All Customer Stories

Daikyo strengthens Identity Security with CyberArk Privilege Cloud

Join Daikyo on their journey to improve operational efficiency and implement a zero-trust strategy with CyberArk

Looking directly up at the skyline of the financial

Back to Top

  • Summary
  • Company Profile
  • Challenges
  • Solutions
  • Results
  • Key Benefits
Contact Sales
Jump to

Summary

Daikyo, which had been facing major challenges in privilege management, adopted CyberArk Privilege Cloud to strengthen its overall security measures and internal controls, including those of its subsidiaries, and created an environment that enables integrated management of privileged access to systems including cloud services. Resulting in the use of privileges being visualized, eliminating the need to rely on the goodwill of users and the occurrence of mistakes, and supporting the realization of “safe, secure, and comfortable” real estate services.

Company profile

Daikyo’s predecessor, Daikyo Shoji, was established in 1960, and Daikyo Kanko, now Daikyo, was established in 1964. With headquarters located in Tokyo, Japan, the company and its seven subsidiaries are responsible for the ORIX Group’s housing-related business, and the company hopes to pursue the creation of additional value in the real estate business and solve social issues while leveraging its long-standing expertise in real estate development, management, and distribution.

Challenges

Daikyo, and its seven subsidiaries, have been promoting the use of IT to more than 10,000 employees by introducing enterprise systems such as directory services, from an early stage. Recently, the use of cloud services has expanded, but the legacy systems remain, creating a hybrid environment.

“With a mixture of old and new IT environments, J-SOX compliance and internal control efforts tend to leave issues unresolved. In particular, management of privileged access to systems and security measures were one of our key issues. In the process of reforming the old architecture to the new architecture, we are implementing various enhancements, such as zero-trust-based security operations, a shift from perimeter security to user-based security, and enhancement of asset management and log management for quick incident response. We are working to elevate our security measures to realize cloud-native IT that can digitally connect users in the future,” said Osamu Kobayashi, General Manager of Daikyo’s Information Systems Department.

After being audited, it was suggested that Daikyo strengthen their identity security strategy, and with advice from consultants and IT partners, the company adopted the CIS Control framework and promoted the enhancement of privileged access management.

Daikyo and its subsidiaries operate more than 200 servers that support numerous operations that affect their financial statements. Privileged access management is a critical element to ensure that administrative tasks and infrastructure operations, including servers, are secure.

In the early stages of adopting CIS Control to strengthen management, Daikyo determined that manual analog operations would be difficult to sustain and that mistakes would surely occur in operations that relied on human hands and as the company is promoting the use of cloud services, the shift to cloud-based privileged access management was also considered critical. “It should be possible to manage identities with access rights to various systems and services without omissions and to visualize their usage status. The goal was to create a system that would not rely on the goodwill of end-users, that would be easy to use even for new users, and that could be operated without difficulty by a small management organization. This is why we focused on CyberArk Privilege Cloud,” noted Kobayashi.

Solutions

Recognizing the challenge of responding to audits, Daikyo began by surveying the actual status of privileged identity usage and understanding the state of management, with advice from security consultants and technical support from ITOCHU Techno-Solutions (CTC). As they learned more about the current environment, they became more aware that they needed CyberArk Privilege Cloud to take over CIS Control and strengthen their privileged access management strategy.

CyberArk is a complete identity security solution that is built to satisfy a wide range of audit requirements. It is also a good choice for us because it provides consistent management across multiple platforms. Since the number of users accessing each system is completely different, one of the advantages of CyberArk is that it offers a flexible licensing structure in terms of the number of simultaneous connections.
-Yoshikazu Yokoyama, Information Systems Department

Another major reason for choosing CyberArk was its built-in process automation, which is indispensable for identity management. Although there was already a workflow system in operation, the integrations had to be done manually. Daikyo wanted to eliminate as much reliance on human goodwill and manual processes as possible, which led them to choosing CyberArk.

In addition, Daikyo and its subsidiaries utilize Windows and Linux servers and operate many privileged accounts with access to sensitive targets, including cloud hosted databases & web platforms. They also develop their own applications, so the versatility of the CyberArk Identity Security Platform was important to them.

Results

In the previous system environment, monitoring was conducted for incident response, and each of the two people in charge took nearly half a day to audit the system. The introduction of CyberArk Privilege Cloud is expected to reduce this time by 90%. Most of the conventional, manual work is no longer necessary, and the response time to alerts will be greatly reduced.

“The most significant benefit is that we have eliminated the reliance on the goodwill of human operators. We now have an environment in which there are no loopholes, and no mistakes are made, and as the IT management department, we can say with confidence that everything is secure. The discovery of privileged accounts, which used to require a great deal of effort, will be greatly accelerated with CyberArk Privilege Cloud. In the past, we had to chase incidents after the fact as a security measure, but now we feel that we have a solution in place that can firmly defeat threats,” said Yokoyama.

Because CyberArk Privilege Cloud is a cloud-based service, it is also easily accessible by external IT partners to whom operations are delegated. In the past, the operational steps to provision 3rd party access were complicated, such as setting up VPN access and preparing accounts for access to relay servers.

In the operation of CyberArk, “the support of CTC, CyberArk’s partner, was critical,” Yokoyama emphasizes. Kobayashi said, “When we implemented CyberArk, it was a big advantage for us to have the support of a strong IT partner like CTC. The extensive information and advisory services that they provided were of great help to us, as it was a system that related to various operations.”

Daikyo needed to implement CyberArk Privilege Cloud in a gradual step-by-step manner to meet their respective requirements as they transitioned from their existing system operation patterns to new operations. Therefore, the intention was to expand the internal deployment in cooperation with other Daikyo subsidiaries as well. They adopted the approach of introducing CyberArk into the first target system, then standardizing the deployment and delivering it with an operations manual. Currently, Daikyo and its subsidiaries are using the manuals to deploy CyberArk Privilege Cloud in various systems to strengthen security and internal controls.

In addition to Windows and Linux servers, Daikyo plans to add databases and Web services to the scope of CyberArk Privilege Cloud. In addition, although it will be necessary to work closely with the development and operations departments, Daikyo also intends to include internally developed applications in the future and intends to establish a system that will enable integrated privileged access management for all its subsidiaries.

Mr. Kobayashi evaluates that “we have been able to create a system that contributes to business. Leadership also has a better understanding that security is not something that produces short-term or direct effects, but something that contributes over the medium to long term.”

Key benefits

  • The solution covers all functions necessary to enhance privileged access management and implements mechanisms to improve operational efficiencies.
  • Strengthened internal controls for more than 200 target systems and cloud services, while reducing operational burdens.
  • Privileged access management that does not rely on the goodwill or work of others and prevents mistakes from occurring.
  • Reduced audit time by 90%, improving incident response.

Products and services

CyberArk Privilege Cloud

Solutions

Secure IT Administrators

Secure External Access

Related customer stories

konoike group logo

Konoike Transport Improves Identity Security Posture by 200% with CyberArk Privilege Cloud

Read Case Study
Netron logo

MSP’s Pursuit of Zero-Trust and Least Privilege Boosts Efficiency and Security

Read Case Study
hengstyle logo

Taiwan’s Leading Retail Brand Protects Hundreds of Users Across 70 Nationwide Stores With CyberArk

Read Case Study

Talk to an expert

Understand the key components of an Identity Security strategy

Get a first-hand look at CyberArk solutions

Identify next steps in your Identity Security journey

Contact Sales
Copyright © 2024 CyberArk Software Ltd.
All rights reserved.