NTT DATA Begins Providing "Zero Trust Security Service" Globally

Systemization of expertise acquired from building and operating a zero trust model for NTT DATA's 140,000 employees across 55 markets

Nov 30, 2021
NTT DATA Corporation

TOKYO – November 30, 2021NTT DATA, a global digital business and IT services leader, announces that it will begin offering its "Zero Trust Security Service" as of today. This new service will provide organizations with a work environment suited to the new flexibility in working styles, without restricting users by work location, such as the office or home, or by type of device, whether smartphone or PC. Further, this service will contribute to damage reduction from security incidents by providing a high level of security with technologies such as multi-factor authentication and log monitoring, and allowing for rapid detection, response, and recovery in the event of an external cyberattack.

NTT DATA considers today's increasingly sophisticated and complex cyberattacks to be a management risk, and has revised its security governance globally, introducing a zero trust architecture used by 140,000 employees in 55 markets worldwide. Based on this experience, NTT DATA has systematized its expertise to provide customers with a comprehensive service from consulting to architecture implementation and operation. Together with strategic partner companies with extensive track records globally in a wide range of technical fields, NTT DATA has created a structure with more than 1,000 specialists able to provide service.
This new service is expected to generate ¥30 billion in annual revenue globally by the end of fiscal 2025.

Background

Amid changes in working styles, and greater use of cloud services and remote work environments, implementing a highly secure environment globally to counter increasingly sophisticated cyberattacks has become an urgent issue. Cyberattacks target the most vulnerable areas of an organization, so companies with multiple business locations in countries around the world need to have a uniform level of security measures within the corporate group, beyond a certain standard. NTT DATA, as part of the strategy to "Expand Global Digital Offerings" in its medium-term management plan, is focusing on security as a primary domain, and has now begun offering a service to provide comprehensive support for zero trust security architecture, from consulting to implementation and operation.

Service Overview and Features

1. Comprehensive service from consulting to architecture implementation and operation

NTT DATA is able to identify the issues in the customer's IT environment, and provide a comprehensive service from consulting for design planning, to implementation and operation of the system architecture.

Fig. 1: Overview of the zero trust security service
Fig. 1: Overview of the zero trust security service

Phase 1: Planning
Important aspects of strengthening global security governance are executive management understanding, securing of human resources, and establishing rules that consider factors such as local regulations. NTT DATA provides a consulting service based on its accumulated know-how that includes a security assessment to identify the issues in the current system, along with planning of measures, establishment of rules, and design proposals for introducing technology.

Phase 2: Design and Implementation
NTT DATA is able to utilize security solutions with proven effectiveness in a broad range of fields including ID management and authentication, cloud access controls, terminal management, and monitoring, to implement a zero trust architecture worldwide. Together with its strategic partner companies, NTT DATA combines the latest technologies in an optimal configuration to provide an environment that meets the requirements of its customers.

Phase 3: Operations
Cyberattacks can happen at any time, so NTT DATA monitors all locations globally 24 hours a day, 365 days a year. This monitoring allows NTT DATA to quickly detect cyberattacks from outside the network, implement countermeasures and restore operations, minimizing damage to customers from security incidents.

NTT DATA's strategic security partner companies:
- CrowdStrike
- Exabeam
- Okta
- Zscaler

Fig. 2: Worldwide standard information security management framework
Fig. 2: Worldwide standard information security management framework

Fig. 3: Zero Trust Security Service technology lineup
Fig. 3: Zero Trust Security Service technology lineup

2. Ability to provide service globally

NTT DATA has a global team of around 1,000 specialists with expertise in zero trust security models, allowing it to provide support in multiple countries and languages around the world.

