HENNGE One was introduced to promote business transformation.
HENNGE One enables enhanced email security and improved convenience by eliminating PPPAP.
JPX Research Institute, the core company in charge of the data and digital business of the Japan Exchange Group (JPX), deployed HENNGE One in accordance with its cybersecurity response plan to resolve security and convenience issues related to email, such as PPAP and large file transmission. The IT Business Department’s Digitalexpress, a new system, was introduced this time.
In this interview, we spoke with Kyoichi Nishibata, Director of Digitization Department of IT Business Division, Hiroki Kaneko, Research Manager, and Ryota Ozashi.
Promoting Market Transformation and
Decided to move away from PPPAP to eliminate security risks
— Please tell us about the background of your efforts to strengthen e-mail security and the issues you faced in the past.
In its Third Medium-Term Management Plan, the Japan Exchange Group aims to evolve into a “total smart exchange” where anyone can trade any commodity safely and easily. As a key strategy, we are working to diversify and develop next-generation data and indexing services through technological innovation and new partnerships, to create an IT infrastructure to support the future of our business and society, and to develop human resources. JPX Research Institute was established in 2021 as the core company for the data and digital business. As a user company, we aim to catch up with and surpass the rest of the world, while at the same time, as a group of engineers, we are committed to creating user-friendly services on our own. We are promoting market transformation by actively utilizing multi-cloud, agile development, and speedy use of cloud services. (Mr. Nishibata)
We have been implementing a “Cyber Security Response Plan” for several years regarding security, which requires a high level of security due to the nature of our business. In the process of promoting thorough digitization and sophistication of information use to achieve market transformation, we became concerned about security risks such as information leakage from ZIP files with passwords and the PPAP method of sending passwords separately, difficulties in checking for viruses, and vulnerabilities in the strength of ZIP encryption. We were concerned about security risks such as information leakage, difficulty in checking for viruses, and vulnerability of ZIP cipher strength. Until now, when sending an e-mail with an attached file, the file is automatically ZIP-compressed and the password is sent to the recipient, who then sends it to the recipient again. In addition, each department had its own system for sharing large files, and there was no common system for the entire company. The management side had to be consulted each time to evaluate the security of each tool, and the user departments were also burdened with time-consuming applications for use as well as operation and management man-hours. Therefore, we began to review and consider ways to resolve these issues. (Mr. Kaneko)
We evaluated HENNGE One’s ability to meet a high level of QCD for business improvement, and decided to adopt it,
HENNGE One was selected.
— What were the requirements for the review and what were the deciding factors for adopting HENNGE One?
As a result of a comparison based on the premise that it would not only meet our company’s strict security requirements, but also enhance e-mail security without compromising user convenience in the midst of increased internal and external collaboration, we decided that HENNGE One would meet our QCD (quality, cost, and delivery) goals for business improvement at a high level. We decided to adopt HENNGE One because we evaluated it as a service that satisfies our QCD (quality, cost, and delivery) goals for business improvement at a high level. (Mr. Nishibata)
We have severe e-mail operations because some of our operations require strict information management, including those related to delisting and insider trading, and we require a multistep flow of transmission rules, such as approval from superiors. On the other hand, it is also important to consider customer convenience and security, and we sought a system that is easy to use and secure not only for us but also for the recipient. We also felt that HENNGE One would be easily accepted internally and externally, as we have recently noticed an increase in the use of HENNGE One when receiving e-mails from other companies. PPAP, large file sharing, and other functions, as well as its high cost performance were decisive factors in our decision. (Mr. Kaneko)
— How did you proceed with the implementation?
(Mr. Kaneko) How did you proceed with the implementation? We then deployed the system in our environment and performed the necessary tuning in the actual in-house environment, and at the same time, we established internal rules for using HENNGE One. We started with a small number of users, and most of them said that the system behaved well and was easy to use, so we expanded the use of HENNGE One in stages, and later decided to use it company-wide. (Mr. Kaneko)
— Why did you decide to roll out the system internally in stages?
Several thousand people with e-mail accounts at our company use HENNGE One. We thought that by starting to use the system in stages, we could minimize the impact on users as a whole by incorporating the necessary improvements, and by reflecting user feedback in the manual each time during that period, we thought we could save labor in responding to inquiries and improve user satisfaction. (Mr. Kaneko)
— How did you explain the system internally?
We held a briefing session for each department on how to operate the system, including demonstrations. Because of the ease of use, we received very few inquiries about how to use the system, and most of the questions were about how to explain the system to our business partners. The support from HENNGE was very attentive and very helpful. (Mr. Oto)
Security and convenience issues in our business have been resolved,
We also felt a reduction in the burden of operational man-hours.
— What are the results after the introduction of the system?
As an IT business department, we feel that the effect of improving the quality of our business operations has been significant. In addition to the smooth introduction of a service that solves the security and convenience issues we have been facing in our business, such as elimination of PPPAP, prevention of erroneous transmissions, and smooth sharing of large files, the fact that it requires almost no man-hours for operation and management is also a positive effect. (Mr. Nishibata)
The HENNGE One function also automates the approval of superiors when sending confidential information files, and we feel that this has been highly effective in improving operational efficiency. The company-wide common system for sending large files has eliminated the need for separate storage, and files are automatically deleted after a certain period of time, reducing the man-hours required for individual management. (Mr. Kaneko) “The management screen is very easy to understand and use.
We are also satisfied with the management screen, which is very easy to understand and use. There is no need to constantly monitor the management screen, which reduces the workload, and since all logs are captured, we can be prepared in case of emergencies, which gives us a high level of peace of mind. (Mr. Otoh).
We will continue to work with BX to enhance security.
Expectations for vector alignment and bi-directional co-creation
— Finally, what are your thoughts on the future and what are your expectations for our company?
With regard to e-mail security, the introduction of HENNGE One has made it possible to review when sending e-mails, and we believe that we have achieved a certain degree of further security enhancement. We would like to eliminate the risk of exchanging encrypted ZIP files not only on the sending side, but also on the receiving side. (Mr. Kaneko)
We have received many requests for HENNGE from other user companies, and we would like to proactively provide feedback from our users. We would be happy if we can build a good cycle in which manufacturers and user companies can exchange opinions in both directions and work together to co-create solutions to business issues. (Mr. Nishibata)