Business continuity: Microsoft 365 E5 migration strengthens Sky Perfect JSAT security

Security in step with the current climate

SKY Perfect JSAT has long understood the need for comprehensive cybersecurity and has taken proactive steps toward that end. However, increasingly malicious incidents pursued by cyber attackers who ignore laws and morals require ongoing countermeasures. SKY Perfect JSAT has thus identified business continuity as its top priority, determined to strengthen its security environment to minimize risk and solidly protect the organization in the face of APT attacks.

As a member of the IT and Security Management Department in the SKY Perfect JSAT Business Management Division, Mr. Ichiro Asomura tackles security measures. He stresses that “above all, we must prevent interruption of business operations in the event of a security incident.”

“In the event of an APT, it is critical to promptly assess the when (dwell time), where (entry point), and how the system was breached (entry vector), as well as the scope of compromise, or spread within the network, and respond in real time to minimize risk. Central management of everything from the network environment to PCs and other devices used by employees is thus a daily endeavor. My experience in the security field has left me keenly aware that entities with insufficient IT asset management systems and countermeasures remain highly vulnerable to incidents. Failure to properly manage IT assets and secure both logging and attack detection mechanisms significantly increases organizational risk during an attack, as it becomes impossible to determine what occurred, where it happened, or how extensive the damage is.”

Commenting on device management and endpoint protection, Mr. Asomura also points out that, “installing multiple individually optimized security products required extra time to assess correlation when they issued separate alerts. Placing security under the Microsoft 365 E5 umbrella identifies the relationship among individual alerts and expedites the speed of security-response decisions. The product’s simple configuration streamlines overall system management. From a business continuity viewpoint, we felt that incorporating a comprehensive security product would ensure reliable response on our side.”

"There was an additional system-related concern—specifically, whether agent-based security products requiring administrator rights could remain compatible with Windows updates. Any discrepancy between those products and Windows updates might create problems across organizational PCs, disrupting business continuity. This was another type of incident we needed to avoid. We felt integrated security countermeasures and centralized update management were key issues, and that ongoing threat response and protecting stability of the system itself were crucial for real business continuity.”

With these concerns in mind, SKY Perfect JSAT began examining implementation of a new security environment in August 2024. After weighing several solution options, the company settled on a suite of security products included in Microsoft 365 E5.

Rapid migration achieved in three short months

Switching security environments sounds simpler than it is. However, SKY Perfect JSAT accomplished the task with the all-out effort of its OA Infrastructure Team which (in 2024) was overseeing the company’s physical IT infrastructure. In October 2024, when the decision was taken to integrate security under the Microsoft 365 E5 umbrella, three products were prioritized for implementation: Defender for Office 365 (mail protection), Defender for Endpoint (endpoint threat detection/response), and Entra ID Protection (user ID protection). Remarkably, the new products were partially operational by December, and officially in use by January 2025.

Mr. Asomura reflects on the speed of the implementation, admitting that, “we asked much of our onsite personnel.” Meanwhile, Mr. Masanori Kobayashi, a member of the OA Infrastructure Team (Business Management Division’s IT and Security Management Department) handling system transition, offered his own insights:

“Switching security products to protect mail began with changing network environment settings, after which we tested outgoing mail and other procedures, all within an extremely short timeframe. In addition, we were also using a combination of virtual desktops (Azure Virtual Desktop) and rich clients (Windows 10/11), so we also needed to ensure that Defender for Endpoint would work successfully without problems across the board. As we already had Entra ID, we were able to complete relatively easy implementation of both Entra ID Protection and Intune—our Mobile Device Management (MDM)—for device management.”

Stronger detection, advanced risk control

Switching the security environment to Microsoft 365 E5 has “greatly enhanced our threat detection capabilities,” declares Mr. Masao Sugita, a member of the OA Infrastructure Team in the IT and Security Management Department of the Business Management Division.

“Since operations began in January, we have noted enhanced threat detection capabilities in areas such as phishing mail. While some products are yet to be introduced, consolidating our security under Microsoft 365 E5 has provided a valuable single point of contact for emergencies. Our previous use of solutions from multiple companies necessitated contacting Company A for expertise in one issue and Company B for another, complicating real-time risk management. It also required in-house security personnel to become familiar with products from multiple vendors. Now, a glance at a single console screen provides an overview of the entire situation. This represents a major change.”

The evolution of SKY Perfect JSAT’s security countermeasures extends beyond the technical component. Fully integrating under the Microsoft 365 E5 umbrella in FY 2025 allowed the Cybersecurity Department, the Information Systems Department, and the Internal Control Promotion Department/Personal Information Protection and Information Management Team to be reconfigured as the IT Security Supervisory Department.

As Mr. Asomura puts it, “As the Information Systems Department, we have handled IT assets and security, but this organizational restructuring has broadened the scope of our operations. This transformation will enable our full exploitation of Microsoft 365 E5 capabilities.”

Mr. Kobayashi adds that, “Microsoft 365 E5 has a range of security products which we have yet to explore. I look forward to incorporating many of them. I also foresee Microsoft adding new functions, which I await with great pleasure.”

SIEM transition and launch of SOC operations

Although SKY Perfect JSAT has launched this new system, Mr. Asomura reveals that the effort to revamp the company’s security environment is still in its early days.

“The key point in our plans is establishment of a Security Operation Center (SOC) and strengthening of our existing Incident Response (IR) team. In FY 2025, we plan to commission an external IT partner to get the SOC up and running. That will include a gradual migration from the current product to Microsoft Sentinel, our mission-critical Security Information and Event Management (SIEM). Meanwhile, incorporating Microsoft Defender for Cloud Apps should strengthen our environment, providing us with a clear picture of the data acquired by attackers and visualization of the overall threat spectrum.”

Mr. Asomura points out that the IR team should “gain greater collaborative and response capability through launch of SOC operations.” He bases these hopes on Microsoft Security Copilot, a generative AI tool.

Security Copilot holds promise for exhaustive log correlation analysis

Mr. Asomura adds that, “previous security operations were insufficient to provide the expected response level even with logs acquired by Microsoft 365 E5. For example, an APT attack activating long-term latent malware would require correlation analysis by cross-referencing logs from our earlier system. Tireless generative AI (Security Copilot) will surely be invaluable in performing speedy and efficient analysis of our massive volume of logs. Collaboration between Security Copilot and our SOC should greatly enhance our IR team’s responsiveness. We’re continuing to discuss diverse potential as we continue forward with this project.”

“Our mission ultimately extends to elevating the security level not only of SKY Perfect JSAT, but of all of our group companies,” continues Mr. Asomura.

“Our corporate security will assuredly be enhanced through this project. However, that still leaves the other group companies with issues to be addressed. Attackers always aim for vulnerabilities. Any blind spot within our group companies would invite exploitation. We would begin by issuing a blanket security policy for the entire group, followed by discussions with individual companies to solidify response. We understand that this will help create a secure working environment not only for employees, but also for our SKY PerfecTV！ customers and for our clients, including those in the space industry. This is why we anticipate ongoing improvements in product function and support by Microsoft.”