How Sony Music Entertainment (Japan) Inc. Enhances SaaS Security Observability Using AWS AppFabric

Founded in 1968, SMEJ is a Sony Group subsidiary that is involved in domestic and international music production, music distribution, and artist management, in addition to a range of entertainment businesses. SMEJ security team is responsible for monitoring and coordinating responses across the corporation’s entire IT infrastructure, including SMEJ’s 300 AWS accounts.

“Our IT department has reported that security events within the company often stem from exposures in the employee environment,” says Shigeki Wakasa, Deputy Executive Information Security Officer at SMEJ. “Consequently, the global security team mandated that we link audit log data from a suite of productivity tools to third-party analytics software. This will help the team address these security concerns more effectively.”

But SaaS application data comes in different formats, and converting it into a standard format for analytics is time consuming. While evaluating different solutions, SMEJ discovered AWS AppFabric. The company found that it could use AWS AppFabric to automatically normalize audit log data into a standard format.

With this AWS service, SMEJ seamlessly integrated SaaS application data with the global security team’s current tools. It also gained the ability to integrate with subsequent applications if the team changes its approach in the future. SMEJ’s IT department did not allocate any extra personnel or resources when getting started with AWS AppFabric, which kept operational overhead low while the company quickly aggregated SaaS application data.

AWS AppFabric standardizes and integrates third-party SaaS audit log data from 4,700 employee accounts without requiring any coding. This normalized data is then sent to Amazon Security Lake, which automatically centralizes security data. This data lake is linked directly to the global security team’s software so that the team can monitor the data. With this setup, SMEJ can maximize data durability and availability, thereby efficiently analyzing and accessing vast amounts of security data when needed.

“Using AWS AppFabric, we can automatically convert this data into a standard format. Therefore, we can use the same integrated format to perform security analysis for the entire system.” says Tomoyuki Shirakawa, leader of the Cloud Center of Excellence at SMEJ.

SMEJ’s Computer Security Incident Response team also performs advanced analytics and reporting on the converted data using Amazon OpenSearch Service, which provides near real-time search, monitoring, and analysis of business and operational data. Using Amazon OpenSearch Service, the team quickly searches, visualizes, and analyzes SaaS application log data that is stored on Amazon Security Lake. This visibility provides deeper insights into SMEJ’s security posture, which would help improve the team’s monitoring capabilities.

“AWS AppFabric is a game-changing solution for security and IT teams,” says Shigeki. “We’ve enhanced the security visibility of our SaaS applications and unlocked a 58 percent projected reduction in our operational costs—in mere weeks.”

Data from many SaaS applications are linked using AWS AppFabric. Using the new setup, SMEJ’s Cloud Center of Excellence manages that data and its audit logs centrally and more efficiently. Team members also quickly access relevant data and effectively analyze security trends.

By adopting AWS AppFabric, SMEJ has not only streamlined its security log management but also enhanced visibility into application security. Using AWS AppFabric with Amazon Security Lake has caught the attention of key stakeholders in Sony Group.

“Recently, the chief information security officer for the whole Sony Group visited SMEJ,” says Shigeki. “We presented our new setup using AWS AppFabric to him, and he was quite impressed. He remarked that the setup represented the cutting edge of what we were doing at Sony, which was very encouraging to hear. He also asked us to share this setup Sony Group wide.”

SMEJ plans to expand its use of AWS AppFabric to integrate more aspects of its security environment. Security logs from different business applications can be aggregated into AWS AppFabric to improve analytics and visibility. This will empower SMEJ to meet future security demands under the AWS Shared Responsibility Model.

“The AWS AppFabric team has been immensely helpful from the beginning, especially during the planning stages,” says Shigeki. “Our consultations with them have been crucial in improving our security infrastructure, and we look forward to drawing on them as we continue to enhance our security measures.”