Founded in 1915, the 101 years old, Yokogawa Electric Corporation (hereafter known as Yokogawa Electric) has faithfully carried on the spirit of its founders and expanded its business into various new fields under its corporate philosophy of “contributing to a more abundant society through measurement, controls, and information”. In order to provide its customers with high quality products and services, it remains committed to embracing change and seeking innovation in an unwavering commitment to the spirit upon which it was founded.
As a global enterprise providing products and solutions to customers throughout the world, Yokogawa Electric’s site and service system portal, has become indispensable as its key point of contact with its customers. In line with the ever-strengthening trend of incorporating cloud computing into enterprise systems, Yokogawa Electric has decided to transit from an on-premise to an Amazon Web Services (AWS) environment with the intention of both reducing costs and enhancing the incident response capability of its website to facilitate greater global expansion. Taking the opportunity of this transition, it has structured its website to incorporate AWS to maintain all essential elements of its old on-premise system while offering optimum protection against various internet threats and attacks.
ISSUE: Installing a WAF that can be operated by an on-site manager who is not a security specialist
Yokogawa Electric, like many global enterprises, was considering utilizing cloud-based services as the core infrastructure to operate its website, and decided to use AWS in 2014. Yokogawa Global System Project Department (YGSP), a department located in the Information Systems Headquarters promotes business with its global partners, Yokogawa Electric transitioned from its traditional on-premise environment, including dedicated customer portal sites that were going global and were operated by individual departments, as well as service systems and marketing systems, to an AWS system. The aim of this transition was to improve the site’s incident response capability when in use, as well as to reduce operational costs. It became clear that an infrastructure for protecting site content from various types of attacks, many of which were targeting websites in particular, was essential as a security strategy for running AWS. However, the key obstacle that arose was that there were no security specialists within each department.
Junko Yamashita of the Information Systems Department had this to say about that situation. “Unlike enterprises that have their own CSIRT system in place, there are no security specialists in our departments, and operations are outsourced. However, guaranteed protection of our AWS website content and applications are an absolute essential requirement. For that reason we “security amateurs” felt that the WAF (Web Application Firewall), even if outsourced, requires proper operation even with minimal resources, and is therefore indispensable.”
As Yokogawa Electric expands globally and gains recognition, its corporate website is subject to numerous overseas attacks, especially from Asian countries. The frequency of these attacks is especially high during long holiday seasons such as during New Year’s or during the summer Obon (Japanese Buddhist custom to pay homage to ancestors) holidays. Of course, countermeasures were devised to eliminate these attacks even during the previous on-premise days. Although the attacks at that time did not lead to any actual damage such a site tampering, the security-related workload, such as log analysis, was still a major burden. With the transitioning to website the workload of the in-department security manager has lightened. From mid 2014, WAF was implemented to provide greater protection for the website against a wider range of attacks
The Implementation Process: Deploying Imperva as the only WAF for AWS that Enables a Security Gateway
Along with reducing the workload associated with secure operation, one absolute prerequisite in the selection process for a suitable solution was the ability to have a security gateway. Junko Yamashita says, “In the process of using AWS in our business, it was assumed there would be an increase in the number of VPC (Virtual Private Cloud). With this in mind, rather than a configuration requiring the separate setting up of a WAF for each application, we were looking for a solution configured to connect multiple independent VPCs each deploying WAF.”
While looking for solution, we learned about Imperva when we checked the results of the survey that Gartner conducted into security solutions. Imperva’s SecureSphere for AWS protected applications hosted on the Amazon cloud from attacks targeting the Web. It was a solution that could prevent data infringement, and it was extremely simple to operate. Their features coincided with our key requirements. Furthermore, in the latter half of 2014, VPC Peering was also enabled, which was a key factor in realizing a security gateway. “In addition to the overwhelming high performance results of the WAF, and the ease of operation, Imperva’s SecureSphere for AWS was the only solution that enabled a security gateway in the AWS infrastructure.” said Junko Yamashita. “Consequently, we decided to use it as the only solution that met all of our security requirements. The official decision to use SecureSphere for AWS was made, and actual use commenced in April of 2015”.
RESULTS: Security-related workload has been reduced, and we have been able to use our internal human resources for work with greater added value.
“People like ourselves, who are in charge of security despite not being security specialists, firmly believe that using Imperva’s solution was the right decision for a stress-free and easy operation. The former manager for web security who used to check logs and devise security patches has now been freed from these responsibilities. The lowering of these regularly incurred labor costs was one of the biggest merits of adopting Imperva. More importantly, the time once spent on mundane security tasks is now spent on more urgent and higher level work of far greater value”. says Junko Yamashita.
Handling security by means of manual tasks performed by the person in charge was not the only actual work burden; there was also the burden of demotivating tasks such as checking whether or not each business unit was actually using security patches. Junko Yamashita emphasizes that, “I think a real security approach should proceed without questioning others, and should not be handled by first doubting them and then checking up on them.”
Masayuki Yoshida in the YGSP Department of the Information Systems Headquarters that is involved in running the website along with Junko Yamashita says, “I feel that in addition to the ease of operation, the simplicity of installation and tuning is also a merit of SecureSphere for AWS. The installation was completed very quickly, and we were able to move right ahead with narrowing down possible blockages while the data was running. Ever since its installation a year and a half ago, we’ve had no trouble related to the WAF.” Currently our website, which includes our customer portal, has been set up to output our logs to Amazon S3 and analyze them with Splunk. “I’m quite sure that very few businesses have an in-house CSIRT set up specifically for security purposes. And when the manager who is operating the web is far from being a security specialist, much like ourselves, I believe that introducing the SecureSphere for AWS is the best possible solution. “ (Junko Yamashita)
Future Prospects: Establishing a User Group to Optimize Imperva’s Capabilities
Yokogawa Electric, which has enjoyed the good results it had hoped to achieve from the introduction of Imperva solutions, such as a lighter security-related workload and more effective use of its in-house resources, plans to continue to utilize SecureSphere for AWS and continue to fully protect its website.
Junko Yamashita touched on some new measures intended to further enhance the Imperva solution. She referred to a user group being established in the future, saying,
“Up to now I think the person in charge of security within the corporation was relegated to analyzing the system logs by themselves and silently going ahead with their work. However, in the security world I think sharing information is going to become increasingly important. Sharing information about web threats and attacks, and working together to discuss new strategies is bound to be far more effective, so we are eager to see the results we get from setting up a user group for Imperva products.” Imperva’s SecureSphere for AWS allows users to have a seamless and secure experience, while providing daily support services to the YGSP Department Manager.