Driving New Value Creation Through Group-wide Digital Transformation
NH Foods Group, one of Japan’s leading food manufacturers, has long been a household name. Under its “Vision 2030” group strategy, the company is currently undertaking various initiatives to bolster corporate value. Beyond its traditional commitment to “safety, reliability,” and “flavor,” the group aims to explore the potential of proteins through unconventional, “free-thinking” approaches, creating diverse dietary experiences that allow people to enjoy food more freely. The linchpin of this endeavour is a group-wide Digital Transformation (DX).
“Previously, our IT infrastructure relied on systems optimised for individual businesses or departments. However, to keep pace with rapid technological shifts, we needed to overhaul our legacy system architecture. We therefore decided to transform our entire IT infrastructure,” says Mr. Yoshihiro Nakamura, General Manager of the IT Strategy Department.
The group has already launched several initiatives, such as the “Connect Project,” which integrates and centralises various business systems—previously developed individually on-premises—into ERP packages. “By effectively blending IT evolution with our DX initiatives, we aim to become a leading digital enterprise in the food industry,” Mr. Nakamura adds enthusiastically.
Figure 1: Digital Transformation (DX) Strategy at NH Foods Group
Expanding Cloud Adoption Necessitates a New Identity Platform
In tandem with this transformation, the company is focusing heavily on bolstering cybersecurity. “For a modern global enterprise, cyberattacks represent one of the most significant management risks. With numerous reports of severe security breaches lately, we are exercising the utmost vigilance in our countermeasures,” notes Mr. Nakamura.
As threats become increasingly malicious and sophisticated, traditional perimeter-based security is becoming insufficient. Consequently, NH Foods is focusing on detecting and responding to threats that have already bypassed the perimeter. The company has also established a cyber-risk management framework involving executive officers to address security across the group.
Amidst these efforts, the need for a group-wide identity platform became apparent. “As part of our DX strategy, we introduced Microsoft 365 and enhanced mobile compatibility to create a work-from-anywhere environment. Looking ahead, we expect the use of SaaS and other cloud services to expand further. This made a robust identity platform, capable of supporting a diverse range of systems and services, absolutely essential,” explains Mr. Nakamura.
The complexity of managing IDs for multiple SaaS platforms was a particular pain point. While cloud services offer great convenience, managing separate credentials for each service increased both security risks and operational overhead.
As these challenges coincided with the COVID-19 pandemic, NH Foods decided to build a new identity platform immediately. The selection process was led by Nipponham System Solutions Co., Ltd., the Group’s IT subsidiary. Mr. Takashi Abe of Nipponham System Solutions Co., Ltd. recalls: “We evaluated multiple solutions based on functionality and cost, consulting with partner vendors. Ultimately, we chose HENNGE One, a cloud security service provided by HENNGE.”
HENNGE One: A Comprehensive Solution Covering All Requirements
HENNGE One is a comprehensive security solution that provides “IDaaS” (Identity as a Service) for account management and control, “DLP” (Data Loss Prevention) to prevent data loss and leaks, and “Cybersecurity” features to defend against email-based attacks and support targeted email training.
Explaining the choice, Mr. Abe says: “One alternative we considered had no major functional issues but was hindered by high implementation and operational costs. Another product failed to cover all our unique business requirements.”
“In contrast, HENNGE One offers a wide array of features, including authentication, email archiving, and cybersecurity enhancements. Because it provides these capabilities through a single platform, we did not need to combine multiple tools. This allowed us to meet all our business needs without overcomplicating our system architecture,” says Mr. Abe.
Furthermore, the responsiveness of HENNGE’s sales and support teams provided significant peace of mind. “They listened carefully to our requirements and provided swift, accurate proposals and functional explanations as if they had the manual memorised. Their proactive approach gave us great confidence in their support capabilities,” says Mr. Abe.
Following the decision, the company moved quickly to deploy HENNGE One. “With office attendance restricted due to the pandemic, we urgently deployed HENNGE One device certificates to all terminals to enable web conferencing via Microsoft Teams. Fortunately, as our department also handles centralised procurement, we had already specified high-performance hardware in anticipation of the Microsoft 365 rollout, which smoothed the process,” Mr. Abe reflects.
