#Japan #Fukushima #Cybertrust #Fukushima Education #Device ID

Strengthening Security in Education: The Adoption of Cybertrust's Device ID by Fukushima City Education Board

In a significant move towards enhancing the security measures within educational institutions, the Fukushima City Education Board has recently implemented the "Cybertrust Device ID" management service. This initiative aims to strengthen the security framework surrounding the Chromebook environment used by teachers, particularly focusing on multi-factor authentication as outlined in the Ministry of Education's security guidelines.

Background of the Implementation

The Fukushima City Education Board has set a goal for 2025 to distribute Chromebooks to all teachers, with a keen focus on advancing the digital transformation (DX) of administrative tasks while also enhancing security. This shift marks a transition to a cloud-based working environment, necessitating the use of a dual-system setup where both Chromebooks and Windows PCs are in play. After considering the potential challenges of managing dual devices, the Board decided to adopt Windows 365 Cloud PC. However, this raised a new challenge regarding access management for Windows 365, particularly ensuring that it could only be accessed through the Board's managed Chromebooks.

Furthermore, the Board aimed to bolster security measures without overwhelming teachers with additional burdens in their operational workflow.

Process of Adoption

To address these pressing issues, Fukushima City Education Board engaged with FCOM Co., Ltd., which has been instrumental in establishing the ICT environment for the board. FCOM began investigating solutions that could deliver multi-factor authentication and device restrictions. After evaluating several alternatives, they identified the "Cybertrust Device ID" due to its proven track record with Chromebooks and its ability to implement robust security measures in compliance with the Ministry's guidelines without causing excessive operational strain.

The Cybertrust Device ID solution allows the issuance of device certificates strictly to authorized terminals. This system effectively prevents unauthorized devices from accessing sensitive network resources. The management of these certificates is done in a secure manner that prohibits export, ensuring that unauthorized copying onto unmanaged devices is avoided. Additionally, automatic distribution of certificates based on Google account logins when using Chromebooks further eased the implementation process, eliminating the need for user intervention.

Outcomes of the Implementation

For the implementation, the Board procured 1,650 Device ID licenses and executed a remote installation on the already distributed Chromebooks without needing to retrieve them from teachers. This approach enabled a complete rollout managed solely by administrators, resulting in a smooth transition with minimal inquiries from users.

The introduction of the Cybertrust Device ID yielded several key benefits, including:

• - Access control to virtual machines (Windows OS) limited to managed devices only.
• - Strong access controls in line with the Ministry of Education’s guidelines through multi-factor and device authentication.
• - A location-independent school administrative environment that ensures security while improving the ease of working for educators.

These improvements have made it possible for the Fukushima City Education Board to successfully balance security and convenience in carrying out school administrative tasks.

Future Outlook

As educational institutions seek to promote DX and reform working styles, establishing an operational environment that is secure yet location-independent has become increasingly vital. The Fukushima City Education Board plans to continue enhancing ICT environments to support teachers in increasing their productivity while maintaining security measures.

About Cybertrust Device ID

The Cybertrust Device ID is a management service that scrutinizes terminal identification information, allowing device certificates to be registered only on terminals authorized by administrators. This service supports a wide variety of devices, including Windows, iPhone, iPad, Mac, Android, and Chromebooks. By ensuring that only devices with registered certificates can access specific networks, Cybertrust effectively mitigates risks associated with unauthorized access.

For more details about the Cybertrust Device ID, click here.

Company Background

Founded as Japan's first commercial electronic certification authority in 2000, Cybertrust provides trust services utilizing its authentication and security technology. It offers on-premises, cloud, and embedded platform services, leveraging knowledge from Linux kernel technology and open-source software (OSS) to support a variety of pioneering sectors, including IoT. Their ethos, “Trust for all things and people,” reflects their commitment to building a secure society through high-level neutrality and expertise in IT infrastructure.

For further information, visit Cybertrust Official Release.