Indian firms take IT security as way to gain more clients
By Suman Ravikumar, SiliconIndia   |   Thursday, 04 November 2010, 16:39 IST   |    1 Comments
Printer Print Email Email
Indian firms take IT security as way to gain more clients
Bangalore: As India entered the new millennium it became busy with safeguarding its systems from Y2K bug and the threat of internet viruses and worms introduced India to antivirus solutions and firewalls. Today,Information security has a broader meaning as Indian enterprises are expected to take a more proactive stance towards security,however only 55 percent of respondents find their organization ineffective or only somewhat effective at assessing security risks. Usually Indian companies are always thought to be least spenders in IT security as they always look for return on any of their investments. But in contradiction to the statement ,a survey conducted by Gartner in India, Australia, and China has found that organisations in the Asia Pacific region spend a larger proportion of their IT budget on security than their North American and European counterparts .Not surprisingly this seems to be aligned to the fact that most Indian firms are into IT services who are client oriented.International companies seeking to outsource work to Indian firms insist on security certification, or adherence to laws, standards and business practices prevalent in their respective countries. All the top software services companies see security as a business perspective investment than a conscious investment as most foreign clients are particular about information security which makes most IT-enabled services companies, and BPO outfits going hunting for security certifications like BS 7799 or ISO 17799. To act in accordance with the demand, there are new solutions that have gained momentum as they leverage on technologies like cloud computing. One such solution is provided by Ipolicy Networks (Security Products Division of Tech Mahindra Limited).It is industry's leading integrated network security product manufacturer. The products are powered by industry's most advanced real-time integrated security technology, Single Pass Architecture which protects high-speed networks from worms, viruses, unauthorized access, spyware, intrusions, spam mails, Trojans and other emerging threats. With the security product already added on at the operator's end, the solution processes at a high speed, scanning all the information without impacting the performance of the system and also blocks the system from further threats. The product is cost effective and easy to upgrade as well. It provides solutions to service providers, enterprises, educational institutions and government agencies as well. Lucius Lobo, Director, Security Services, Tech Mahindra says "Executive management expects a tangible return on investment and a level of assurance, which Company Security Officers (CSOs) find difficult to produce. In its absence, the rational for decision making becomes subjective and traverses between, "So far no one has hacked us so why should we worry" to "Let us do what is required to meet out auditing and regulatory requirements". As a result, today, security investments are driven by the need to satisfy regulatory and compliance related issues and material asset protection, to ensure company's auditors provide the mandatory tick in the box." Today security is more important than science. Explaining the new trends Lobo said security products are now used for mobile security. As smartphones like the iPhone take over the mobile Web, the amount of data traffic going over cellular networks is expected to grow 40-fold over the next five years. A lot of that data will come in the form of mobile Web browsing, with the biggest contributor expected to be mobile video. Hence mobile security is latest trend. Organizations are not only investing in infrastructure security but also information security which is called Digital Right Management (DRM).Physical security is one of the sectors where the product can be used extensively. Due to increase in terrorism, threats in malls, hospitals and other public places are very likely. Hence a video surveillance is a must. But with the old technology of cables and wires and 'n' number of cameras, security becomes very difficult and cumbersome. The security solution will provide solutions through digital analytics which is based on internet cameras. For example:It will detect suspicious events that take place in an airport .If a person is entering from the exit gate or if a person is laundering in a restricted area ,it will immediately rise an alarm through its digital analytics and draw the attention of the security department to take action. This technology not only makes physical security easier but also opens a new avenue for professionals as data capture and transferring needs extensive coding and knowledge about the technology. The job will require highly skilled software computing and a very creative mind to analyze the situations that would alert the cameras. Lobo mentions that security services need to be simple, relevant and easy to update. The right approach towards security is to adopt a qualitative and participative style of decision making rather than seeking ROI. Executive management should focus on three basic questions; what data we are protecting, what is its value to business and how do we protect it across all layers. There is a need for executive management to work closely with the security team to ensure that the business requirements can be appropriately translated into a defense in depth security requirement and a sincere attempt made to bridge the gap by better understanding what security means to business, rather than expect the security champions to figure it out.

siliconindia