Konoike Transport Improves Identity Security Posture by 200% with CyberArk Privilege Cloud

Significantly reduced burden on IT teams and improved audit response

Male and female truck driver colleagues talking

Summary

Konoike Transport had strengthened its privileged access management in the past through manual operations, but the burden on the field and lack of visibility became an issue. By adopting CyberArk Privilege Cloud, the company centralized privileged access management for a wide variety of servers and cloud services. By making the use of privileges visible, the company was also able to curb internal fraud and errors.

Company profile

The company was founded in 1880 by Chujiro Konoike in Denpo (Osaka) as a labor supply and transportation company. In 1900, the company started in-plant cargo handling and transportation operations in the steel industry, and in 1945, the logistics division was spun off from Konoike Construction Co., Ltd. and established as Konoike Transport. Today, the company has offices in Osaka and Tokyo and has made significant inroads into the Southeast Asian, South Asian, and North and Central American markets. In addition to logistics, the company also provides professional outsourcing services to support the field in a wide range of specialized fields such as steel, food, medical care, and airports. One of the KONOIKE Group’s unique initiatives is the use of technology to help reduce workload, such as the use of drones to inspect conveyor belts at steel mills and robots to retrieve materials that have fallen around conveyor belts. For external customers, the company has developed and offers KBX, an international logistics cloud service that helps improve the efficiency of trade operations. In addition, the company is also promoting DX operations that solidify its footing, such as the use of SaaS to make offices paperless.

Challenges

Masaya Sato, Deputy Executive General Manager, ICT Promotion Division and Digital Transformation Promotion Department at Konoike Transport, stated that „Digital Transformation (DX) is the challenge and is still in the middle of the road,“ but that they are focusing on creating a foundation for digital utilization so that each business unit can easily promote DX that meets its own needs and goals.

„Management recognized that strengthening security was essential in promoting digital transformation. Initially, there were various lacks in security measures, but since establishing the ICT Promotion Division in 2018, we have worked to build a solid security infrastructure, both technically and in terms of management and operations, “ said Sato.

Although Konoike Transport has accumulated multilayered security measures, insufficient privileged access management to their systems has remained. The company operates a wide range of systems and servers, and each person in charge had to manage their privileges, which was an old-fashioned practice. Since some systems were operated under shared accounts, failure to change passwords after the person in charge was transferred or left the company could lead to a serious incident. Therefore, operational measures such as strengthening processes and systems were needed.

“Once we handled the situation from an operational standpoint, the increased workload on operators could not be ignored. In addition, there was insufficient visualization of privilege usage, which is indispensable for incident response, such as who used the server, when, and how they used it. Thus, we decided to implement a privileged access management tool because of decreasing operational workload and achieving our identity security goals,” said Sato.

Solutions

After comparing several vendors, Konoike Transport chose CyberArk. According to Sato, two capabilities were the most significant for them:

  • Centralized credential management, vaulting and rotation. CyberArk allows them to onboard all the accounts for secure, policy-based management in a tamper-proof Digital Vault and automatically rotate all credentials according to organizational policy.
  • Secure IT admins. As Konoike Transport is adopting a cloud first approach, they appreciated CyberArk’s ability to centrally secure privileged access for IT admins and privileged users in all environments; on-premises, multi cloud, and hybrid.

To secure their machine identities, they are looking to provision CyberArk’s Secrets Management solutions. Konoike Transport develops and uses a wide variety of applications, and Sato and his team want to ensure that these accounts are properly protected as well. The onboarding of CyberArk Privilege Cloud started from the systems that are subject to internal audits and expanded to SaaS, an accounting system, and other systems.

Subsequently, they have a plan to expand the deployment to their logistics system that supports the core transportation business. That system is complex and extensive, with many players, including group companies and external partners. Hence, the plan is to apply CyberArk Privilege Cloud to the development environment first, and then to the production environment as the operational structure is established.

Results

Konoike Transport outsources the overall operation of CyberArk solutions to a group company, and so far, a small team has been able to operate the system, without being overburdened. As CyberArk Privilege Cloud was being deployed, the Konoike Transport team immediately saw three major benefits:

  • Session monitoring: Privileged users can now have secure access without sacrificing user experience and productivity, and administrators can manage multiple systems in an integrated manner, which has greatly reduced the risk of internal fraud and errors. We can now monitor privileged access properly. The main problem with our previous environment was that direct access to the system was possible, and people could do whatever they wanted with malicious intent,” recalled Satoshi Tomatsu, Assistant Manager of the Digital Transformation Promotion Department at Konoike Transport.
  • User Experience: Initially, Tomatsu and his team were expecting a complex solution that would increase the burden on their IT team but were pleased to realize that CyberArk Privilege Cloud was easy to use and reduced their workload, allowing it to be managed by a small team. Tomatsu states, „User experience became an advantage of CyberArk Privilege Cloud.”
  • Trust: Tomatsu cited the reliability of CyberArk as another reason for wanting to continue using CyberArk Privilege Cloud. “When we faced deployment complications, the CyberArk team worked closely with our implementation partner and proactively communicated with us to resolve the issues without omission. After that, they continued to hold regular meetings and proactively provided us with updates and other information. I felt a strong sense of trust in their sincere response as a vendor,“ said Tomatsu.

“The initial goal was to strengthen security measures by implementing privileged access management. With CyberArk Privilege Cloud, we exceeded our security expectations by approximately 200%.“
-Masaya Sato, Deputy Executive General Manager, ICT Promotion Division and Digital Transformation Promotion Department, Konoike Transport

They intend to complete the implementation of most systems by the end of 2024 and are considering expanding to overseas locations as well. They are also actively considering the introduction of CyberArk Secrets Manager to ensure the protection of their entire environment, including applications.

“Since 2018, we have been working on implementing measures against external security threats and fraud first, and then strengthening measures for internal fraud. Privileged access management was one of our key challenges when it comes to internal measures. We believe that measures to secure privileged access management has been taken by implementing CyberArk which has the latest technologies, such as AI. We look forward to a continued long-term partnership with CyberArk,” said Sato.

Key benefits

  • Secure privileged access without compromising user experience and reducing burden on IT teams.
  • Appropriate monitoring of privileged access to prevent internal fraud.
  • Strengthened identity security posture by 200%.
  • Integration with a variety of systems, accelerating and centralizing incident and audit response.

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey