HENNGE One is Introduced as the Foundation for DX Promotion, IDaaS (SSO) is Improved, and Email Security is Strengthened
In August 2024, the company changed its name from Genki Sushi to Genki Global Dining Concepts Corporation. In addition to IDaaS and DLP, the company has introduced HENNGE One, which offers a wide range of functions. The new IT infrastructure provides employees with a secure and convenient way of working.
We interviewed Mr. Yutaka Ganbe, Information Systems Section, Information Systems Department, Corporate Division.
Increased burden of password management led to the decision to implement IDaaS.
At the same time, the company needed to strengthen e-mail security, including the elimination of PPAP.
— Could you tell us about the background of your decision to strengthen e-mail security and the issues you faced in the past?
For more than 50 years since our establishment, we have developed our business in Japan and overseas as a restaurant chain of sushi, a traditional Japanese food culture, focusing on three brands: Uobei, Genki Sushi, and Senryo. In August 2024, we changed our company name to “Genki Global Dining Concepts Corporation” with the intention of focusing more on other genres such as the eel business and overseas markets.
We are now promoting DX as a cross-company project. As the use of internal systems and external services increased to achieve operational efficiency and labor savings, the burden of password management was increasing. In addition, our employees often work on the road, visiting stores and meeting with buyers, etc., so we considered multi-factor authentication to be essential. Considering that SaaS use will become the mainstream in the future, we sought an optimal environment for both users and management, and began considering the introduction of IDaaS (Integrated Authentication Platform) and SSO (Single Sign-On). At the same time, the groupware we had been using on-premise was about to be switched to the cloud, and we wanted to introduce IDaaS to coincide with this timing.
On the other hand, we also wanted to move away from PPAP, which requires Zip-compression and passwords to be sent separately when sending e-mails, so we were also considering DLP (information leak prevention) products.
Initially, we had several candidates for IDaaS and DLP products, respectively. We were attracted to the IDaaS product that supports form authentication, based on the assumption that it would work with our scratch development and on-premise systems, but would we choose that IDaaS product to support the legacy systems that we would be replacing in the future, and would we double manage it with the DLP product? The question arose, “Why not choose that IDaaS product to handle the legacy systems that will be replaced in the future and manage them twice? The candidate that came up was HENNGE One, which offers IDaaS and DLP in one package.
HENNGE One, which offers IDaaS and DLP in a total package, was selected.
— What requirements did you have when considering HENNGE One, and what were the deciding factors in your decision to use HENNGE One?
The requirements were not only a high level of security, but also basic functions such as SSO and multi-factor authentication as an IDaaS. We also emphasized ease of use for both employees and administrators.
The final deciding factor, as mentioned above, was the fact that it offered the features we were looking for in one package, including IDaaS and DLP. In addition, what attracted us to HENNGE One when we found it through desk research was its high cost performance and the wealth of information it provided, including a help center and documentation. When we inquired about HENNGE One and listened to the online explanation, we found it simple to use and felt that our employees, regardless of their IT literacy, would be able to use it well.
We immediately applied for a trial and actually used the system for about a month. From an administrator’s point of view, I first wanted to understand how it works and what functions are available, and I also considered the burden of responding to inquiries from employees, etc. HENNGE One has extensive help and documentation, so there were no unclear points or concerns, and the very low learning cost was also attractive.
— How did you go about making an offer within the company?
We appealed to management about how secure and convenient the service would be, since they would not understand the concept of IDaaS. In particular, I think the convenience of not having to be aware of IDs and passwords for each service for employees and the improvement in business efficiency were particularly appealing.
— How was the transition from the trial environment to the production environment?
There were no particular points that were unclear, the setup was almost completed during the trial period, and the deployment in production was smooth. The documentation provided was so easy to understand that there was no way to get lost, and we didn’t encounter any particular difficulties. The only point we had concerns about was the integration with Microsoft 365, but the dedicated implementation support team was very helpful and supportive.
— How was the internal rollout?
We had prepared operation manuals for the different authentication screens and email attachments, but once we actually started using the system, we had very few inquiries from employees.
Reduction of man-hours for password handling and enhancement of e-mail security
IDaaS/SSO can be maintained and new services can be introduced easily.
— Please tell us about the systems and services that were linked.
When we first introduced SSO, we linked only Garoon, but since then, we have used kintone, Box, and an e-approval system through SAML integration.
— How did you feel about the results after the introduction of SSO?
The most significant result is the significant reduction in administrative man-hours as an information system administrator. When we introduce a new service, we no longer need to set individual passwords and make them known. This is a great benefit not only for the management side, but also for the user side, as there are no more inquiries from employees about forgotten passwords and no need to reset passwords. Another major benefit is that the establishment of the ID linkage mechanism has lowered the psychological and man-hour hurdles when introducing new services.
— Since you use many functions, please tell us about the results of each function.
“Email DLP” and “Secure Download” are effective in preventing misdirects and de-PPAP. They have also been well received by our employees, as they no longer have to worry about and deal with the hassles associated with e-mail. Since the procedure for sending files has changed, we had prepared a document to explain it outside the company, but we never had a chance to use it. I think the fact that the system is intuitive and easy to use, and the fact that many people, including our customers, have used HENNGE One before, were the reasons for its easy acceptance.
Regarding email auditing/archiving, we originally used other archiving systems, but they were not easy to search and were complicated to operate. The Email Archive is highly searchable, which made it easier for us to check the emails of retired employees when we took over the company.
“Secure Transfer” has enhanced security when sending and receiving large files. Although we have Box, it is only used by a limited number of employees, and only on an application basis, due to cost considerations. Therefore, many employees were using an external service, which was half-accepted by the company, but now we have established an official company system. At the same time, visualization and control of file sharing status using “File DLP” were also realized.
“Access Control” has realized unauthorized access countermeasures such as ID/password unification by SSO and terminal authentication by certificates. In the future, we plan to enhance the comprehensive security level by combining “Cloud Protection” with other security tools as countermeasures against malware and targeted attacks.
We have also been considering an e-mail training service as a countermeasure against cyber attacks for some time, and since HENNGE One offers a targeted attack e-mail training service called “Tadrill” as a feature, we are considering implementing it.
The importance of HENNGE One increases further with DX promotion.
Expect more functional updates in the future.
— Finally, please tell us your thoughts on the future and your expectations for our company.
As we promote DX, we continue to increase our use of various tools and services, and when considering the implementation of such tools and services, whether or not they can be linked to HENNGE One becomes a criterion, and I believe the importance of HENNGE One in our company will continue to increase. There are plans to move our on-premise Active Directory to the cloud in the future, but we plan to focus on HENNGE One rather than Entra ID. We are also planning to renew our network, including our stores, and introduce SASE (Secure Access Service Edge), and we plan to use HENNGE One for authentication for that as well.
HENNGE One, which is offered as a total package, is also attractive in that the functions it provides are updated every month. Looking at the roadmap, we are looking forward to seeing more features that we want to see implemented in the future, and we also expect further enhancements that will increase employee safety and convenience in the future.