acquired through M&A were not consistent and were managed and operated on a regional basis.
To raise the security level worldwide and respond promptly to security incidents, in 2020 NTT DATA standardized its security globally, implementing security infrastructure to be used by all employees, and setting rules for operational monitoring. This has provided all NTT DATA employees with an environment that allows them to work using their preferred device, including secure fat clients, thin clients, smartphones or tablets, at home, the office, or any other location, while utilizing various types of cloud services to the fullest extent possible.
This project allowed NTT DATA to identify and resolve the following issues related to security measures for corporations with multiple locations spread worldwide.
Issue 1: Strengthening security governance
There has been an increasing number of cases recently where damage from security incidents at overseas locations of global corporations has spread to their head offices. The following issues are particularly notable:
- When a security incident occurs overseas, it takes considerable time for the head office to become aware of the event.
- Cyberattacks at locations with low levels of security provide a springboard, threatening the entire global organization.
- A uniform level of security is difficult to implement due to such factors as differences in business practices, business models, and company size in each country, or the availability of on-site security engineers.
Issue 2: Responding to the diversification of the IT environment
The diversification of IT environments and working styles, such as the spread of remote work and BYOD1,2, and increases in collaboration with outside firms, have led to the following issues:
- Greater risk of information leaks due to use within the company of unapproved applications or cloud services.
- Increased risk of information leaks or business suspension due to malware infections.
- Diminished business competitiveness and loss of business opportunities due to delays in digitization.
NTT DATA has strengthened its global security governance in response to these issues and implemented a globally standard zero trust architecture. The use of the same technologies by group companies spanning 55 markets has raised the security level of the entire organization worldwide. NTT DATA is also currently conducting assessable, real-time monitoring of the more than 170 billion system use logs generated monthly.
Fig. 5: Overview of the zero trust architecture used by all NTT DATA employees
NTT DATA will utilize its know-how of implementation and operation of a large-scale zero trust architecture for 140,000 employees in 55 markets worldwide to provide customers with a comprehensive service, from consulting to implementation and operations.
About NTT DATA Services
NTT DATA Services is a recognized leader in IT and business services including cloud, data and applications. A division of NTT DATA headquartered in Texas, the company leverages consulting and deep industry expertise to help clients accelerate and sustain value throughout their digital journeys.
- BYOD (Bring Your Own Device) refers to using privately owned terminal devices for work purposes.
- Other names of products, companies, and organizations are trademarks or registered trademarks of those companies.