IIJ Launches CSPM Solution to Visualize Security Risks in Multi-cloud Environments

• PDF [473B]

• Japanese Version

TOKYO-February 18, 2021-Internet Initiative Japan Inc. (TSE1: 3774), one of Japan's leading Internet access and comprehensive network solutions providers, today announced the launch of the IIJ CSPM Solution, a solution for visualizing security risks in cloud environments. It detects inadequate settings and provides centralized management of settings for multiple systems built on various cloud services, including Amazon Web Service (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

In recent years, many companies have been using the cloud to cope with rapid environmental changes. Thus multi-cloud usage is spreading, with users applying multiple cloud services to different purposes. Simultaneously, cloud services make system construction, expansion, and modification so accessible that different departments individually build the many cloud systems. This situation poses challenges for these firms to perceive and manage each system's status, security settings, and other configurations in an integrated manner. The concept of "Cloud Security Posture Management (CSPM)" is gaining attention as an approach to solve such issues and to use public clouds safely. With the launch of the new IIJ CSPM Solution, IIJ added CSPM-based security measure to its security solution lineup, which all the cloud systems can be centrally managed with a unified policy. Using this solution allows customers to deter attacks and security incidents on systems caused by inadequate IaaS settings.

Overview

The IIJ CSPM Solution offers CSPM mechanisms that continuously monitor cloud system configuration to ensure that security settings are correct and in line with policies. It uses Prisma® Cloud, a CSPM product from US-based Palo Alto Networks®, to analyze access rights and parameter settings for each cloud resource-including network configurations, storage settings, account control, and encryption settings-to detect vulnerabilities due to inadequate settings and suggest corrective measures.

Features

Makes it easy to centrally manage multi-cloud environments using only APIs

The solution uses APIs to link and monitor each cloud service, readily visualizing and centrally managing resource usage even in multi-cloud environments. Since accessing instances is not required during monitoring, it does not increase system load.

Automatically identifies and analyzes problematic settings and even automatically repairs them

The solution checks for compliance with the CIS Benchmark(*1) and other security standards, along with the EU's personal information protection law, GDPR, the NIST Cybersecurity Framework(*2), and PCI-DSS(*3). It identifies settings in violation of these requirements, classifies problematic areas by risk level, and notifies administrators using alerts. The management screen displays these alerts and the related configuration changes in chronological order, allowing administrators to immediately identify and analyze problematic areas. When it detects these areas, it shows the steps to fix any issues. It can also repair configurations at the click of a button or automatically, using predefined rules.

Full technical support enables worry-free operation even after installation

In addition to policy tuning and other initial installation support, IIJ also provides operational services, such as adding cloud systems and user accounts to be monitored. Moreover, customer companies can operate using the latest security standards just by merely applying updated policies to the cloud environments used by their various departments. IIJ also provides a technical help desk for operation and monitoring including knowledge of AWS and Microsoft Azure, so customers can feel at ease even once the solution is up and running.

• (*1)Established by US-based security organization, the Center for Internet Security (CIS), these guidelines establish configuration standards and best practices for building secure systems.
• (*2)Issued in 2014 by the US governmental agency, the National Institute of Standards and Technology (NIST), this framework is meant to improve cybersecurity within priority infrastructure.
• (*3)An abbreviation of Payment Card Industry Data Security Standards, the PCI-DSS offers global security standards for the handling of credit card data.

Pricing

• Initial installation support fee: Starts at JPY3.0 million
• Operations and monitoring: Starts at JPY3.6 million per year

• (*) Prisma Cloud licensing fees charged separately.

To promote a social infrastructure through which anyone can safely use the Internet, IIJ continues to employ its wizSafe brand, a security business brand based on the idea of "making safety a matter of course."

The statements within this release contain forward-looking statements about our future plans that involve risk and uncertainty. These statements may differ materially from actual future events or results.

For inquiries, contact

IIJ Corporate Communications

• +81-3-5205-6310
• +81-3-5205-6377
• press@iij.ad.jp

• (*)All company names and service names used in this press release are the trademarks or registered trademarks of their respective owners.
• (*)Palo Alto Networks and Prisma are the trademarks or registered trademarks of Palo Alto Networks in the US and other countries.