Please select a language

Please select the country/region where you would like to introduce your business.

Contact Us
Contact Us

Please select a language

Please select the country/region where you would like to introduce your business.

Cloud App Microsoft 365 Windows 10

Office 365 provides a convenient and secure way for you to share your emails, schedules, and files with your colleagues.

Security feature that provides greater functionality than Windows (R) 10 Pro and protects your system from evolving cyberattacks and targeted threats

Windows Defender Credential Guard

Authentication information will never be stolen even if the system is infiltrated.

Storing authentication information in a secure environment

Important authentication information is stored in a secure environment independent of the environment in which Windows (R) OS operates, which denies access to malware that has infiltrated Windows (R) OS.
Even if a device is infected by malware and local administrator access has been stolen, you can prevent the damage from spreading.

This feature can be set and managed using group policies, the command prompt, and PowerShell.

Common problems until now

  1. Because authentication information is stored in Windows OS as hash values, it can be stolen by an attacker.
  2. An attacker who has stolen authentication information can break into devices on the company network one after another and eventually obtain illicit access to the company's overall administrator accounts. (Pass the Hash attack)

Solution with Windows 10

  • Credential Guard restricts access to authentication information.
  • Because authentication information is isolated in a virtual machine, authentication information is cut off so that attackers cannot steal the hash values.

With respect to targeted threats, which are one of the issues we must address these days, people tend to focus only on measures that address the gateways to the attack, as seen in targeted email and zero-day attacks.
If you analyze attack techniques, however, you will come to realize it is important to protect authentication information and account information as well. Credential Guard protects your authentication information from attackers, preventing Pass the Hash attacks and thus protecting the company's overall administrator authority as well as preventing theft of data.

Windows Defender Device Guard

Executing only verified applications and protecting devices

Only verified applications are permitted to be executed

Execution of malware, such as targeted email attacks and applications unauthorized by the administrator, is blocked.
Unlike measures that rely on a conventional blacklist (in which known malware must be registered in advance), this feature can also protect against zero-day attacks.

Possible to start protecting the device from boot processing upon starting the device

Because the device is started by secure boot, it is possible to prevent operation of malware transmitted to master boot upon starting the device.

Common problems until now

  1. An attacker sends a spoofed email to prompt the email recipient to execute a malicious application.
  2. The device is infected with malware, and a backdoor to a server is created.
  3. The attacker launches an attack through the backdoor to steal data.

Solution with Windows 10

  • Device Guard limits execution to only verified applications.
  • Execution of malware is blocked; therefore, the system is protected from targeted and zero-day attacks.

The methods employed by targeted email attacks evolve continuously. Attackers use a variety of spoofing techniques to deceive receivers. It is not enough to tell users not to open suspicious emails.
In addition, new viruses and variants as well as zero-day attacks cannot be prevented by traditional anti-virus software. Device Guard protects your devices from becoming infected with malware.

Microsoft Defender For Endpoint

OS standard client

A behavior sensor built into the OS enables you to record the details of various behaviors in the form of logs.
There is no need to expand and manage agents on devices.
This enables you to attain extremely high performance.

High detection accuracy

Based on enormous amounts of data collected, stored, and analyzed by Microsoft, detection is carried out according to a knowledge base that employs the results of machine learning and security analyses.
The data is always kept up-to-date, allowing you to recognize signs of attacks as well.

Prompt, flexible response

Obvious threats will be removed automatically upon detection. Moreover, it is possible for the administrator to select the desired action flexibly for the target client device from the console.

Microsoft Defender for Endpoint functional examples

Monitoring with up-to-date information

Collected data is analyzed using up-to-date information. The administrator does not have to do anything. This feature can recognize not only new threats but also signs of an attack.

Prompt action

You can take the necessary actions for the target client device from the management console, including stopping a specific suspicious program or disconnecting from the network.

Identifying root causes

You can investigate through which channels an incident spread and what kind of impacts an incident has had as far back as 180 days ago.

Security integrated management

By linking your system with the Microsoft Defender series, you can perform comprehensive security monitoring and management.

  • Using digital tools to enhance communication in the new normal

For work-style reform during the global COVID-19 pandemic

Telework has increased rapidly due to COVID-19 and is now drawing attention not just as a step to prevent the spread of COVID-19 but as a new style of work. Meanwhile, telework presents problems and concerns associated with workers not going to the office.
Here are concrete solutions to address such concerns.

  • Generate synergy through global IT governance

We offer standardized, secure systems
that can flexibly respond to market changes

As the economy becomes ever more globalized, companies need to build out IT infrastructure and install software at all of their locations worldwide, which makes it harder to share information swiftly and securely.
Global IT governance at your company headquarters will enable you to build effective IT systems that can generate synergy.

What is the best solution for your problem?
Please consult a KDDI consultant.