Herausforderungen
Traditional perimeter-based security had reached its limits in implementing cloud solutions to support digital transformation
Unified security across the group was essential to aim for regional value creation
Ergebnisse
Enables secure connections to the internet and in-house systems, both internally and externally
Reduced private access communication costs by one-third
Updated infrastructure without changing user operations through SSO system integration
The Bank of Saga Snapshot
The Bank of Saga is a community-focused financial services provider emphasizing digital transformation.
Industrie:
Financial Services and Insurance
Hauptsitz:
Saga City, Saga Prefecture, Japan
Größe:
1,200+ employees
Fallstudie
In line with its slogan, "In this town, with you," the Bank of Saga aims to provide community-rooted services. Recently, the bank has been promoting initiatives to create value beyond the financial sector across the entire group. Amid the region’s expanding digital transformation needs in wake of the COVID-19 pandemic, the bank is advancing digital transformation both for its customers and to support its infrastructure. Existing traditional perimeter-based security measures posed a major challenge. To balance convenience and security while unifying protection across the banking group, the Bank of Saga implemented Zscaler zero trust solutions.
Achieving convenience and security by moving beyond boundary-based protection
The Bank of Saga has set out a mid-term management plan to contribute to a sustainable regional society and economy, with digital transformation as a core initiative. The bank is ambitiously working to enhance customer convenience and added value by promoting digital transformation among local businesses.
Hiroaki Hayashi, Deputy Director of the Systems Department at the Bank of Saga’s Business Management Headquarters, explains, "For customer-focused digital transformation, we are strengthening channels through smartphone apps and the web. Naturally, this requires the cloud, so we are also planning to shift the Bank of Saga’s internal systems to the cloud."
However, the bank’s previous information systems relied on perimeter-based security, which separated the internet from on-premises systems. Hayashi notes, "As we shift to the cloud and increase the use of SaaS, direct connections to the internet become more frequent. While perimeter-based security is suitable for protecting internal systems, it has limitations around convenient access to the cloud and external resources. We decided to implement zero trust security, which doesn't depend on access location."
There was another security challenge. The Bank of Saga is transitioning its entire group into a "consulting firm" to address the business challenges companies face. Although there were security regulations for access control across the group, specific measures were left to each group company. The risk of an attack on the weakest link in the supply chain highlighted the need to unify and enhance security across the entire group.
Evaluating the balance between high functionality and cost
To enable cloud migration, the Systems Department decided that adopting zero trust security would also achieve access control for the entire group. After comparing products from multiple vendors, they selected Zscaler.
Focusing on two key requirements—managing and monitoring internet access, and controlling private access to the internal network from external devices—the Bank of Saga ultimately chose Zscaler zero trust solutions for their advanced functionality and cost-effectiveness. "Zscaler is a top leader in the industry and excelled in overall balance, which was a significant factor," said Hayashi.
The bank deployed Zscaler Internet Access™ (ZIA™) for managing internet access and Zscaler Private Access™ (ZPA™) for protecting internal communications. The private access functionality was particularly valued. "ZPA offers robust control features for accessing the internal network from external sources, and we appreciated the detailed configuration options," Hayashi explained.
Don’t make zero trust security a cost center
The Bank of Saga considered costs from various angles. One of these was the communication costs of accessing the company's internal systems from outside. "We introduced a thin client system about seven years ago and connected via mobile communications over a closed network, but this was costly. ZPA allows for safe private access from outside, and security can be guaranteed even over the internet. By eliminating the closed network connection and going direct-to-internet, we were able to reduce communication fees by about one-third," says Hayashida.
Regarding security management for the entire group, Hayashida said, "If we set up a proxy server at each branch, we would also incur implementation and management costs for each branch. Most branches do not have a dedicated IT team, so the burden on each branch would increase. If we use Zscaler to centrally manage security at the parent bank, we can implement unified measures across the entire group while keeping costs down."
The Bank of Saga also evaluated the benefits of introducing zero trust security, such as secure remote work. Creating a secure, mobile-friendly environment, including cloud services such as Microsoft 365, will change the way people work and communicate. "Just being able to hold online meetings from anywhere can reduce travel time, transportation costs, and other expenses," said Hayashida. Even if security measures incur costs, those are outweighed by benefits and cost savings elsewhere.
Enhancing trust with reliable access control
In early 2022, the Bank of Saga began to gradually distribute PCs with the Zscaler Client Connector™ agent installed, aiming to have a zero trust security system in place by mid-2023. "Because it is a cloud-based solution, we were able to build the system in a short period of time," said Hayashida. "From spring 2023, we will enter the actual usage phase with 1,800 licenses."
As the Zscaler rollout progresses, Hayashida points to support for single sign-on (SSO) as a key to user convenience. "The Bank of Saga uses HENNGE One IdP Edition for SSO. Zscaler can use SSO linked to HENNGE One, so bank employees can log in to Zscaler without even thinking about it, and access private information using the same screen operations they used to log in to Microsoft 365," he said.
"I feel that the cloud-based Zscaler Zero Trust Exchange offers great advantages, as it does not require hardware or software updates like on-premises solutions and can be used while expanding functions nonstop," Hayashida said. From now on, as the Bank of Saga provides value to solve local issues, Zscaler will support digital transformation as the security infrastructure.