UNLOCKED

Yamaha Music has implemented two solutions from Active Directory specialist Semperis to detect and respond to current threats , and to rapidly recover Active Directory in the event of a compromise .

Beginning as a reed organ manufacturer in 1887 , the company soon expanded into the production of pianos and guitars , and later the manufacturing of phonographs , professional electronics and hi-fi players . Yamaha is known as the world ’ s leading maker of musical instruments .

The founding of Yamaha Music Europe GmbH in Germany in 1966 marked the company ’ s entry into European manufacturing . Acquisitions of German music software and hardware maker Steinberg and Austrian piano maker Bösendorfer solidified Yamaha ’ s presence in the German market . The company ’ s European arm now has about 800 employees across sales , service and musical education , with branches from Sweden to Italy .

Like many global businesses , Yamaha today faces a symphony of cybersecurity challenges . Its highly heterogeneous IT infrastructure must connect headquarters with regional branches , home offices and mobile workers . The company uses standard products , such as Microsoft 365 , as well as in-house solutions to keep its workforce connected – both on-prem and in the cloud – whether operating in the office , on the road or at home .

This constant demand for high connectivity , reliability and performance goes hand in hand with a different challenge : increasing cybersecurity threats .

A familiar tune : Balancing access and risk

Christian-Martin Schulz , Senior Network Engineer , Yamaha Music Europe , and his experienced team of 12 are responsible for maintaining secure , high-performance access to Yamaha ’ s corporate network . Schulz is also an active member of the company ’ s German works council . As such , he is well versed in the importance of data protection and the problems inherent in managing access and authorisations across the enterprise .

These priorities prompted Schulz to evaluate the security of Yamaha ’ s identity infrastructure . Like 90 % of companies worldwide , the company uses Microsoft Active Directory ( AD ) as its central directory service .

Through the course of his duties at Yamaha , Schulz developed a passion for cybersecurity . He began searching for ways to check the security status of the company ’ s identity infrastructure .

“ We ’ ve been using AD since Windows NT ,” Schulz said . “ It ’ s the central authentication point for all systems . Without AD , practically nothing works : no remote connections , no access .”

Evaluating Active Directory security his research eventually led him to Purple Knight , a free tool for assessing the security of AD and Entra ID ( formerly Azure AD ) environments . He learned that Purple Knight is a leading community tool for detecting indicators of exposure ( IOEs ) and indicators of compromise ( IOCs ) in hybrid AD infrastructures .

Schulz downloaded Purple Knight and began using the tool to conduct a comprehensive series

44 WWW . INTELLIGENTCISO . COM