Sumitomo Joint Electric Power Co.,Ltd.

Adopting HENNGE One as the Authentication Foundation for Digital Transformation: Aiming to Achieve Both Enhanced Security and Operational Efficiency

  • Other

Sumitomo Joint Electric Power Co.,Ltd. has leveraged more than 100 years of trust and technical expertise built since its founding in 1919 to provide stable energy supplies to regional communities and industries. Operating in a business environment with high security requirements, the company faced various challenges, including the complex operation of multiple independent systems. The company has now adopted HENNGE One to address these challenges, using it as a foundation for digital transformation (DX) promotion and cloud utilization, and is aiming to achieve both enhanced security and improved operational efficiency.

In this article, we speak with Yoshitomo Manabe, Team Leader of the DX Promotion Team in the Corporate Planning Division, along with team members Yoshihiko Doi and Motoki Ito, about how the company came to adopt HENNGE One, the benefits gained, and its vision for the future.

Growing Security Requirements and IT Operations Barriers to Operational Efficiency
— Could you tell us about your company’s business overview?

Manabe : Our company makes full use of the first liquefied natural gas (LNG)-based thermal power generation in Ehime Prefecture, as well as 11 hydroelectric power plants in Ehime and Kochi. In biomass power generation, which contributes to CO₂ reduction and the effective use of forest resources, we are expanding large-scale projects in Kawasaki and Monbetsu, and pursuing advanced initiatives. We also achieve high energy efficiency through cogeneration (combined heat and power generation), which supplies steam simultaneously with electricity generation. As a community-rooted energy supplier, we support the industrial infrastructure centered on Niihama City and Saijo City in Ehime Prefecture. The trust and technical expertise backed by our long history of over 100 years is a major strength. We also provide engineering services that leverage these technical capabilities.

— What is the role of the DX Promotion Team?

Manabe : The team handles the operation of newly adopted tools such as Microsoft 365 as part of company-wide DX promotion, provides DX training opportunities, manages and operates information processing systems, and conducts planning reviews. We also handle various settings and inquiries related to standard PCs and networks.

— Could you tell us about the challenges you faced before implementing HENNGE One?

Manabe : Due to concerns about risks such as the loss or unauthorized use of laptop computers during business trips, and vulnerabilities in security, we were forced to restrict connections over external networks (public Wi-Fi). This made it difficult to balance convenience and security.

Doi : Previously, there was no integrated system in place, and many individual systems existed independently. Tools such as workflow systems, Single Sign-On (SSO), and Microsoft 365 each operated separately, resulting in insufficient system integration, usability issues, and visible problems such as SSO malfunctions. In particular, managing passwords across two separate systems and managing users were cumbersome tasks. On the email side, we also had challenges with sending and receiving large files, with moving away from the practice of sending password-protected ZIP file attachments by email followed by the password in a separate email, with the difficulty of using the email archive, and with targeted phishing email simulation training. Furthermore, when we considered remote work during the COVID-19 pandemic, the communication environment was a barrier, and we felt the need for an external authentication system and a Zero Trust approach.

All-in-One Provision of Rich Features Balancing Security and Convenience Was the Key to Selection
— How did you first learn about HENNGE One, and what appealed to you about it?

Doi : We first encountered HENNGE One at an exhibition. I was remarkably surprised to learn that it provided an all-in-one solution for all the features we were seeking—not only ‘de-PPAP’ and SSO, but also large file transfers and targeted email attack simulation training. Despite being so feature-rich, it offered excellent cost-performance, which prompted us to immediately begin evaluating it for migration.

— Why did you choose the Pro plan, and what were your expectations?

Doi : The Pro plan had exactly all the features we wanted. We decided that if this price included all these features, there was no reason not to choose Pro plan.

Reliable and Confident Implementation and In-House Rollout with the HENNGE Customer Success Team’s Hands-On Support
— Were there any particular efforts or difficulties during the implementation?

Doi : In general, devices and users are linked on a one-to-one basis, but in our company, not only PCs but also iPhones are shared among employees, so we were uncertain about how to configure authentication. However, through our communications with the HENNGE Customer Success team, we learned that HENNGE One provides a mechanism to link each user to their individual ID even on shared devices, enabling secure access control, and the issue was resolved. There was the effort of providing individual setup instructions to each employee, but we were able to complete the process successfully.

— How was the hands-on support from the HENNGE Customer Success team?

Doi : By building the environment ourselves while receiving thorough hands-on support from HENNGE, we were able to keep initial investment costs down. During the implementation, a large number of questions arose, and every time we raised them, the dedicated person in charge responded sincerely, resolving each issue reliably and promptly. That was truly a great help.

