Kawaguchi-Shinkin Bank

Improves its network security

Overview

Established in 1924, Kawaguchi-Shinkin Bank is a mutual aid-oriented financial institution deeply rooted in the southern Saitama Prefecture region, where its 45 branches are concentrated. In 2016, it opened a newly constructed main branch. Kawaguchi-Shinkin Bank is a member of the National Association of Shinkin Banks, and uses their mainframe computers and subsystems on a joint basis for its accounting and information systems. Its Systems Section operates and maintains all accounting and information systems, plans system introductions, and manages 150 PCs, 50 physical servers, and 500 thin clients.

Challenges

Protecting customer information is a top priority at Kawaguchi-Shinkin Bank. However, recent reports of growing cyberattacks led the bank to consider the need for additional IT security. “In the past, we implemented security measures centered on network entrance points and endpoints. Cyberattacks are becoming increasingly sophisticated and complex and often evade conventional security measures,” said Yoshitaka Kokubu of Kawaguchi- Shinkin Bank.

In addition to increasing attacks, guidelines from the Financial Services Agency also called for multi-layer defenses through entrance point, exit point, and internal measures. “Based on the premise that threats could invade our network, we needed a new security solution to perform early detection and quick initial response to threats,” said Kokubu.

The bank was also concerned that vulnerabilities inside its network could be exploited by attackers. Multiple systems and business applications run on the bank’s network, including a wide variety of operating systems and middleware. The bank is often required to use older versions of software and faces limits on the application of upgrades and security patches, resulting in additional risks. “In a worst-case scenario, if we failed to detect threats we could become a victim of one of the massive cyberattacks making recent headlines,” said Kokubu.

"The introduction of Deep Discovery Inspector improved visibility across our network to simplify risk evaluation and allow us to quickly detect and respond to threats."

Yoshitaka Kokubu,
Section Manager,
Kawaguchi-Shinkin Bank

Why Trend Micro

The bank understood it needed a powerful security solution that could protect its systems and data from increasingly sophisticated attacks. After considering options, the bank chose Trend Micro, which was well-known for its powerful IT security solutions. “Many of today’s threats are backed by large organizations. In this environment, we believe that introducing and operating a reliable product from a company with world-class technology would be a useful countermeasure,” said Kokubu.

To ensure the Trend Micro™ Deep Discovery™ Inspector (DDI) solution met the bank’s needs, Trend Micro performed a proof of concept for the bank. “Trend Micro quickly set up an opportunity for testing DDI. After a month of testing, we confirmed that there had been no intrusions. This was very helpful and we made the decision to implement DDI,” said Kokubu.

Solution

Kawaguchi-Shinkin Bank selected Trend Micro™ Deep Discovery™ Inspector (DDI) for improved network visibility. It also met the Financial Services Agency security guidelines for multi-layered defense.

The solution allows the bank to assess what is happening inside its network by connecting to network switches and monitoring outbound information system communications. “Three times a day, multiple Systems Section staff members check the threat detection status using DDI’s console, so we know the system is protected,” said Kokubu.

The bank also uses Trend Micro™ OfficeScan™ for its endpoint security. “We really appreciate the automatic protection afforded by OfficeScan integrated with DDI. The combined solutions significantly enhance our defensive capabilities,” said Kokubu.

Finally, the bank introduced Trend Micro™ Deep Security™, an integrated server security solution, which further strengthens multi-layer defenses. By introducing security solutions from a single vendor, the bank has improved the efficiency of IT security operations.

Results

Kokubu stresses the “peace of mind” his team gained after introducing Trend Micro™ Deep Discovery™ Inspector(DDI). “With Trend Micro DDI, we can confirm that there are no threats within the network, quickly assess any problems that do occur, and respond rapidly. Improving network visibility has also made risk assessment easier,” said Kokubu.

The DDI console also received praise from the bank for its usability. “Through the console’s drill-down features, we can view detailed information while getting a quick overview of the system’s status. We also receive immediate alerts when traffic increases or when thresholds are otherwise exceeded,” said Kokubu.

What's next?

Kawaguchi-Shinkin Bank is launching a Computer Security Incident Response Team (CSIRT) that cuts across divisions. For the CSIRT, Trend Micro™ Deep Discovery™ Inspector will play a central role detecting threats within the Security Operation Center (SOC). “Starting with protecting our customers’ information assets, we intend to continue enhancing our security countermeasures,” said Kokubu.