Refreshing the Identity Platform Enhances Workplace Flexibility
The implementation of HENNGE One has delivered numerous benefits. First, it achieved a balance between robust authentication and user convenience via IDaaS. “To work safely from any location, we had to ensure that unauthorised personal devices could not connect to our network. We addressed this by implementing multi-factor authentication, combining HENNGE One device certificates with Active Directory authentication,” Mr. Abe explains.
Furthermore, Single Sign-On (SSO) delivered results beyond the company’s expectations. “Initially, we did not focus heavily on SSO, but it has proven incredibly convenient. We have now connected over 100 systems, including our ERP, other on-premises systems, and cloud-based expense management services,” says Mr. Abe. The integration process for each system was completed seamlessly, thanks to expert support from HENNGE engineers.
Previously, NH Foods managed accounts for each individual business system. Consequently, employees using multiple systems had to manage different IDs and passwords for each. “Maintaining security requires regular password changes. Doing this for every system was a heavy burden on users, and in the worst cases, led to people writing passwords on paper notes,” says Mr. Nakamura. The introduction of SSO has allowed the company to achieve both security and user convenience.
“By centralising the authentication and management of over 100 systems, including SaaS, we have streamlined ID management while simultaneously bolstering security,” says Mr. Abe.
Employees can now work without being tethered to a specific time or location, marking a significant step forward in work-style reform. “Secure remote access and SSO for multiple systems have improved operational efficiency and significantly increased the freedom in how our staff work,” Mr. Abe notes.
Moreover, the workload for the help desk and application owners has been significantly reduced. “Due to the multitude of accounts, we used to receive a high volume of enquiries regarding forgotten IDs and passwords. When we launched our new expense system, we received over 400 such enquiries a month. Since implementing SSO, these enquiries have plummeted to less than a tenth of their previous volume. Across the entire group, we estimate this has eliminated several thousand enquiries annually,” Mr. Abe says with satisfaction.
Leveraging Diverse Features to Bolster Email Security
A second benefit is the enhancement of email security via DLP. The company archives all internal and external email correspondence to prepare for potential security incidents or audits. In recent years, the volume of data sent via email—including large images and videos—has grown. Products unable to handle large files often force users to seek separate online storage services, increasing costs and management complexity.
“HENNGE One handles large file transfers and provides email archiving. These features allowed us to transition to Microsoft 365 while achieving security levels that exceed our previous on-premises environment,” says Mr. Nakamura.
The third benefit is the improvement of user security awareness and literacy. “In cyberattacks, ‘people’ are targeted just as much as systems. Therefore, we conducted targeted email attack drills for 13,000 employees using ‘Tadrill,’ a service within the Cybersecurity Edition,” Mr. Abe explains.
Using Generative AI, the team created several variations of phishing emails to monitor open rates. The results revealed variations in literacy levels across the organisation. Specifically, new hires and mid-career recruits—who were less familiar with internal rules and the corporate security culture—showed a greater need for literacy education. In response, NH Foods is strengthening security training during onboarding and conducting regular follow-up sessions.
“While the percentage of users who opened the emails is a key metric, the data from Tadrill is also invaluable for identifying which types of users are most vulnerable and determining what kind of education is most effective. Moving forward, we want to monitor whether employees take the correct actions after spotting a threat, such as shutting down their PCs and reporting the incident to the relevant departments,” says Mr. Nakamura.
Figure 2: HENNGE Tadrill – Targeted Email Attack Simulation Service
The service provides comprehensive features for distributing simulation emails and enabling direct reporting from employees. It is highly effective in bolstering security awareness and enhancing the overall literacy of the workforce.
Tadrill uses a self-service model, distinguishing it from typical training services. NH Foods conducted this training almost entirely on its own and plans to continue using it to drive a PDCA (Plan-Do-Check-Act) cycle for security.
With security risks mitigated and user convenience enhanced, NH Foods expects its DX journey to gain even more momentum. “The Connect Project is just getting started. We plan to pursue full-scale data utilisation by combining core business data with external data. We will also explore various themes, such as the business application of Generative AI. Through these efforts, we intend to remain at the forefront of IT evolution,” concludes Mr. Nakamura. HENNGE remains committed to supporting these ongoing initiatives.