Manabe : I feel that the detailed, hands-on support from the HENNGE Customer Success team was what enabled us to build the environment in such a short period of time, and I am very grateful for that.

Enhanced Security and Convenience Together — The Diverse Benefits Brought by HENNGE One
What benefits do you expect from implementing HENNGE One?

Manabe :  We expect to reduce the risk of information leakage while improving operational efficiency for both administrators and users.

— Could you tell us about the effects of each feature? First, what about authentication through Access Control?

Doi : Previously, we had challenges with managing passwords across two separate systems and insufficient integration between individual systems. By introducing HENNGE One, the authentication foundation has been unified, and SSO has been achieved smoothly. This has enabled smooth access to multiple cloud services — including Microsoft 365, security tools, e-learning, and accounting and financial services — improving both convenience and security.

— What about Email DLP for preventing accidental email misdirection, Secure Transfer for sending and receiving large files, and Email Archive for email audit compliance?

Doi : We have finally resolved the long-standing challenge of eliminating password-protected ZIP file email attachments. The removal of the cumbersome process — creating a password-protected ZIP file, sending it, and then sending the password separately in a follow-up email — was something that field staff had been requesting very strongly. By using HENNGE One, we have been able to strengthen email security, reduce the burden of file sharing, and dramatically improve operational efficiency.

Ito : I had thought we would need to arrange an email archive solution separately, but it is included in the Pro plan, and searching is also easy. I was also surprised by the 10-year retention period.

— What about Cloud Protection for email security?

Doi : At this point we are not yet using it, but going forward, we are thinking about finding the right balance and making good use of it to strengthen security without compromising convenience.

— What effects do you expect from File DLP (cloud storage risk management)?

Manabe : At this point, internal rules for using cloud storage have not yet been established, and the technology is ahead of our governance. However, we expect incident prevention effects such as quickly stopping sharing when files that should not be shared are discovered in OneDrive.

— How do you find the management interface?

Ito : Compared to the individual systems we have been using up until now, HENNGE One’s user interface is simple, easy to understand, and allows us to do what we need intuitively right away. It is also efficient for operational management, which is very helpful.

— What about Tadrill, the targeted phishing email simulation training service?

Doi : Our company had previously been running tests using a system purchased nearly 10 years ago. However, email specifications had changed significantly — from SMTP to cloud-based services — and we were considering a replacement. Furthermore, in the old system, a great deal of effort was required to spoof the sender address of simulation emails and to identify users who had clicked on them. Even if we managed to carry out the training, it was very difficult to understand the situation and compile the results. Tadrill provides a rich set of features for more realistic and effective training, and also provides a comfortable interface that resolves all the issues we had previously experienced. We look forward to it contributing to improving our staff’s security awareness.

Aiming for Safe Utilization of Information Assets and Establishing a New Work Style Through DX Promotion
— What are your expectations for HENNGE One in your future DX strategy?

Manabe : We plan to expand SSO integration with the various cloud services expected to continue growing in number, through HENNGE One, and to reduce the workload of security operations through continuous scanning detection. In particular, as the COVID-19 pandemic has passed and opportunities to work outside the office — such as on business trips — are increasing, HENNGE One’s device authentication is helping to create an environment where employees can work using their own Wi-Fi connections. Going forward, we would like to advance the development of human resources policies to promote diverse working styles such as remote work and reduced working hours. We also have plans to migrate data from on-premises servers to cloud storage and ensure security using HENNGE One’s security features.

Doi : For our DX strategy, we have high expectations for HENNGE One as the authentication foundation for cloud services through SSO. After the planned upgrade of our network and server infrastructure that we are currently considering, we eventually want to enable access to cloud services and internal file servers from outside the office without using a VPN, and to realize passwordless operation. We expect the HENNGE One authentication foundation we have built this time to play an effective role in that as well.

— We understand you are interested in Kickflow, HENNGE’s workflow system. Could you tell us about your current considerations?

Manabe : Our current workflow system is very difficult to use and generates a large amount of manual work. Drawing on the positive experience gained from implementing HENNGE One, we are looking to introduce Kickflow, which makes approvals easy even from a smartphone, and to digitize and streamline our internal approval process.

— Are there any expectations or requests you have for HENNGE and HENNGE One going forward?

Doi : In addition to materials for administrators, if more user-oriented manuals were made available, we expect that in-house rollout would become even smoother. Also, our next step as a company is to achieve Zero Trust, and we are considering the introduction of biometric authentication when we replace our PCs next time. We hope that integration with HENNGE One can be realized at that point.

Manabe : We continue to look forward to further expansion of features. We also hope that HENNGE One will strengthen data integration with other cloud services, ERP systems, and similar platforms in the future, functioning as a virtual data platform, so that data utilization can become more secure and seamless.