In response to the massive March 2011 Japanese earthquake and its devastating aftermath, the Microsoft Global Security Operations Center (GSOC) in Asia activated local, regional, and enterprise Incident
Management Teams (IMTs). Working closely with the GSOC, the Japan IMT maintained constant communication with its personnel and provided security advice for all affected staff and travelers. Microsoft employees were kept safe and informed, and assets were protected.
On March 11, 2011, a magnitude 8.9 earthquake struck the northeast coast of Honshu, the main Japanese island, resulting in a massive tsunami that caused considerable destruction, including major damage to its nuclear power stations, particularly the Fukushima
Daiichi facility. Resulting damage and radiation hazard caused hundreds of thousands of survivors to flee their homes, as food, water, shelter, medicine, and fuel ran short.
In Japan, Microsoft employs 3,500 people across 610,000 square feet of office space in 11 buildings. Its Sendai location is 110 kilometers from the Fukushima nuclear facility.
The Microsoft Global Security Operations Center (GSOC) Asia (located in India) activated the Japan Incident Management Team (IMT) immediately after the earthquake to help manage the disaster’s local effects to Microsoft and lessen the overall impact. To mitigate
risk to assets and help local personnel stay safe and informed, the IMT started processes for:
- Managing communications
- Locating travelers
- Providing security services
The various IMTs (local, regional, and enterprise) used the GSOC to provide background information, daily situation briefings, and security advisories. Several tools were used to reach and collaborate with key decision makers and staff, regardless of their
location and network access:
- Visual Command Center, software from IDV Solutions unites data from internal security systems and external data feeds in a common operating picture. Users can interact with and analyze the data on a map and timeline.
The software was used to check the proximity of Microsoft offices to the earthquake and tsunami disaster zones. Custom maps were disseminated with situation updates.
- Microsoft InfoPath 2010 information gathering program enabled Microsoft Global Security to efficiently keep all related information current and to store all relevant documents, regardless of format, in a centrally accessible
- Microsoft Lync 2010 connected IMT members in live meetings through laptops. It was the preferred communication tool, because it brought together voice, video, and documents and was not affected by landline disruptions.
- AtHoc, a partner messaging tool that uses Short Message Service (SMS), a text messaging service, was used to alert IMT members and senior leadership of upcoming meetings, situation changes, and advisories.
|Visual Command Center visualizes global security incidents and Microsoft assets in a
consolidated view, helping security teams determine which people and properties may
be threatened or endangered.
GSOC Asia worked to make sure that all visitors who were in or traveling to Japan received timely updates and relevant security guidance. Again, software aided the effort:
- Mobile Travel Assistant (MTA), from partner ConTgo, helped GSOC Asia confirm the location of all Microsoft travelers. Those en route to or already in the area were told of the unfolding situation via an alert message.
That message required a response from the traveler to verify their well-being. “Within minutes, we could tell who was where and what facilities were near the dangers,” says Mike Howard, Chief Security Officer for Microsoft Global Security. “We could determine
how many travelers we had in the country and ping them quickly.”
GSOC Asia provided security advice, support, and facilities to all personnel affected by the disaster. Several software tools were used:
- Microsoft SharePoint Server 2010 extranet pages of the Global Security website were used to publish travel restrictions and office closure information. Use of the extranet meant that personnel did not need access to
the corporate network to obtain information. This site was also used to publish relevant guidance for all employees in both English and Japanese.
- Lenel, the access control system used to monitor all Microsoft campuses and buildings, demonstrated its durability by remaining fully operational throughout the crisis.
The Japan IMT fostered the internal coordination necessary to monitor the impact of the disasters and to serve Microsoft personnel during this critical time. GSOC Asia and the Japan IMT collaborated fully.
The Enterprise Incident Management Team (EIMT) had been activated because of the scale and scope of the disaster. The EIMT provided guidance at the international level, sharing news of events with the Japan and Asia Pacific IMTs. Staff used Lync 2010 to ensure
flexible, robust communications between the teams. Regional Security Advisors (RSAs) arrived on scene to assist the Japan IMT. In addition to serving on the ground, the RSAs crafted a contingency evacuation plan. They also coordinated with local procurement
to replenish survival kits and bottled water for affected Microsoft offices.
