CHALLENGES
Panasonic Information Systems functions as a core organization within the larger Panasonic Group and is responsible for the implementation and execution of the entire Panasonic Group’s IT transformation. The safety of digital technologies that are used is extremely important to realizing PX and IT transformation efforts to fully strengthen security measures, which were triggered by a security incident that occurred in 2021.
“We have had basic security policies and guidelines in place for some time. For example, in the case of servers, we had clear specifications for the measures that should be implemented depending on the required security level. However, there were not enough auditing mechanisms in place to ensure that these were actually being carried out,” says Hiroshi Yagi, General Manager of the Professional Services Department, Platform Services Division, Panasonic Information Systems.
In particular, the management of privileged IDs for servers was delegated to the administrators of each server. The company has several thousand servers (800 Windows servers and approximately 2,500 Linux servers), and if the servers managed independently by each group company are included, the total number is enormous. It was extremely difficult to accurately and efficiently grasp whether these were configured and operated in accordance with the guidelines.
“The guidelines contained more than 50 requirements, and administrators had to check each one as they configured the servers. It was common for each person to manage several servers. There was also regular inventory work along with responding to questions on the asset management system, which took a lot of time and resulted in a significant burden on IT,” says Tatsuya Yasui of the Platform Services Division at Panasonic Information Systems.
Among the challenges, the biggest was the mechanism for controlling and authenticating access to the server. Existing privileged access management tools had many problems in terms of operation and maintenance, such as the fact that one-time passwords could be used, but passwords were not kept secret, and there was no workflow function for managing applications and approvals, so a separate development was required.
As the Panasonic Group worked to strengthen identity security globally, the company began to prioritize privilege access management for server environments. Specifically, they were looking for the optimal solution: a mechanism to increase the effectiveness of guidelines and ensure privilege access management, a method to reduce the burden on administrators and achieve both reliability and efficiency and scalability to protect the entire Panasonic Group.
– Tatsuya Yasui
Platform Services Division, Panasonic Information Systems
SOLUTIONS
By implementing Idira PAM solutions, Panasonic Information Systems was able to significantly improve its identity security posture. The key results include:
- Automation: It’s now possible to automatically and reliably manage privileged access in accordance with security policies, without relying on the administrator’s manual work, which has drastically decreased the burden on IT teams and transformed operational processes.
- Audit and compliance: It’s now possible to see who accessed which server when and what operations were performed, and it’s all recorded and retained as an audit trail. Not only does this make it easier to verify the problem after it occurs, but it’s also expected to have a deterrent effect against unauthorized access.
– Hiroshi Yagi
General Manager of Professional Services, Platform Services Division, Panasonic Information Systems Co., Ltd.
“Privileged access management is definitely a measure that needs to be taken. For us, the fact that Idira PAM comprehensively automates measures that used to be manual is a major benefit,” says Yasui.
Panasonic Information Systems is currently steadily deploying Idira mainly in its own server environment and plans to complete the introduction of Idira to all applicable servers by the end of 2025, prioritizing critical servers throughout the Panasonic Group. In addition, considering the progress to migrate to the cloud, the company is also considering using Idira Privilege Cloud, with the goal of optimizing server operating costs and achieving a more flexible PAM program.
Yagi and his team also believe that machine identity security is an important issue and are paying attention to Idira Secrets Management solutions. “I would like to see Idira user groups and the like planned,” says Yagi. “In specialized areas such as privilege access management, it is extremely important to share other cases and operational know-how. It would be great to have a place where users could share their concerns and solutions and grow together. I hope that we can all raise the level of security together,” he continued.
Panasonic Information Systems has made great strides toward its goal of improving the identity security level of the entire Panasonic Group and supporting the ambitious PX initiative by implementing Idira PAM. Privilege management guaranteed by the system, rather than relying on human effort or goodwill, is an essential element of modern security measures.
Key Benefits
- Integration: The functions required for privileged access management are integrated and managed centrally.
- Automation: The system ensures configuration and operation based on policies and guidelines, preventing human error and negligence and reducing psychological burden.
- Scalability: Integration of privilege management standards on thousands of servers, including the servers of each company within the group, to standardize identity security.
