NTT DATA Group Corporation

Relies on Proofpoint to Protect 6.5 Million Emails a Day
The Challenge
  • Protect organisation against escalating email threats
  • Provide consistent protection for all users
  • Unify address domains globally to strengthen brand
The Solution
  • Proofpoint Email Protection
  • Proofpoint Targeted Attack Protection
  • Proofpoint Threat Response Auto-Pull
  • Proofpoint ZenGuide (formerly Proofpoint Security Awareness)
The Results
  • Raised level of email security measures globally, including at overseas group companies
  • Stabilised domain changes and security measures for approximately 6.5 million emails a day
NTT DATA
As its name implies, NTT DATA Group Corporation considers data a fundamental part of its business. Part of NTT Group Corporation, it is a trusted global innovator of IT and business services headquartered in Tokyo. The company helps clients transform through consulting, industry solutions, business process services, IT modernisation and managed services. And maintaining the integrity of its communications and data infrastructure is essential to its mission.

The Challenge

Enhancing Security Across a Global Organisation

Based on its vision as a trusted global innovator, NTT DATA Group Corporation has been using IT and digital technologies to support its customers’ businesses and contribute to social development. In 2022, it established NTT DATA Inc. as its overseas operating company, focusing on the governance, strategic planning and policy implementation of the group’s global operations.

This rapid growth has introduced new market opportunities—but also new challenges. While the brand is well established in Japan, the company does not yet have strong name recognition overseas. Its acquisition of multiple companies has also led to inconsistent company names that can impact customer awareness. To improve its brand recognition, NTT DATA has standardised the names of its overseas group companies while unifying its email address domain as ‘nttdata.com’.

Like most multinational corporations, the company also faces global governance challenges.

‘Our group companies have bases in over 50 countries worldwide,’ said Kazuaki Tomioka, Senior Manager, Information Security Office, Technology & Innovation Headquarters at NTT DATA Group Corporation. ‘If the security measures at just one location are insufficient and an attack is launched from there, the damage may spread to all companies in the group. So the CISO has directed implementation of globally common security enhancement measures.’

Email in particular has become an entry point for constant threats at all kinds of companies and organisations.

‘As email is delivered from the outside, there is a risk that it can become an entry point for a breach,’ said Sotaro Hamada, Senior Manager, DX Office/System Development Group, IT Management Office, Corporate Headquarters at NTT Data Group Corporation. ‘We felt that the first thing we needed to do was enhance security by firmly protecting email.’

“Proofpoint email security suited our requirements from the point of view of both security and branding.”

Sotaro Hamada, Senior Manager, DX Office/System Development Group, IT Management Office, Corporate Headquarters, NTT DATA Group Corporation

The Solution

A Common Foundation for Email Security

After evaluating a variety of solutions in consultation with its global sites, the company selected Proofpoint Email Protection to help safeguard its Microsoft 365 mail system. In addition to enhancing email security, Proofpoint enabled the organisation to change the domains used in email addresses and present the unified brand of ‘nttdata.com’ to the outside world.

Another key advantage was filtering performance. After considering several email security solutions, the company decided that Proofpoint Email Protection was the best. The high rating of Proofpoint in multiple reports by third-party organisations supported the selection.

Proofpoint Targeted Attack Protection (TAP), which visualises and blocks targeted attacks and ransomware attacks, was also an important differentiator.

‘TAP was judged to be very easy to use for conducting investigations into intrusion routes, such as when a breach occurs,’ said Tomioka. ‘It enables domains to be changed, which we needed for branding purposes.’

NTT DATA Group Corporation supports a different Microsoft 365 tenant in each region, including the US, Europe and APAC, making it difficult to unify the domains. The company decided to convert the email addresses at the gateway and run a system that displays the nttdata. com domain externally—while leaving its various domains in operation internally.

‘The email systems were surprisingly complicated, and simply converting the addresses wouldn’t have worked,’ said Hamada. ‘There were cases in which even messages sent from the same location had different domains in the source address, and it wasn’t clear where they had come from. And there were various patterns, such as those involving CC and BCC destinations, and emails to mailing lists. The best fit for handling all of these kinds of variations was Proofpoint Email Protection.’

The Results

Protecting a Global Brand and its Communications

NTT DATA Group Corporation deployed Proofpoint Email Protection in two layers. The first layer handles the address conversion processes with global coverage. The second layer supports email security for each overseas operating company, called an ‘OpCo’, supervising the overseas regions.

‘Legal regulations and business needs differ between countries and regions,’ said Hamada. ‘In adopting this hierarchical structure, our goal was to properly tailor it to the different demands of each OpCo.’

Because each OpCo is a proprietary tenant, this approach also makes it easier to lock in their IP addresses and maintain closer control over them and to add customisations unique to each region.

Since the initial deployment, NTT DATA Group Corporation has expanded the protection by the Proofpoint email security solution across its global operations. It is now processing over 2.5 million emails every day in Japanese PODs alone.

‘The determination rate is excellent and, in terms of performance, operations are able to run stably while spam BEC attacks are securely sorted,’ said Hamada.

At this scale, the number of emails detected has also become very large.

‘Employees have told us that they’re receiving far fewer strange emails, so it seems that they’ve really felt an improvement,’ said Tomioka.

NTT DATA Group Corporation understands that it’s not just technology that is important, but also the literacy of each and every user. The company has been conducting regular phishing email training exercises, and staff have been trained to promptly disconnect the terminal from the network and contact NTT DATA CERT in the unlikely event that they have opened a suspicious email.

In the past, training structures were individually configured, but the company is now using the Proofpoint Security Awareness training module.

‘We can leave the training structures to Proofpoint Security Awareness, so we’re now able to focus on more substantive matters, such as coming up with attack scenarios, tailoring documentation to suit trainees’ duties and roles and training employees to make reports after opening a suspicious email,’ said Hisamichi Ohtani, Manager, Information Security Office, Systems Technology Headquarters at NTT DATA Group Corporation.

Thanks to this training, when a suspicious email is opened by mistake, the habit of reporting to NTT DATA CERT has become ingrained in employees. Another benefit is that using Proofpoint TAP makes it easy to investigate and respond when the company receives a suspicious email report.

‘Before, we had to send for the logs for each email server and analyse them,’ said Ohtani. ‘Now, email passes through the Proofpoint email security solution, so we can analyse them in batches. Right away, we know things like what kind of email was delivered, who opened it and whether anyone else has opened it. And that means our response has improved.’

Speeding up the initial response not only keeps damage to a minimum, but it also minimises the time employees have to spend away from their duties.

‘The rule is that they do not use their computers until we have conducted an investigation and notified them that there is no problem, so during that time they cannot do any work,’ said Ohtani. ‘In terms of not only preventing the spread of damage but also keeping the impact on work to a minimum and reducing opportunity loss, TAP has been very beneficial.’

Along with promoting its global strategy, NTT DATA Group Corporation has started using Proofpoint solutions to enhance governance and promote its brand appeal by unifying the domain name. The group plans to share the knowledge it has gained through this experience with companies that are expanding their businesses globally. This further enhances its value.

The solution is also helping prepare NTT DATA Group Corporation to mitigate the risk of emerging threats enabled by generative AI and other new technologies.

‘The performance of the Proofpoint email security solution will likely improve in line with global trends, thanks to the continuous improvement of its detection performance and a reduction in false positives,’ said Hamada. ‘I believe that the resulting benefits will further improve the security level for users like us.’

Download the Customer Story