Nikon System Ltd.,

Study Act on the Protection of Personal Information and J-SOX Measures
Introduction Without Redevelopment of Existing Applications

Current Demands

Examples of Nikon System
（PDF:1.5MB）

• Staff in HR Department Can Inspect Personal Information of Others Freely
• Safe Storage Method of Personal Information
• Prevent Massive Data Leakage
• Strong Access Control

The security of personal information management is necessary. It prepares for the Act on the Protection of Personal Information and J-SOX Act Measures. The Act on the Protection of Personal Information indicates the necessary management of client information, employee information, etc, while J-SOX Act indicates clarification of business process and financial information.
The Nikon System Company works on the development of control software for products such as Nikon digital camera etc, and they have been studying the Act on the Protection of Personal Information and J-SOX Act and gradually introducing measures. This time the measure that was introduced is by the DB security Department.
The following introduces the example of Nikon System Company introducing DB security.

Demands Prior to Introduction

• Decentralization of Information Causes Incremental Management Cost
• Increasing Risk and Risk Management

This company introduction architecture

Nikon System Company uses MS-SQL Server 005 as a basic DB to manage the information of all the employees. Basic information such as name, telephone number, address, and HR evaluation information such as task fulfillment ability, communication ability, hardworking or not, qualification etc, all of which are recorded and managed on the server. However because any one who works in the HR department can freely inspect others' information, it is a problem for security. What is more, to prevent massive data outflow, a solid access control has to be established.
Nikon System Company decided to apply a systematic security policy on DB security, here are the conditions:
(1)Data is encrypted.
(2)Management by Solid Access Control.
(3)Log Record

The plan in which the 3 functions must be reflected in DB was established.

To Concerning the Security in Case of Data Flows Out

The manager who is in charge of Nikon system told us "We now really feel relieved about the personal information in the company." The merits of introduction are the fast introduction speed and the convenience of encryption management function.
There is no need to introduce any new development for the introduction. Within one week, installation and testing can be finished. Any Correlation for DB is not necessary either, encryption can be installed as it is. Some may worry that if all the data is encrypted, then it will lower the overall performance. With our product, one can only encrypt the selected column, therefore it becomes possible to strengthen the DB security while maintaining the existing performance. Also we apply and adopt algorithm that is widely acknowledged by the world standard, this is also an important reason for its reliability.

Easy and Reliable Operation Method

D'Amo offers the GUI environment which is usually called a console for management of all the functions. All the functions of encryption, decoding, access control and log can be applied with a very simple click.
The introduction and the operation of the DB security in the future should be different from the current DB security, it has to be simple for use.
Information leakage is easily prevented, and even if data leaks out it will not cause worry because others will not be able to read it. This is the new form of database security solution.

Introduction Finishes After Installation
There is No Need to Correct Current Application

Encrypted Column Name
1	Employee ID
2	Name
3	Address and Email
4	Telephone No.
5	HR Evaluation Information