Cloud First Secure Modern Workplace
Kosé Corporation is a Japanese multinational cosmetics and skincare company. Founded in 1946, Kosé is headquartered in Tokyo, Japan, and operates in over 40 countries around the world. Overall, Kosé Corporation is a leading player in the global cosmetics and skincare industry, with a strong focus on research and development, quality, and sustainability.
The COVID-19 pandemic has dramatically transformed the way businesses operate, with many organizations adopting remote and hybrid work arrangements to ensure business continuity. However, this shift has also led to increased cybersecurity risks, making it crucial for companies to prioritize IT security measures. Recognizing the importance of a strong and secure IT infrastructure, Kosé Singapore engaged Adventus to help improve its cybersecurity posture.
Upon gaining a deeper understanding of Kosé's objectives and desired outcomes, Adventus conducted a comprehensive assessment of the organization's current IT environment to identify potential security vulnerabilities. After identifying areas of risks, Adventus provided recommendations to enhance Kosé's cybersecurity posture and provided consultation to help Kosé understand the technology stack, risks, costs, benefits, and impact for them to prioritize the cybersecurity measures to invest in. After careful considerations, Kosé decided on and Adventus proceeded to deploy the following cybersecurity solutions:
1. Using the Zero Trust security model and leveraging Microsoft Azure AD (now renamed as Microsoft Entra ID) and Microsoft Intune, Kosé’s Microsoft 365 tenancy was strengthened and enhanced with the deployment of Zero Trust Identity and Device Access Protection that includes:
2. Migrated on-premises File Server to Microsoft SharePoint Online and strengthened file sharing, access control and other security control policies on Microsoft SharePoint based on Zero Trust security model.
3. Built virtual servers with strong security controls and Virtual Desktop Infrastructure (VDI) that integrates with Microsoft Intune on Microsoft Azure and migrated applications running on on-premises servers to Microsoft Azure virtual servers.
4. Deployed a top-tier cloud-based Multi-Factor Authentication solution for access to all servers and PCs. Access to servers and PCs require an additional layer of authentication via a mobile application on top of username and password.
5. Deployed a leading cloud-based Endpoint Protection solution (to all servers and PCs) that has extended detection and response (XDR) capabilities, zero trust capability, anti-ransomware capability and artificial intelligence to provide effective defence against a broad range of and sophisticated threats and malware.
6. Deployed a best-in-class cloud-based Patch Management solution that is able to patch both Windows and Mac operating systems, that supports a huge library of third-party applications and does not require the devices to be in the local network to automatically patch the devices within the shortest time upon the release of available patches.
7. Deployed a top-notch cloud-based Spam Filter solution that has machine learning, artificial intelligence, heuristic analysis, and multilayer filtering to accurately distinguish between spam and legitimate messages.
8. Engaged the services of Adventus Security Operations Center (SOC) to ensure that all Microsoft 365, endpoint, patch management and firewall security events are religiously monitored and effectively responded to.
Without the need to maintain physical servers, Kosé enjoyed the benefits of improved scalability, cost savings, reliability, and accessibility. Additionally, Microsoft Azure provides a high level of security, with multiple layers of protection for data, networks, and applications.
Integrating data within a unified platform that combines Microsoft 365 and Azure yields significant security benefits. This synergy enhances data protection by offering centralized identity management, robust threat detection, and access controls.
Implementing Virtual Desktop Infrastructure (VDI) on Azure prioritizes security by centralizing data and desktops in Azure's trusted cloud environment. This approach ensures data protection, access controls, and encryption, safeguarding against data breaches and data loss. Azure's advanced security features, such as identity and access management, threat detection, and compliance tools, enhance VDI's overall security posture, making it a secure solution for remote workforces while minimizing risks.
Microsoft Intune offers robust mobile device management (MDM) and mobile application management (MAM) capabilities, ensuring secure and efficient management of devices, apps, and data in organizations. It streamlines device provisioning, enhances security with policies and remote wipes, and enables remote work flexibility while maintaining data protection and compliance.
SharePoint Online allowed more secure ways of sharing files between employees such as permissions and access control, which can help to protect sensitive information. It also protects the files from internal or external threats.
Multi-factor authentication (MFA) for PC and server access adds a critical layer of security by requiring multiple forms of verification, such as passwords and biometrics. This significantly reduces the risk of unauthorized access, data breaches, and cyberattacks. MFA enhances data protection, compliance, and overall security by ensuring that only authorized users can access sensitive systems and data.
Patch management solution automates the process of identifying and deploying updates. Whenever there are new patches, they are automatically pushed to all devices remotely wherever they are in the world. This reduces the risk of errors or oversights that can occur with manual updates. More importantly, they enhance cybersecurity by closing vulnerabilities that attackers exploit, reducing the risk of cyberattacks. Patch management also ensures system stability, performance, and compliance, minimizing downtime and improving overall IT efficiency and reliability.
A robust endpoint protection solution enhances cybersecurity by detecting and blocking a wide range of threats, including malware and ransomware, protecting sensitive data and systems. The solution also provides better visibility into threat activities, enabling faster incident response and identifying weaker computer users that require additional training.
A good spam filter solution greatly reduces the number of spam, phishing, and malware-laden emails from reaching computer users, significantly minimizing the probability of users falling prey to such emails, enhancing cybersecurity. Also, users can now focus on legitimate messages, leading to increased efficiency.
Engaging Adventus to provide Managed Security Operations Center (SOC) Services has led to positive outcomes such as reduced response times to security incidents, increased threat visibility, and improved incident handling as identifying and mitigating threats, protecting sensitive data, and enhancing overall organizational resilience against cyberattacks.
With Adventus Managed Security Operations Center (SOC) Services providing proactive monitoring, incident analysis, early threat detection and rapid response have led to a significant reduction in cybersecurity incidents, reduced response times to security incidents, increased threat visibility, and improved incident handling; enhancing overall organizational resilience against cyber-attacks.
Adventus has a professional and responsive team. We switched from an onsite server to a cloud system and implemented additional IT security controls to strengthen and improve the IT infrastructure as well as IT controls to reduce cybersecurity risks.
says Ms Sherlyn Low of Kosé Singapore Pte Ltd
Speak to us about your IT needs
Consult with our Enterprise Account Managers and Specialists