Fig. 4: NTT DATA's security operations bases
Fig. 4: NTT DATA's security operations bases

Zero trust model introduced for NTT DATA's 140,000 employees worldwide

NTT DATA currently operates in 55 markets worldwide, employing around 140,000 people across its corporate group. As a result of global business expansion from a proactive program of M&A, the proportion of overseas employees has increased from less than 1% in 1997 to nearly 78% today, with around 90,000 members of the workforce outside Japan. While NTT DATA had built a global network and formed operational and business alliances, the IT and security platforms of the group companies acquired through M&A were not consistent, and were managed and operated on a regional basis.
To raise the security level worldwide and respond promptly to security incidents, in 2020 NTT DATA standardized its security globally, implementing security infrastructure to be used by all employees, and setting rules for operational monitoring. This has provided all NTT DATA employees with an environment that allows them to work using their preferred device, including secure fat clients, thin clients, smartphones or tablets, at home, the office, or any other location, while utilizing various types of cloud services to the fullest extent possible.
This project allowed NTT DATA to identify and resolve the following issues related to security measures for corporations with multiple locations spread worldwide.

Issue 1: Strengthening security governance
There has been an increasing number of cases recently where damage from security incidents at overseas locations of global corporations has spread to their head offices. The following issues are particularly notable:

  • When a security incident occurs overseas, it takes considerable time for the head office to become aware of the event.
  • Cyberattacks at locations with low levels of security provide a springboard, threatening the entire global organization.
  • A uniform level of security is difficult to implement due to such factors as differences in business practices, business models, and company size in each country, or the availability of on-site security engineers.

Issue 2: Responding to the diversification of the IT environment
The diversification of IT environments and working styles, such as the spread of remote work and BYOD*1, and increases in collaboration with outside firms, have led to the following issues:

  • Greater risk of information leaks due to use within the company of unapproved applications or cloud services.
  • Increased risk of information leaks or business suspension due to malware infections.
  • Diminished business competitiveness and loss of business opportunities due to delays in digitization.

NTT DATA has strengthened its global security governance in response to these issues, and implemented a globally standard zero trust architecture. The use of the same technologies by group companies spanning 55 markets has raised the security level of the entire organization worldwide. NTT DATA is also currently conducting assessable, real-time monitoring of the more than 170 billion system use logs generated monthly.

Fig. 5: Overview of the zero trust architecture used by all NTT DATA employees
Fig. 5: Overview of the zero trust architecture used by all NTT DATA employees

Future Goals

NTT DATA will utilize its know-how of implementation and operation of a large-scale zero trust architecture for 140,000 employees in 55 markets worldwide to provide customers with a comprehensive service, from consulting to implementation and operations. This new service is expected to generate ¥30 billion in annual revenue globally by the end of fiscal 2025.

Reference: Japanese Market

In Japan, NTT DATA will expand the provision of BMWS (BXO managed workspace security), an integrated security infrastructure based on zero trust network architecture, which was launched in 2019 as a new security function of BizXaaS Office® (BXO®) offered as a digital workspace. BMWS is expected to generate ¥15 billion in annual revenue in Japan by the end of fiscal 2025, which is out of ¥30 billion in global annual revenue of Zero Trust Security Service.

Notes

  1. BYOD (Bring Your Own Device) refers to using privately owned terminal devices for work purposes.

  • "BizXaaS Office" and "BXO" are registered trademarks of NTT DATA Corporation in Japan.
  • Other names of products, companies, and organizations are trademarks or registered trademarks of those companies.

About NTT DATA

NTT DATA – a part of NTT Group – is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, IT modernization and managed services. NTT DATA enables clients, as well as society, to move confidently into the digital future. We are committed to our clients' long-term success and combine global reach with local client attention to serve them in over 50 countries. Visit us at nttdata.com.

Contacts

Media inquiries

NTT DATA Corporation
Public Relations Department
Contact person: TANAKA
Tel: pr-support@kits.nttdata.co.jp

Product and service inquiries

NTT DATA Corporation
Technology and Innovation General Headquarters, System Engineering Headquarters
Security Engineering Department, Cybersecurity Management Department
Global Security Promotion Office
Contact: security-contact@kits.nttdata.co.jp

News Releases.

The services, prices of products and services, specifications, telephone numbers, etc. for inquiries and other information included in news releases are the data available on the day of the release. This information may be changed at any time without notice. In certain circumstances, due to various risks or unexpected occurrences, actual results may also be different from the plans or projections in news releases.

What are you looking for?search