Product Introduction
What is the Security365 Management Center?
Security365 Management Center isZero Trust-based Integrated Security Management PlatformIt is possible to centrally manage users, groups, licenses, and access policies for all security services within the organization.
Core Concepts
Integrated Management Platform
- User and group management, license assignment, and security policy settings performed from a single console.
- Integrated management of all Security365 services such as SHIELDrive, SHIELD Gate, Document Security, etc.
- Maximizing management efficiency with a consistent policy framework
Zero Trust Architecture
- "Never trust absolutely, always verify"
- Perform conditional validation for all access attempts
- Dynamic access control based on IP, time, country, and device conditions
Flexible Account Linking
- Automatic synchronization of Microsoft 365, Google Workspace, and SCI Server accounts
- Elimination of duplicate management through the use of the existing personnel system
- Manual registration and automatic synchronization can be performed concurrently.
Why is the Security365 Management Center necessary?
Changing Security Environment
Introduction of Various SaaS Services
- Document security, web isolation, cloud storage, and the simultaneous use of various security solutions
- Separate management console for each service → Increased management complexity
- Difficulty in Maintaining Policy Consistency
Distributed Workforce Management
- Diverse Access Environments Due to Expansion of Remote Work and Telecommuting
- Increase in external personnel such as contractors and partners
- Increase in account creation, modification, and deletion frequency
Strengthened Compliance
- Compliance with the Personal Information Protection Act and Information Security Regulations is necessary.
- Access History Tracking and Submission of Audit Materials Obligation
- Requirement for Applying the Principle of Least Privilege
Limitations of Existing Management Methods
Issues with Individual Service Management
1. Distributed Management
Service A management console → Register 100 users
Service B management console → Re-register the same 100 users
Service C management console → Register another 100 users
└─ Problem: Repeating the same task, risk of information inconsistency
- Managing User Information Duplication by Service
- Risk of Missing Deletion of Resigned Employee Accounts
- Need individual modifications in all services when policy changes.
2. Lack of Policy Consistency
- Applying different authentication policies for each service
- Different criteria for setting access conditions
- Security Level Variation Occurred
3. Difficulty in Responding to Audits
- Different log formats by service
- Unable to view integrated history
- Time-consuming collection of audit materials
Limitations of Manual Account Management
1. Delay in synchronizing personnel information
HR Team: New Employee Registration Completed
IT Team: Account Creation Request Pending
└─ Issue: Unable to Access System for Several Days After Joining
2. Human Error
- Typos and omissions occur during manual input.
- Authorization Error
- Delay in Deactivating Resigned Employee Accounts
3. Scalability Constraints
- Delay in processing during large personnel changes
- Mass modification work required during organizational restructuring
Differentiators of the Security365 Management Center
1. Integrated Management Console
Security365 Management Center: Single Console
Users · Policies · Licenses of All Services
↓
Security365 Management Center
↓
Apply to All Services with a Single Setting
Management Scope
| Managed Targets | Function |
|---|---|
| User | Registration, Modification, Deletion, Activation/Deactivation |
| group | Basic Group, Policy Group, Condition-Based Group |
| administrator | Role-based access control, access policy configuration |
| License | Allocation, Release, Automatic Allocation by Service |
| Policy | Conditional Access Policies, Authentication Policies |
2. Automatic Account Synchronization
Security365 Management Center: Personnel System Integration
Microsoft 365 / SCI Server HR Information
↓
Automatic Synchronization (Manual/Scheduled)
↓
User·Group Automatic Creation·Update
└─ Effect: Real-time reflection of HR information, minimizing management burden
Synchronization Options
| Option | Explanation |
|---|---|
| Full Synchronization | Synchronization of all AD groups and user information |
| Designated Group Synchronization | Sync only the selected group and members |
| Automatic Synchronization | Automatically execute according to the set period |
| Manual Synchronization | Run immediately if an administrator is needed |
3. Conditional Access Control
Security365 Management Center: Multi-Condition Validation
User Access Request
↓
Condition Verification: IP + Time + Country + Device
↓
Conditions Met → Access Allowed (Additional Authentication Optional)
Conditions Not Met → Access Denied
Example of Condition Combination
| scenario | condition | result |
|---|---|---|
| In-house work | Company IP + Weekday Working Hours | Access Allowed |
| Remote Work | Registered home IP + weekdays | Access Permission + OTP Authentication |
| Overseas business trip | Overseas IP | Access Denied or Administrator Approval |
| Night Access | Nighttime hours | Access Denied |
4. Granular Permission Management
Security365 Management Center: Role-Based Permissions
Super Administrator: Access to all features + Granting administrator permissions
Editor Administrator: Menu view/edit (excluding administrator menu)
Viewer Administrator: Menu view only
Log Viewer Administrator: Can only view log menu
Permission Matrix
| role | User/Group | Policy Settings | Administrator Management | Log Inquiry |
|---|---|---|---|---|
| super administrator | ✅ Edit | ✅ Edit | ✅ Edit | ✅ Inquiry |
| Editor Manager | ✅ Edit | ✅ Edit | ❌ | ✅ Inquiry |
| Query Manager | 👁 View | 👁 View | ❌ | ✅ Inquiry |
| Log Query Administrator | ❌ | ❌ | ❌ | ✅ Inquiry |