Rack Rack Automates Security Operations for Microsoft 365 Environments Provides "Security Operation Automation Support Service for Microsoft 365

LAC Corporation (Headquarters: Chiyoda-ku, Tokyo; President and CEO: Itsuro Nishimoto; hereinafter "LAC") will start offering "Security Operation Automation Support Service for Microsoft 365" on October 22, 2024 to automate and visualize operation tasks related to Microsoft 365 solutions. IT is an indispensable business foundation for companies.

While IT is an indispensable business infrastructure for companies, the shortage of IT personnel to support it is becoming more serious, with a shortage of several hundred thousand expected in the next few years*1. The IT environment is becoming more complex, and security measures are becoming more sophisticated, making it difficult to secure expert personnel. According to a survey conducted by the Information-technology Promotion Agency, Japan (IPA)*2 , 7.5% of companies have a Chief Information Security Officer (CISO) to oversee security strategy and implementation, while the number of companies that have a CSIRT (Computer Security Incident Response Team), a specialized team to respond to security incidents, is only 3.5%. Only 31.1% of companies have a dedicated member of a CSIRT (Computer Security Incident Response Team) to respond to security incidents. It can be said that security personnel in many companies are working on countermeasures while concurrently performing other duties. The need for a small number of people to monitor multiple solutions makes it difficult to visualize the overall situation and automate countermeasures.

1 Ministry of Economy, Trade and Industry, "Guidance for Establishing Cyber Security System and Securing Human Resources".

https://www.meti.go.jp/policy/netsecurity/downloadfiles/tekibihontai1.1r.pdf

Japan Information System Users Association, "Enterprise IT Trend Survey Report 2023".

https://juas.or.jp/cms/media/2023/04/JUAS_IT2023.pdf

2 Information-technology Promotion Agency, Japan (IPA), "Survey on the Actual Conditions of Corporate CISOs and Security Measures Promotion.

https://www.ipa.go.jp/archive/security/reports/2019/ciso.html

Lack provides "Security Operation Automation Support Service for Microsoft 365" to automate increasingly complex security operation tasks using the Microsoft 365 platform. In this service, we first interview the customer's workflow and identify the areas to be automated. After making proposals and customizing the service to meet your needs based on LAC's experience, we proceed with design and implementation optimized for your environment. Problems are resolved through testing, and delivery is made after modifications are made. During the operational phase, we provide support for future support of new services while making continuous improvements. In addition, we also propose a mechanism for operational support using Microsoft Copilot for Security.

Service Flow

Security Operation Automation Support Service for Microsoft 365

https://www.lac.co.jp/system/microsoft365_security.html

Features of "Security Operation Automation Support Service for Microsoft 365

(1) Utilization of in-house case studies of automated operations

Based on our own experience in automating security operations, Lack provides customized solutions that are best suited to your operations. 2.

2. continuous support for automation tailored to the customer's operations

We will continuously support the automation and visualization of security operations, aiming for total optimization rather than partial optimization, by maximizing the functions of Microsoft 365. 3.

Visualization of operational status

Centralized management of logs of system management status, security operations, and automated processes, and visualization of operational status through dashboards. It supports quick decision-making and provides an environment where the entire operational picture can be grasped at all times.

Examples of Automation at Rack

If you are operating routine operations manually, there is a possibility to automate them. Automation prevents omissions of settings and de-configurations, while recording all processes and automatically confirming that the system has returned to its original healthy state after the work is done.

Example 1] Automation of PPAP control and temporary control release

In principle, sending encrypted files with passwords by e-mail is prohibited, but some customers may only be able to receive them by e-mail. If exceptions are easily granted for the entire company or department, security risks will increase, so careful handling is required.

Therefore, when exception handling is necessary, the process after application is automated to prevent omissions in setting and release. After the exception operation is completed, the system automatically restores the control status, ensuring both operational safety and efficiency.

Case Study 2: Automation of Cloud Storage Access Control Operation

When transferring files to and from customers, it is sometimes necessary to have temporary access to external storage in addition to the cloud storage service authorized for internal use. In this case, the system opens temporarily unavailable cloud storage based on the application, and after confirming the details of the application, automates the entire process from lifting the control to managing usage records and restoring the original restriction status after the end of use.

Endorsement from Microsoft Japan

Microsoft Japan Co., Ltd. welcomes the initiative by LAC Corporation to provide security operation automation support services.

Microsoft Japan helps enterprises select, integrate, deploy, and manage security solutions to strengthen their security and enhance their defense against cyber threats. We look forward to working with LAC Corporation, a company with strong technical capabilities and trust in cyber security.

Executive Officer, General Manager, Partner Technology Division, Partner Business Headquarters

Minoru Naito

By utilizing the Microsoft platform, Lack will promote overall optimization in our customers' security operations and continuous improvement of their business operations.

Microsoft and Microsoft 365 are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Microsoft 365 is the name of a service provided by Microsoft Corporation.

About LAC Corporation

https://www.lac.co.jp/

Lack provides services to solve various social and business issues with its rich experience and state-of-the-art technologies in cyber security and system integration. Since its establishment, the company has been involved in the development of fundamental systems that support Japanese society, including financial and manufacturing industries. In recent years, it has also been involved in the latest IT services suited to the DX era, such as AI, cloud computing, and teleworking. Since launching Japan's first information security service in 1995, we have been at the forefront of the latest cyber-attack countermeasures and incident response, including JSOC, one of the largest security monitoring centers in Japan, Cyber Emergency Center, vulnerability assessment, penetration testing, and IoT security. LAC is a leading company in the information security field.

LAC and LAC are registered trademarks or trademarks of LAC Corporation in Japan and other countries.

All other company names, organization names, product names, etc. mentioned herein are registered trademarks or trademarks of their respective companies.

All information is current at the time of publication and is subject to change without notice. Information is subject to change without notice.