PERSOL CAREER Enhances IT Security with Netskope, Creating a Comfortable Work Environment for Engineers

According to Kakita, the engineers in the Technology Division have very different backgrounds than those in a typical information systems department. “We have a lot of people with different backgrounds, from people who have worked for systems integrators to former venture company CEOs and researchers. Many of them came to us from companies of different sizes, so they have a lot of experience developing in environments that are not strictly standardized.” However, the existing IT security system that PERSOL CAREER had in place was not able to cope with the cloud services used by the engineers in the technology department.

In addition, PERSOL CAREER did not have a dedicated development environment, and it was necessary to carry out development in a robust environment that also stored the personal data of job applicants. In order to maintain robust security with measures against information leaks and security incidents, a large number of procedures are required when using external cloud and web services. As a result, applications can take nearly two months to process, and there was a risk that development would slow down and motivation would suffer as a result.

“To begin with, with the recent shift to cloud computing, the majority of our data and systems are now in the cloud. In addition, due to the impact of the COVID-19 pandemic, most of our employees are out of the office. With all of the people who operate the systems and the data they operate outside of the company, we felt that traditional perimeter-based security was completely meaningless and unable to protect anything. We needed to build security that was appropriate for the current environment,” recalls Kakita.

First, regarding point 1, in addition to the fact that the engineers in the technology department were using a variety of cloud services, there were also requests for from people outside the department to use various SaaS services. Previously, when using external cloud services, it was necessary to follow the traditional prescribed procedures, but by introducing Netskope, which supports thousands of cloud services, it was hoped that greater benefits could be achieved.

Next, in relation to point 2, if you require specialized skills to configure the settings, as you do with traditional network security devices, you will not only have to spend money on training staff, but you will also have to deal with issues such as dependency on specific individuals. To eliminate these problems up front, Kakita says, “We think it’s important for security tools to be easy to use and accessible, and Netskope was outstanding in this regard.”

Regarding point 3, Kakita appreciated the responsiveness, problem-solving skills, and ability to make suggestions of the Netskope Japan representative. He recalls that this was the most important factor for him. One of the advantages of cloud computing is that you can start using the service immediately, and the same is true for security solutions and services like this. In addition to the fact that they responded very quickly to our request to try it first and provided a response to email consultation that was almost as fast as a chat, they also made a proposal that hit the nail on the head after understanding the content of our consultation, which left a good impression.

In particular, since Netskope is a product that works at the endpoint, if users do not get the response they expect during interactive terminal operation, investigating whether there is a dependency on Netskope and how to quickly develop a workaround if there is a relationship is a very important point to gain user understanding when introducing the product, and this was a major point in the decision to officially introduce it.

As a result, we started looking at the project in July 2020, set up a validation environment and started PoC in August, and then went through the internal approval process at the end of September before launching the project.

With the introduction of Netskope, PERSOL CAREER has been able to greatly streamline its development environment while strengthening its DLP. Kakita says that “the quantitative effects will be measured from now on,” but the fact that the application process, which used to take two months, has been reduced to zero is a notable effect. “What used to have to wait for approval from the information security department can now be approved by the manager of each department.”

In addition, the information security department’s attitude toward various cloud services has also changed. “Now, each person in charge is promoting the fact that by introducing Netskope, they have prepared an environment that can greatly reduce the traditional application procedures, and they are recommending it to those who apply to use cloud services. If this kind of movement becomes standardized, I think we will see tangible quantitative results,” says Kakita, expressing his hopes.

Currently, Netskope is mainly used by employees in the Technology Division, such as engineers and project managers. However, Kakita says that this is not the end of the story, and he hopes to spread Zero Trust Security beyond the Technology Division.

“In the future, I think people in all kinds of professions will be able to work from home because of changes in the regulation. It is important that technology keeps up with these changes in the environment and the law.”

Kakita is also working with PERSOL HOLDINGS’ IT security department to consider how we should protect ourselves, and he says he would like to try an approach that changes technology from the bottom up, starting with individual companies. “At PERSOL HOLDINGS, there is currently a movement to implement Netskope’s CASB, but by using it ahead of time, we want to create a flow that properly achieves zero trust and SASE, while sharing the knowledge and expertise we have accumulated through its use, and without making the implementation of Netskope or CASB products the goal.”