Using the Intel vPro® Platform, Intune, and Zero Trust Architecture to Create an Environment Where Engineers Can Focus on Development
Accounting is essential for sound corporate management. Almost every year there are changes to laws and systems that pertain to financial and tax work, meaning companies must always obtain and use the latest knowledge to correspond to the changes. Because one mistake can affect the trust that customers have in the company, it is delicate, complicated, and difficult work that requires careful attention.
TKC Corporation was founded in Tochigi, Japan and has 55 years of history. The company handles corporate accounting and develops systems that support the work of certified tax accountants, accounting offices, and local governments nationwide. The company promptly provides systems and services to diverse customers, so engineers make up at least 40% of more than its 2,000 total employees.
In 2020, TKC replaced approximately 800 engineer computers with Dynabooks that run on the Intel vPro® platform. For engineers who sometimes have to repeatedly run high-load processing, having peak computer performance is one of the most important points for productivity. But it's not just about performance—the company prioritized finding a solution with high security features and efficient device management tools.
Migrating to High Performance Laptops on the Intel vPro Platform
Previously at TKC, employees in departments that would frequently travel (such as the Sales Division) were using laptops, but engineers opted for desktop computers for better performance.
When engineers develop systems, they often handle large volumes of data, and their work requires processors that have enough storage and memory capacity to do processing and testing without system stress. Mr. Naoki Kanamori, an IT manager who maintains work environments at TKC, says, "there was also a preconception that laptops would probably be slow."
However, there were often situations when only having a desktop computer for day-to-day work felt inconvenient. For example, when an engineer needs to share documents during a meeting in person, it is difficult to take their desktop computer to the conference room. However, both the cost and management aspects associated with introducing devices for easier mobility (laptops) were not feasible.
As a test, the TKC IT team consulted the manufacturer and introduced a few laptops running on the Intel vPro platform for engineers to verify performance. With the rising trends in remote work as an outcome of the pandemic, TKC decided to do a complete migration from desktop computers to laptops to enable its hybrid workforce. While there were also concerns about insufficient processors being available globally, TKC was still able to roll out vPro-powered Dynabooks on a large scale (800 units).
Intel® AMT Gives IT Device Control and Increases Engineer Productivity
Laptop performance had been one of the concerns, but during the verification stage, they found that the Dynabooks were able to produce more than enough performance power. Kanamori says that the engineers were convinced that the laptops achieved processing speeds that compared favorably to their previous desktop computers running on Intel® Core™ i7 processors.
Not only was the more portable form factor easy to carry, but users didn’t feel restricted by the screen size. Kanamori explains that although the main display wasn't large, it was easy to connect an external monitor and expand the desktop to their liking.
TKC introduced about 800 units of Dynabook S73, which run on the Intel vPro® platform. The standard model has a 13.3-inch LCD with high durability and is particularly easy to use.
TKC had practice working in a hybrid model when it participated in the 2020 TDM Projects conducted by the Tokyo Metropolitan Government. This project was an effort to control transportation planning for Tokyo Olympics—one aspect of this project was encouraging remote work participation to mitigate traffic in the hosting city. With that framework already tested as part of the project, TKC was well positioned for a smooth migration. Olympics, so they were able to migrate relatively smoothly.
Now that the computer environments and network environments are in place, Kanamori asserts that they “have come to the stage where they can really see the value of the Intel vPro platform." More specifically, the value of the platform’s hardware-based device manageability feature, Intel® Active Management Technology (Intel® AMT).
The team at TKC was interested in the technology’s ability to enable remote control and management of the engineer laptops. Intel AMT makes it possible to remotely access devices to power on, restart the operating system, and set various settings, even if the laptop's power is off.
Using this kind of system, the Management Division at TKC can ensure computers are updated properly and security is set up correctly, even when engineers are working from home in different locations.
Kanamori notes that even if engineers are savvy about technology and have high computer literacy, they are not always computer specialists, “even if they mean to update to the latest version, sometimes the fine details, such as implementing the right firmware for the unique device model, fall through the cracks and end up not getting applied.”
Streamlining the device update process makes it possible for engineers to focus on their own tasks without being slowed down trying to figure out complex computer maintenance. Being able to ensure the latest updates are implemented remotely without disruption to the engineer workflow is a major advantage.
Enhancing Hardware-Based Security Infrastructure for Cloud Computing
Performance is a parameter where engineers can't compromise. But for TKC, which provides systems that support the company's financial foundation through certified tax accountant offices, security performance is prioritized before everything else.
With the shift to a mobile workforce, TKC has been revising its internal systems, migrating from its on-site environments to cloud-based environments. Kanamori thinks that cloud computing will become increasingly effective with dispersed workers, but higher security is required to use cloud environments safely. He says that the "zero-trust model" handles that major role.
The zero-trust model can't be achieved unless it is possible to have defense at all layers, from hardware to firmware, the operating system, applications, and networks. In the zero-trust model, having a high-security hardware foundation is the first line of defense.
To this end, the Dynabooks that TKC introduced come equipped with Intel® Hardware Shield as part of the Intel vPro platform. The Intel Hardware Shield technology reduces the risk of attacks that target the BIOS (UEFI), protects against unauthorized programs like ransomware, and makes it possible to use the operating system safely. In addition, using virtualization at the hardware level makes it possible to protect data pertaining to user authentication, while increasing security and software performance.
The hardware-based security features of the Intel vPro platform provided the security infrastructure TKC needed to enable Microsoft Intune cloud service for comprehensive mobile device management (MDM). This technology allowed the company to build a zero-trust environment with peace of mind. Kanamori says that they are currently working on more advanced manageability settings to manage device application installations and updates for laptops inside and outside the company firewall.
TKC introduced about 800 units of Dynabook S73, which run on the Intel vPro® platform. The standard model has a 13.3-inch LCD with high durability and is particularly easy to use.
Staying Agile and Proactive to Achieve a More Secure Remote Work Environment
Changing to a zero trust model with the hardware-level security protection of the Intel vPro platform and strict control using Microsoft Intune was a significant transformation for TKC. Kanamori says that by combining these three parameters, it is possible to achieve an environment where people can work remotely while maintaining a higher level of safety, even when using home networks or public Wi-Fi to access internal company systems.
While TKC has implemented a streamlined technology mix that enables workers to be productive without disruption, they still prioritize educating their employees to grow tech literacy. Kanamori collects and distributes critical industry and security information so that employees have the latest resources to stay informed and proactive. He says that he is "making the first move" by sending this out on all internal company channels.
No matter how great the computer or network environment is, people are the ones who use it. If users don't have enough knowledge, they may use it in incorrect ways or create weak spots. Kanamori says that combined with hardware and software functions, spreading important information throughout the company will lead to stronger "offensive security" for the TKC system.