Featured Articles

The Economist Intelligence Unit in their July white paper The means to compete - Benchmarking IT industry competitiveness ranked Japan second in having the strongest environment for IT competitiveness. Such an environment calls for matching strength in security measures. Let's take a look at the activity that has taken place in Japan in just the last six months and some ways your company can enter the market.

COMING IN 2008: J-SOX

The Japanese version of the U.S. Sarbanes-Oxley law, nicknamed J-SOX and scheduled to go into effect in April 2008, has drawn a number of companies to the Japanese market or to expand their activity.

Provilla of Mountain View, CA announced in June their agreement with Hitachi Systems & Services to distribute their LeakProof solutions to the enterprise market in Japan. LeakProof has the ability to protect data in any language and provides comprehensive forensics with an on-demand inventory of all confidential data in an organization, all of which will help companies meet Private Information Protection laws and comply with the upcoming J-SOX.

AEP Networks of New Jersey already has an office in Japan and partnerships with Marubeni Corporation, NEC, Sumisho Computer Systems Corporation (SCS), Kyocera Communications Systems, and Hitachi. But in February, AEP held a sales seminar in Tokyo to debut NACpoint, an identity-based Network Admission Control (NAC) for LAN and wireless-based for endpoints, and introduced their Policy Networking products, which connect identity with policy to determine secure application and resource access. AEP feels the introduction of Policy Networking to the Japanese market is well timed to help companies facing requirements for J-SOX. Pat Donnellan, CEO of AEP Networks, expressed his excitement saying, "This is an incredible opportunity to work with numerous world class partners to introduce our products and services to such a highly developed IT market.”

And it wouldn't be too much of a coincidence that the year before J-SOX goes into effect, RSA, the security division of EMC and who has a Japan office, signed agreements with six leading Japanese financial institutions just within the second quarter. Among the institutions are:

The Bank of Fukuoka, one of the largest regional banks in Fukuoka, Japan, will offer online banking customers RSA SecurID(R) two-factor authentication technology to deliver a more secure online user experience.

The Bank of Yokohama, the largest regional bank in Yokohama, Japan selected RSA SecurID to provide online banking customers an easy-to-use security solution that helps protect both identities and personal assets.

Mizuho Bank, one of Japan's largest banks with over 500 branches located worldwide, has selected RSA's proven FraudAction(TM) service in order to fight phishing, pharming and other types of online attacks.

Nomura Securities, the oldest and one of the largest brokerage firms in Japan founded in 1925, has selected RSA FraudAction to provide enhanced security to its customers.

Sumitomo Mitsui Banking Corporation, one of the largest banks in Japan, selected the RSA FraudAction anti-phishing and anti-pharming service that is engineered to help protect its customers from online fraud by preventing, identifying, and disrupting the activities that put customers and the Bank at financial risk. In early 2006, Sumitomo Mitsui Banking Corporation became the first financial institution in Japan to offer RSA SecurID two-factor authentication technology to online banking customers as part of the bank's One's Direct Internet banking service.

*Excerpt from EMC Corporation press release

Another event of note was the launch of the largest company-wide, thin client system in Japan's financial industry. NEC and Daiwa Securities Group Inc. announced in July this massive implementation, which will use more than 10,000 NEC Virtual PC Center (VPCC) terminals at 117 branch offices in Japan. NEC's VPCC is the first thin client and server solution to replace the personal computer. If this implementation is the largest, then there are surely more already in use and even more to come, growing the demand to shore up security of these systems.

BIOMETRICS: Please place your face here

Japan is an early-adopter market for advanced technologies for which the U.S. market is not yet ready. This is the case for Florida-based AuthenTec, who has a Japan sales office in addition to two distributors. Their fingerprint sensor technology reads fingerprints below the surface of the skin and is used in cell phones in Japan and South Korea but not yet in the U.S. Users in Japan and South Korea make purchases at restaurants, stores and vending machines using their mobile phones. Where contactless terminals are present, users swipe their finger across their cell phone to unlock the phone's mobile payment function and then tap the phone to the terminal to make a purchase. Six million phones in Japan and South Korea already feature AuthenTec's biometric sensors. One of the company's next aims is to bring that technology to cell phones in the U.S.

In March, Hitachi's access control system using vascular authentication technology made its way to the U.S. when it was adopted by the New York branch office of Shinkin Central Bank. Although Hitachi's vein authentication technology is already in use in Japan's ATMs, this is the technology's first application in the U.S. and is being used in the Bank's trading room, operation room, and server room, boosting internal security.

Moving in the other direction across the Pacific, a Japanese Government Agency selected Canada-based Bioscrypt to provide their VisionAccess 3D face recognition solution to be used for access control. VisionAccess uses a facial grid of 40,000 measurable data points to identify employees based on a face match. This feature is intended to eliminate security vulnerabilities present in using ID cards, keys or PIN, which are easily lost, stolen or misused.

HOW TO GO ABOUT IT

So how do you take your business to Japan? You can start by finding a distributor to sell your technology in Japan, as many of the companies described here have done.

You can form a research partnership, like Certicom Corp. did with NTT of Japan to conduct joint research on elliptic curve cryptography. The researchers plan to focus on extremely small digital signatures that can hide messages in the signature itself. The signatures will be at least ten times smaller than RSA-based digital signatures, making them ideal for small devices. "We are bringing together two of the best cryptographic research teams in the world to create new security technologies for the mobile platform," said Dr. Scott Vanstone, founder and executive vice-president of strategic technology at Certicom, which has an office in Japan.

If you already have a sales distributorship in Japan and want to take your business a step further, set up a Japan office. Having an office in Japan adds credibility to potential business partners and shows your commitment to the market. To learn more, contact a JETRO business advisor.

HIGH STANDARDS

Whichever route you take, beware of the high quality and technical standards. During JETRO's 2006 Business Strategy Forum, William Chen, vice president of sales at Authenex, a provider of network and mobile security, said, "In Japan, every company talks about quality. That is what they really care about, the value they can get out of something.” It is due to this high value of quality that "it takes about 6 months to a year to start growing in the Japanese market. But once you got it, you can get it steady.” Read the discussion of quality standards in Japan at the Forum Wrap-up. Meir Yaniv, senior vice president of market development for CosmoCom, a provider of on-demand contact centers, emphasized the significant improvement in the quality of their products after working with NTT. These improvements not only improved their products in Japan, he says, but went on to improve quality on a company-wide basis.

Remember, most of the activity mentioned here took place in just the past six months. Find out how you can take part in the action by contacting a JETRO business advisor.

Related Information:

The Strengthening of Corporate Internal Controls and the IT-driven Corporate Response, Invest Japan Online Magazine, No. 17, Summer 2007

InfoSecurity Conference & Exhibition, September 11-12, 2007, New York, NY