Professional Documents
Culture Documents
In recent years, cyber attacks on information systems against commercial systems built and operated for its
such as unauthorized access via Internet, internal intru- customers, is taking the following 4 steps of (1) building
sions by means of malware (so called targeted attacks), appropriate security measures starting from the devel-
etc., have increased in intensity. In order to respond to opment stage, of (2) establishing periodic vulnerability
these attacks, in addition to dealing with all the known checks (security diagnosis) for operating systems, of (3)
vulnerabilities (security deficiencies) of information sys- setting up a framework for promptly responding to
tems relying on the latest information available, it is also detected critical vulnerabilities and of (4) ensuring sound
important to devise measures for detecting threats and operational management of important information.
for neutralizing damage in consideration of the attack
Dealing with the latest security technology trends
methods. On the other hand, given the parallel occur-
rence of internal malfeasance episodes, such as the The NTT DATA Group, in connection with imple-
unauthorized appropriation of large quantities of per- menting the above steps, in addition to promptly
sonal information or of information tied to large amounts sharing information on the latest security technol-
of cash, there is also a definite need for sound opera- ogy trends and vulnerability information, will
tional management of this important information. apply the above-mentioned response to develop-
The NTT DATA Group, in order to thoroughly ensure the ing and operating commercial systems and will
prevention of internal malfeasance as well as to strive to provide systems which can be used safely
strengthen its capabilities to respond to cyber attacks and securely.
NTT DATA conducts risk analysis for internal operation regular basis in order to detect Web falsification at an
systems on an ongoing basis and actively introduces early stage. The cyber attack detection system incorpo-
security measures to its internal IT platform for dealing rates in real time the logs of network devices and secu-
with the information security risks posed by new threats. rity devices into a database, detects cyber attack by
At present, the security measures consist of three sys- using in-house developed detection patterns and iden-
tems, patrol & monitoring system, cyber attack detec- tifies malware-infected PCs. Using information provided
tion system and dynamic defense system. These sys- by the cyber attack detection system, the dynamic
tems are developed and operated by NTT DATA. defense system cuts off communication between suspi-
The patrol & monitoring system crawling Web sites on a cious sites and PCs and isolates malware-infected PCs.
Suspicious
Attackers
site attackers
Periodic crawling
Various logs
Dynamic defense system Automatic
cooperation
Cyber attack detection system
Real-time communication cutoff
Real-time detection
Quarantine
Malware-infected PC
MERMaides It effectively protects information by isolating business data within a mobile device
mobile platform and encrypting the business applications and data stored therein. Furthermore, by
linking up with existing authentication systems via the mobile gateway feature and by
seamlessly performing synchronization with internal e-mail and business systems, it
allows one to conduct business anytime and anywhere.
- Application delivery server
- Authentication server
MERMaides server - Corporate applications
- Administrato
MERMaides Synchronization
application
Data of employee A Data of employee A
@
Data of employee B
NOSiDE The NOSiDE quarantine system inspects computers accessing the Internet. It protects
quarantine computers from cyber attacks exploiting vulnerabilities via the Internet. Also it pre-
vents malwares from leaking information to the Internet. The system allows compliant
system
computers to access external sites. On the contrary it prohibits noncompliant comput-
ers from accessing them.