The Japan IMT updated the Asia regional security team and the Global Security Senior Leadership Team on changing conditions and decisions reached in the field. The North Asia Regional Security Manager led the Japan relocation team, consisting of individuals
from Finance, Real Estate, Procurement, Travel, Global Security, and Information Technology.
Other Microsoft groups that provided input and support to the local and regional security teams included:
- Risk Management offered its perspective on risk levels and appropriate responses.
- Global Security Intelligence Group provided counsel on raising Japan’s country risk rating to High. The group also monitored the rapidly changing situation and reported findings to enterprise and security leadership.
This information enabled key decision makers to effectively deal with safety threats and potential impact to the business.
- Asia Communications Team published advisories and individual employee guidance.
- GSOC Asia provided all outreach, event notifications, and situation updates. The group activated all IMT calls, located travelers, issued formal communications, and monitored access to all Microsoft facilities for as
long as the IMT operated.
- Enterprise Business Continuity Management
worked with affected internal teams to ensure that business continuity and disaster recovery plans were in place. These plans provided a framework for evaluating and addressing continuity of critical business operations and mitigating impacts on products and
||Given the enormity of the situation, our success is a testament to our planning, our technology, and our people.
| Mike Howard
Chief Security Officer,
Microsoft Global Security
The Japan IMT remained active until April 15, 2011, when the Japan Senior Leadership Team took over ongoing review of the recovery processes.
The Japanese earthquake and tsunami resulted in a humanitarian crisis and a massive negative economic impact, which included the loss of industrial production in many factories and the need for a long-term rebuilding effort, estimated at ¥10 trillion
(US$126 billion). The Japanese government mobilized its Self-Defense Forces, and many countries sent search and rescue teams to locate survivors. Aid organizations in Japan and worldwide responded, with the Japanese Red Cross reporting US$1 billion in donations.
Severe damage at the Fukushima Daiichi nuclear power station led to radiation leaks, long-term health and environmental hazards, and a prolonged, expensive cleanup.
For Microsoft, this disaster tested the GSOC and the IMT to the fullest. Working collaboratively with GSOC Asia, the Japan IMT provided continuous communication with affected personnel to help ensure their safety and access to help.
Microsoft and partner technologies played a critical role in the success of the IMT. Microsoft staff used Lync to communicate through voice and instant messaging and to share screens and documents. Staff also used Lync to join meetings from landline phones,
mobile devices, and laptops. InfoPath and the IMT portal enabled staff to easily and immediately access relevant documents, regardless of location or format.
The AtHoc and MTA tools facilitated the tracking of all affected staff. Visual Command Center enabled GSOC staff to check the proximity of Microsoft offices to the disaster zone and evaluate the resulting danger. Extranet pages on the Global Security website
provided timely and relevant communication with the people who needed it most, regardless of network disruption
Keys to Success
Howard names the following as vital parts of the enterprise response to the disaster:
- Planning and strategy. The response was not a spontaneous reaction. The enterprise was prepared and had a written plan.
- Connecting technology to planning and strategy. The effort ran on off-the-shelf software from Microsoft and its partners. Users set up the solutions on their own, without excessive customization.
- Exercise and practice. The teams practiced their roles in advance and improved the plans as needed.
- Alignment with executive goals. The executive overseeing the response shared vetted information with enterprise leaders, ascertained their priorities, and ensured that resources were available to help the IMTs do their
Microsoft Office System
Microsoft Office is the business world’s chosen environment for information work, providing the programs, servers, and services that help you succeed by transforming information into impact.
For more information about the Microsoft Office system, go to:
For More Information
For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers in the United States and Canada who are deaf or hard-of-hearing
can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to:
For more information about Microsoft Global Security, visit:
The Microsoft GSOC team uses a range of customizable, off-the-shelf solutions for physical security, including Microsoft technologies integrated with third-party products. This strategy helps create an enterprise security solution that reduces costs and improves
customer service. For more information, visit: