Knowledge Key information security measures when smart-office enabling overseas locations

A smart office is an office designed to be efficient using digital technologies like IoT and AI. With significant changes in work styles in the wake of the COVID-19 pandemic, smart-office transformation is attracting global attention as a means to realize new ways of working.

Smart offices can provide the following benefits:

・Improved productivity and operational efficiency
・Realization of flexible work styles such as teleworking and satellite offices
・Differentiation in the job market, etc.

These can lead to improved performance across the entire company.

When advancing smart-office transformation at overseas locations, security risks must be considered. Here we will explain why security consideration is necessary for smart offices.

Offices store various confidential information, such as sales data and personal information on PCs, and contracts in spaces such as cabinets. If not properly managed, confidential information can lead to serious incidents and potentially damage a company's reputation.

As mentioned earlier, the efficiency and flexible working realized by smart-office transformation are significant benefits. However, the introduction of digital technology also brings new security risks. For instance, digitizing documents and enabling access from anywhere can make operations more efficient, but if the digitized data is not properly stored and managed on servers or clouds, the risk of data leakage increases. While physically managed documents in storerooms were protected by physical access restrictions, digitized information adds the risk of online leaks.

Here, we introduce the main four security risks and countermeasures that need attention in the smart-office transformation of overseas locations:

1.  Security risks in wireless LAN environments
2.  Security risks related to physical spaces such as entry/exit control and room separation
3.  Security risks for IoT devices installed in the office
4.  Security risks when working outside the office

We will explain each of these security risks and their countermeasures in detail below.

First, we will discuss risks and countermeasures in LAN environments, which are crucial to work in the office.

To create a smart office, a high-quality wireless LAN environment is indispensable. With a wired LAN, work can only be done where LAN cables can connect, but wireless LANs allow employees to work at any location without being confined to a fixed seat.

However, a wireless LAN without sufficient security measures can become a target for malicious attackers, who may steal personal and confidential information from it.

It is essential to be aware that office wireless LANs are not always safe. Even within the office, if appropriate security measures are not taken, there is a risk that wireless LAN signals can be intercepted from outside the office.

The following security measures are necessary when constructing a wireless LAN environment. Although it is easy to set up a wireless LAN, unexpected risks can arise if care is not taken. When setting up the environment, it is also worth considering consulting with or requesting the help of vendors with specialized expertise.

Next, we discuss physical security risks within the office and spatial separation as a security measure.

In smart offices at overseas locations, the separation of physical spaces within the office is extremely important. Not just entry and exit management, but also internal area division and spaces handling confidential information need consideration.

Especially in smart offices, where free addressing can make it difficult to know who is where, there is an increased risk of intruders entering the office without notice. Therefore, security measures through the physical separation of office spaces are essential. Advanced technologies such as facial recognition for entry and exit management should also be considered.

The following are measures against physical security risks in the office. Not only managing the entrance and exit of the office but also introducing zoning* inside and considering risk hedging for intrusion are necessary.

*Zoning refers to dividing office spaces according to function and purpose and managing confidentiality and security by limiting who can enter each space.

Next we will introduce security for IoT devices, which are often used in the smart-office transformation of overseas locations.

Utilizing IoT devices is crucial in smart-office transformation at overseas locations. Using IoT devices to manage conference room usage, automatically control air conditioning, and manage inventory and automatically order supplies can make various operations more efficient.

However, since these IoT devices are connected to the internet, they can be at risk of external attacks if security measures are neglected. Adequate security measures are required when using IoT devices.

Generally, the confidentiality of information handled by IoT devices is seen as low. For example, information such as conference room usage may seem of low importance. However, security risks for IoT devices not only include the leakage of information but also the potential to be used as a stepping stone for attacks. To prevent IoT devices from becoming entry points for attacks on internal servers and confidential information, security reinforcement of IoT devices is necessary.

It is vital to implement the following measures to strengthen the security of IoT devices. As installation and configuration of devices may require specialized knowledge, utmost caution is needed.

In an era where working from home or satellite offices is commonplace, one must be cautious about information leakage.

The following are excerpts from the Ministry of Internal Affairs and Communications "telework security survey (FY R4)," showing the results of a survey on security measures implemented by companies. While 65.9% of companies are actively addressing "Malware countermeasures (virus protection)," many companies are still not sufficiently advancing measures in "data protection," "training," and "threat intelligence” (the process of collecting information about potential dangers and threats and organizing and analyzing that information), which are essential elements in teleworking*.

The smart-office transformation of overseas locations includes teleworking from home or satellite offices. While telework has effects such as improving employee satisfaction, it also poses security risks that require attention.

The external environment outside the office is challenging to manage and poses various security risks. Risks include shoulder surfing of PCs in public places like cafes, airports, and hotels, data leakage and hacking due to the use of insecure Wi-Fi, and the risk of PC loss or theft. Particularly in regions with political instability, these risks are heightened.

The following are the security measures that should be implemented when working outside the office. Strengthening security for telework at overseas locations can be further enhanced by data protection and authentication strengthening through using a VPN.

We have focused on the security measures that should be taken in the smart-office transformation of overseas locations and introduced specific countermeasures. Achieving security in smart-office transformation is an essential element.

However, appropriate measures can be challenging to implement without sufficient knowledge of security. KDDI offers one-stop solutions for overseas offices, including IT infrastructure, interior construction, and furniture arrangement services. If you have any concerns about IT device security in smart-office transformation, please feel free to contact us. We will support you with optimal security measures using our expertise.

Additionally, please see below for an explanation of the points to consider and things to be aware of when first establishing, relocating, or renovating an overseas office.