As enterprises modernize their IT environments, balancing workforce flexibility with robust security has become a defining priority across the cybertech ecosystem. SCSK is advancing its digital transformation strategy by adopting a Zero Trust architecture combined with Windows 365 to enhance productivity, security, and service delivery. The initiative reflects a broader industry shift away from traditional perimeter based defenses toward identity driven security models built on the principle of never trust, always verify. The SCSK Zero Trust strategy is designed to support a distributed workforce while maintaining consistent control over data and access.

Founded in 1969 and part of the Sumitomo Corporation Group, SCSK serves more than 10,000 corporate customers across consulting, system integration, and business process outsourcing. As digital adoption accelerates, the company is rethinking how it secures operations, particularly for employees working remotely or at customer sites. Historically, SCSK relied on remote desktop solutions and virtual desktop infrastructure to centralize data and reduce device level risks. However, evolving requirements and the transition to Windows 11 Enterprise prompted the company to modernize its approach.

A key component of this transformation is the adoption of Windows 365, which enables cloud based PCs where data is centrally managed rather than stored on local devices. This approach allows SCSK to enforce security policies consistently across environments, regardless of user location. By integrating Zero Trust Network Access tools and a Secure Access Service Edge platform, the company ensures that all traffic is monitored and controlled in real time, reducing exposure to potential threats.

According to Akira Yoshioka, “One of the biggest advantages of Windows 365 is that data isn’t stored on the device everything is managed centrally, including updates and patching. By combining that approach with Zero Trust, we can enforce our security policies consistently, inside and outside the company. To do that, we integrated ZTNA agents with Cloud PCs and use a third-party SASE platform to control and monitor traffic. The result is a secure, worry-free work environment employees can access from anywhere.”

The company’s architecture leverages Microsoft technologies such as Microsoft Entra ID and Microsoft Intune to manage identity, access, and device policies at scale. Cloud PCs operate within Microsoft hosted infrastructure, with all connections routed through secure access layers rather than relying on traditional network perimeters. This design supports both security and operational efficiency, particularly for roles requiring specialized environments.

Shinji Miyazaki explained, “We use Microsoft Entra ID to manage identity and access. Our Windows 365 environment runs on Microsoft Hosted Network, so Microsoft provides and manages the network foundation. From each Cloud PC, traffic is routed through a ZTNA agent and then to our SASE platform, which enforces access to internal resources. Because users connect through this cloud-based path, we don’t rely on a traditional perimeter model.”

SCSK began piloting Windows 365 in 2024 and moved to full production in October 2025 after validating its Zero Trust environment. During testing, the company identified and resolved connectivity issues related to ZTNA configurations, reinforcing the importance of validating communication paths in secure cloud deployments. Junki Iwama noted, “We could sign in to Windows 365, but sessions disconnected soon after. We traced the issue to the ZTNA agent, which was blocking the traffic needed to keep the service running. Adjusting the agent settings resolved it and reinforced the importance of validating communication paths when pairing Windows 365 with ZTNA.”

The organization now uses a combination of Azure Virtual Desktop for shared environments and Windows 365 for personalized Cloud PCs. This hybrid approach allows SCSK to support different user needs, from task based access to fully customized development environments. The company is also exploring Windows 365 Frontline to expand access cost effectively across teams with intermittent usage requirements.

The SCSK Zero Trust strategy demonstrates how enterprises can align security with user experience by embedding protection directly into cloud infrastructure. By combining Zero Trust principles with cloud based virtualization, SCSK is not only improving internal operations but also building expertise it can extend to customers. As demand for secure, flexible work environments continues to grow, this approach positions the company to deliver scalable, high value IT services in an increasingly digital world.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com



🔒 Login or Register to continue reading