Why IIJ's Safous Zero Trust Access quietly modernizes remote work

Reviewed: ad hoc news Accessory & Components desk. Edited and checked on 2026-06-18, 01:19. Details in the imprint.

Safous Zero Trust Access from Internet Initiative Japan is the kind of security product you first notice because you suddenly stop noticing VPN pop-ups. Instead of clunky clients and split-tunnel drama, users click a clean web portal and are simply in.

What Safous actually does

Safous Zero Trust Access is a cloud-based secure access service from IIJ that replaces traditional VPNs with an application-level, identity-aware approach targeting remote workers and contractors. Users log in via a browser to reach internal web apps, SSH, RDP and other resources without seeing the underlying network.

Instead of exposing IP ranges, Safous sits as a broker between user and application, enforcing authentication and policy each time. For end users, that means fewer IP addresses, less client hassle and a feeling of "just logging in to a website" rather than juggling tunnels.

How the architecture is built

On the back end, Safous uses so-called connectors installed in the corporate environment that initiate outbound connections to the Safous cloud, which helps keep internal services off the public internet. The service then proxies user connections, enforcing zero-trust policies with each request.

IIJ highlights that Safous is built on its own global backbone and leverages multiple points of presence in Japan, Asia and North America for performance and resilience. That is attractive for Japanese and regional enterprises that already rely on IIJ for connectivity and want fewer providers to manage.

Security features that stand out

Security-wise, Safous leans into multi-factor authentication, single sign-on and granular access policies, integrating with identity providers like Azure AD and Okta. The idea is that identity, device posture and application context become the gatekeepers, not mere network location.

For security teams, one practical upside is central logging and visibility into who accessed which application, when and from where. That is something legacy VPNs often make cumbersome, scattered across appliances and log formats that barely talk to each other.

User experience in daily work

From a user's chair at the kitchen table, Safous looks like a tidy portal of tiles rather than a list of hostnames. A sales rep clicks the CRM tile, an engineer chooses SSH access, all through the browser or lightweight client rather than wrestling with IPsec profiles.

Because connectors initiate outbound connections, employees often do not feel the usual "VPN drag" when the company closes inbound ports and tightens firewalls. Sessions launch with less delay and fewer disconnects, which matters when you are presenting to a customer over video.

Where Safous is still limited

The flipside is that Safous focuses mainly on application access and does not try to be a full-blown secure web gateway or CASB in one box. Companies with sprawling SaaS usage may still need complementary services for data loss prevention or advanced threat controls.

Pricing is also not shouted from the rooftops. IIJ positions Safous as an enterprise service sold via its sales force and partners, with per-user or per-application models rather than simple self-service signup. For smaller firms, that extra friction may be a hurdle compared with mass-market cloud security platforms.

How it fits into IIJ's strategy

Safous is part of a broader zero-trust portfolio at IIJ that includes secure access, endpoint management and related services marketed to mid-size and large enterprises in Japan and overseas. The group has been shifting more revenue toward such recurring security and cloud offerings over the past years.

Net-net, Safous Zero Trust Access looks like a consistent step in IIJ's quiet evolution from pure connectivity provider toward a security-focused service platform, especially for Japanese corporates that trust domestic vendors for critical infrastructure.

Company context and stock reference

Internet Initiative Japan, listed on the Tokyo Stock Exchange Prime market, continues to position itself as a full-stack internet and cloud service provider anchored in Japan. Shares of Internet Initiative Japan (JP3749400002) trade in Tokyo in Japanese yen.

This article was AI-assisted and editorially reviewed. Product information without guarantee; prices and availability may change at short notice. No investment advice, no buy or sell recommendation. Stock-market transactions involve risks up to total loss.