Secom : Managing Information Security in a

Risky World
Group 2 and 4

• 21B108 ANIRUDDHA KULKARNI •21B122 MOHIT MUNDADA

• 21B109 CHANDRACHUD •21B123 NAKUL BHASKARAN NAIR
• 21B110 CHANDRAMOULI •21B124 NANDINI N
• 21B111 CHIRAG CHAWLA •21B125 NAVANEETA BHANDIWAD
• 21B112 CHIRAG TATED •21B126 NAVSHRIYA LAPALIKAR
• 21B113 DEEPAK MISHRA •21B127 NIHAL PRAKASH
• 21B114 DEVI VAIDEHI •21B128 NIKHIL NARAYANAN
1. Personal Information Protection Law(PIPL)
Applicable to
companies that Enforces restriction on
Came into effect on
managed databases companies from using
April 1, 2005
with over 5,000 personal information
personal identities

Require companies to
Penalises corporations
take necessary
and even individuals in
measures to protect A matter of compliance
case of information
personal data from
leaks
information leaks
 Breach of PIPL
Company Name Breach Perceived
Mastercard and Visa international 40 million credit card details leaked
Softbank BB 4.5 million users’ data leaked
Kakaku.com 20,000 consumer data records lost
Michinoku Bank CD-ROMs containing 1.3 million account
holders' details lost

Evolution of Legal & Policy Frameworks

LEGAL FRAMEWORK
 PIPL came into effect on April 01, 2005
 Japanese version of U.S.’s Sarbanes-Oxley Law
was expected to come into effect as early as 2008
 E-document law came into effect as of April 2005
POLICY FRAMEWORK
 Enforcement of network security
 Hiring information security officers
 Privacy mark and ISMS certification
 Reducing the amount of personal information required
 Tightened qualification criteria for contractors
 2. Analyze the growth, product, positioning, and reputation of the Secom
group
Growth
 Secom started in 1962 by offering patrolling services. In 1978, it established a joint venture in Taiwan and
eventually expanded in the U.S., the U.K., Korea, Thailand, Malaysia, China, and other overseas markets. In 2006, it
established Secom Trust Systems Co. Ltd., through merger of Secom Information Systems and Secom Trust Net
Product
 The services include everything from server hosting, advanced housing, firewall intrusion detection, etc. Introduces
the wide range of products that can be used to ensure secure operations.
Positioning
 Secom Security has strong marketing department which helps it to design effective and successful marketing
campaigns.
 Ability to scale production – Secom Security has a robust and flexible supply chain so it can meet the challenges of
managing success arising from highly successful marketing efforts that lead to surge in consumer demands for its
products.
Reputation
 Secom is a famous brand in Japan and in different regions of the world and it has an over 60% of market share. The
brand is recognized as one of the most reliable and trusted safety and security service provider globally
3. Analyze and comment on the various items of the Product suite offered by the
Secom to Jashopper. Examine the relevance of the packages and products.

1)Advanced Housing
Service
Server Hosting
Physical/Cyber Security
Description
• Anti-seismic structure
• Fault-tolerant
• Constant monitoring
Need Addressed
Protects consumer data from
natural disasters
Minimizes threat of viruses
and hackers

2)Advanced Housing + ID/Access Control

Service Description Need Addressed
ID One Card • Controls access to Deters crime and averts errors
networks and PCs by employees

3) Total Security Assessment

Service
Complete assessment of
vulnerability, and advisory
Description Need Addressed
• Analyzes security levels Jashopper’s site was not
from organizational protected with digital
policies to network encryption.
security
4. What are the options before Mr. Sekime, the CEO of Jashopper.com? What are the top
confusions? How does the data support a decision on the questions mentioned at the beginning
and end of the case ( Were the products worth the investment? How much protection is
enough? and whether the decision will change if the company were to go public in a few
years?)

Options before MR. Sekime:

• Advanced Housing services.

• Identification and Access control
• Service to assess the Vulnerability of physical and cyber security.

Top confusions:

• 1. Importance of data security and will it affect the further growth of the business.
• 2. How much to invest in data security.

How does the data support a decision on the questions mentioned:

• 1. It is showing that there is a constant increase in the penetration and users of the internet in the market.
• 2. There is a vast increase in security attacks and data leaks from 2004 to 2005.
• 3. Many companies have already increased their protection measures compared to 2004 .
5. Examine the applicability of the Security terminology provided in one of the exhibits of the
DIGITAL CERTIFICATION: case.
AUTHENTICATION:
IP
Application: Secures site with Application: An Internet
Application: Establishes identity
some type of digital encryption to Protocol (IP) address is used to
via information. In this case 80%
protect the information. connect to the Internet and
of personal information leak was
identify devices so that
Secom passport for web for each caused by insiders. hence
computers, like desktops, mobile
store and website would offer authentication is required.
devices, and servers can
more security. communicate with each other.

SERVER: ISP: GATEWAY:

Application: share data as well as to
share resources and distribute work.
A server computer can serve its own
computer programs as well;
depending on the scenario, this could
be part of a quid pro quo transaction,
or simply a technical possibility.
Application: ISPs allow users
access to networks that
contain the required
equipment, enabling users to
establish Internet
connectivity.
Application: A gateway is a
network node used in
telecommunications that
connects two networks with
different transmission protocols
together.

FILE EXCHANGE SOFTWARE:

Application: Tool designed to store
and distribute digital information
In this case the city of Yuzawa
leaked personal data of city
residents through file exchange
software.
RACK:
Application: shelf used to store
servers that are often in the form of
electronic circuit board. Secom TS
provided racks to house customers’
servers in the SDC
THANK YOU!