The COVID-19 pandemic has necessitated many entities to change the way they look at security and resort to more serious actions to strengthen their security infrastructure. Anand V, CEO and Director, Raksha Technologies talks about the company’s preparedness to stand up to these challenging times
As a security solution provider, how do you assess the current scenario and the lessons learned? What’s your preparedness to handle such unprecedented situation?
The current pandemic has brought organisations across many industries to a grinding halt. Anxiety engulfs business establishments forcing them to make quick decisions and find new ways to ensure business continuity. Many companies took to ‘work from home’ as a knee-jerk reaction without any forethought on secure access, data control, authentication, compliance, etc, which proves the lack of preparedness for disaster of this scale. The current scenario has created an easy passage for hackers to get into the network.
Organisations that tread on strong technology foundation and security framework stand a better chance to sail through these tough times with minimal impact. The pandemic has necessitated many entities to change the way they look at security and resort to more serious actions to strengthen their security infrastructure. Business houses have understood the need to adapt and evolve at the pace of such testing times in future.
We expect India Inc. to look at the following:
• Work from home as a means to cut investments on office infrastructure
• Adapt with tools to make work from home more productive and secure
• Preparedness to cope with unexpected challenges
• More investments in strengthening security infrastructure
• Cloud for data access and better data control
Our preparedness to stand up to this challenge is mixed. Though we didn’t anticipate anything of this magnitude, we are able to extend our support through remote sessions and communicate with our customers and internal teams with our available tools. We are in touch with our technology partners and working overtime to deploy newer approaches to support business continuity of our customers.
With the sudden rise in cyber threats and attacks during this period, how are you ensuring your customers’ data is safe and helping them mitigate risks?
We are working with multiple OEMs and they have extended specific solutions for customers to handle this crisis. As a basic practice, we recommend organisations to allow access to its users to the applications with Zero Trust / additional layer of security (MFA) / port limitation on firewall / DNS security and application control, Privilege Access Management, end-user monitoring and threat analysis, safety and compliance requirements.
By extending cloud security solutions to wherever possible further reduces the risk of data and ensures seamless accessibility. We are also giving backup and storage solutions to mitigate the risks. Educating the customer and end user on the security risks and need for secure remote working environment is also equally important.
Specific to work from home (WFH) requirements, we recommend organisations to have cloud-based End Point protection solutions, as WFH users might not connect with corporate network and still be able to work without any protection. We have also suggested enterprise security solutions, so that the customer data is safe and out of reach for cyber criminals. Besides, we are asking them not to use any free source software on the web without testing or analysing.
Our other offerings include:
• A dedicated monitoring team for the infrastructure
• A secured browsing and email access for user’s who do work from home
• PAM to help track server activities performed, like which user logged in and which command was executed
• Security assessments and configuration assessments should be performed regularly for on-premise as well as for remote user’s and cloud infrastructure, application to find the loopholes in the infrastructure and fix it
• Robust response mechanism for incidents
• A DLP to protect from data leak and Email encryption
During this time of total lockdown, how are you ensuring 24×7 service and support to your customers?
We have the following processes to ensure our customers get round-the-clock service:
• Our services delivery team operate 24×7 to handle customer needs
• We have efficient collaboration and remote access tools which enable us to connect with our customers and delivery support services effectively
• We have a dedicated help desk number available to our customers 24×7
• As our team members are currently working from home, we have split the team to work during day and night. Hence, there is always a support team to service over phone or remote
• Our SaaS-based ticket portal is operational and customers can raise a ticket in the portal and our team would attend based on the priority and severity of the issue
• Being an ISO 9001 / 27001 certified company, we follow the best practices while offering remote support, and thus our customers can expect result-oriented support at all times
Highlight some of the challenges being faced in providing service or support to the customers in this period?
We are facing the following challenges during this hour of crisis. Sometimes, we had to attend too many support calls. Since our support team is limited currently, it is little challenging to handle all the calls at one go. However, we are able to provide needed support. We are also finding it hard to provide support when it involves hardware failure or RMA replacements.
Other areas of concern include managing hardware failures like UTM; providing remote support when customers are facing slow internet connectivity; as movements are restricted, physical delivery of our products are affected, even when customers are willing to buy; reduction in OEM support team restricts us to escalate issues involving their support; as the support is remote, user education becomes difficult particularly with non-tech clients and that’s why, we are getting repeated calls on the same issues, despite providing solution over the phone.
Soon we will witness business models changing, wherein there will be far more remote workers in any organization. In such scenario, what are the best cyber security practices that your customers should adopt? And how would you, as a security solution provider, compliment in such a scenario?
With the increase in remote workers, organisations might lack the visibility of data / policies/ compliance / latency and become victim of security breaches, which may result in losing customers and as a result, badly affecting their bottom line.
Enterprises can consider the following key areas:
• Customers have adopted cloud-based solutions like AWS or Azure to build the platform. Now, they need to ensure Cloud Security is intact. Cloud Security is a shared responsibility and one can’t be ignorant that cloud service providers protect you automatically. You need to subscribe / buy cloud security services:
• Hybrid infrastructure with data security for business continuity
• Enabling identity-based access with Zero Trust
• Laptop has to be encrypted and DLP installed
• Manage privileges access on servers
• Application whitelisting or lockdown of Endpoints
• Limit Privileges on Endpoints with all latest patches
• Behavioral monitoring, threat analysis and automation
• Review automation periodically
As a service provider, we will keep customers informed on the security threats and industry best practices. We can have a team for 24×7 remote support at our office and propose more of AMC type of solutions to the customers.
What’s your message to customers, so that they are assured of full support today and in the days to come?
As an organisation, we are committed to extend the support services to all our customer. We assure best of our services at all times. As a discerning customer of Raksha, you can contact us for any kind of support and our well-trained technical team is ready to address your issues swiftly.
We recommend the usage of emerging technologies which can enhance productivity, automate your work, improve the overall efficiency, reduce the manual intervention, and thus make your job easier and efficient.