Over the years, Information Technology has transformed the global economy and connected people and markets in ways beyond imagination. But with increasing adoption of IT and digitisation of documents and processes, security and privacy-related threats have also grown in equal proportion. Nirmal Anshu Ranjan & Arpit Gupta of Elets News Network (ENN) talk to various stakeholders in the IT & security domain to know how technology can be used to insulate critical data and information against possible potential threats
India has carved a niche for itself in the field of Information Technology, and more and more businesses, governments, organisations, institutions and individuals are making an ever-increasing use of IT. Industrial establishments, various governments and the banking & finance sector of the country are the ones that leverage technology for delivering services more efficiently and in a cost-eefective manner, thereby consolidating the foundation of the national economy.
However, the blessing of IT also is fraught with numerous security risks, like theft of data, privacy breach, unauthorised access, and abuse and misuse of users’ huge data bank by criminal elements. Starting off as a fun activity, cyber attacks are an organised global crime today, having the potential to create holes in the socio-economic fabric and security cover of a nation.
In this backdrop, it is once again the blessing of technology that plays a critical role in enhancing security at different levels. Iris and voice-based identification methods are being used nowadays to authenticate an individual’s identity.
It is IT that helps keep an individual’s data secure just on any platform; it’s IT that guards data and operations of businesses against any possible intrusion; it’s IT that throws a security cover around the highly sensitive information of a country’s defence force; and it’s IT that ensures a safe and secure environment for financial transactions.
It was only recently that the Government of Maharashtra deployed camera-fitted drones to monitor traffic on the Mumbai-Pune Expressway, known for an extremely high volume of vehicular traffic movement and an equally high number of accidents. The outcome was that several traffic rule violators were penalised based on the images sent by the flying cameras. This also underlines the kind of role technology can play in security and surveillance system.
At a time, when the government is making allout effort to raise Smart Cities across the country, the role of technology in making these secure cities becomes so very crucial. In fact, safety and security are ingrained in the very concept of Smart Cities, which can’t be achieved without technology tools.
We talked to a number of IT stakeholders and security experts to know their views on the role IT can play in security and surveillance. Some of them came up with really interesting observations.
“The challenges facing the banking industry include the security, turnaround time for response, the impact of negative comments and analysis of unstructured data/information, availability of applications across different mobile devices working on different platforms, data management, etc. Mobile applications pose greater challenges associated with application security, governance and version management,” points out Rakesh Kumar, General Manager- IT, Punjab National Bank.
The convergence of social media, mobile banking and cloud have brought about a paradigm shift in the delivery of financial services, but they also bring challenges relating to data privacy and regulatory adherence – key being the user credentials, availability, interoperability and security issues, according to Kumar.
Tamaal Roy – CEO, Biomatiques Identification Solutions Pvt Ltd, says, “The application of the product (identification solutions) is in the field of administration rather e-governance, to be precise. It can become very useful tool in the expert hands of law enforcement, vigilance, security and allied agencies.”
India has already brought services, like income tax, passport-visa, under the IT realm. Most of the Indian banks and securities market have also gone on full-scale computerisation, bringing in the concepts of e-Commerce and e-Banking. These can be lucrative targets to paralyse the economic and financial institutions, he says.
With a steep rise in crime, technology integration has become a must when it comes to security. As for IT in physical security is concerned, providing standalone CCTV systems or Fire Alarm systems are not enough. ‘Smart Security’ is the way forward with capabilities for facial recognition, auto detection of any suspicious items, centralised monitoring and response mechanism for any security.
According to G P Singh, CMD, Modern Group of Companies, the conventional man guarding has always been the best means for getting any site secured, but it comes with a lot of challenges. There has to be some mechanism that could replace man guards with technology, which can ensure security round the clock and at the same time, can be affordable. IT is at the heart of our modern life and has transformed the way we communicate, work, travel and shop. As for businesses, along with the basic elements, security is one element that every business needs to solidify its foundation. Information security at the parameters has been a general trend giving birth to firewalls, IDS, IPS-like technologies, but the need of an hour is to secure sensitive information not only from outsiders but also from threats within the organisations.
Rana Gupta, VP-APAC – Identity & Data Protection, Gemalto, explained, “In our 2015 Global Customer Loyalty Survey, over 64 per cent of respondents mentioned that they are unlikely to do business again with a company that had experienced a breach. Hence, any solution or service design must begin with an intelligent security architecture that ultimately allows the end-user to have trust in the device, the network, the data and the ecosystem.”
Gemalto has been relentlessly working and developing solutions for decades to defend sensitive industries such as Banking, Healthcare and governments across the world. “With our security modules, we enable our partners to deliver secure digital services for billions of individuals and things.
From the ubiquitous Cloud and Big Data, to emerging trends like IoT, mobility and BYOD, technology has not only disrupted the market place, but it has also led to new challenges for enterprises, opines Kunal Ruvala, Senior Director, Engineering – RSA, EMC India COE. “With unprecedented volumes of data being generated every second, and increasing number of connected devices, information security is a critical concern for enterprises today.”
Gartner predicts that by 2018, the need to prevent data breaches from public clouds will drive 20 per cent of organisations to develop data security governance programmes. “Modern enterprises need to implement a comprehensive data security governance programme with a watertight security roadmap and insight into security policy gaps. As the world grows more connected, threats to data security will continue to grow. It is critical to invest in intelligent security measures that have visibility into all threats, can analyse systems to identify anomalies and can take rapid action against them.”
With the advent of many IT services security, safety and privacy of data has become of paramount importance, to both large and small organizations, Ruvala says adding, “Of late, the numbers of buyers – the seekers of cloud and data services and the seekers of data security have gone up.”
Sriram, Head – Solution Delivery Center (SDC), Healthcare Transformation Services, Philips, explains, “Taking additional security measures to secure your data and the cloud services is a smart move in today’s times, as losing your important business information to the hackers can prove hazardous. It is advisable to take measures like updating your programmes, change and strengthen your passwords at regular intervals and make sure to not allow access to any unauthorised personnel. Hiring consultants for maintaining the security is another suggested move. This ensures top quality security under the supervision of an expert.”
The information security challenges described above assume an even greater importance in the Healthcare industry given the extensive exchange of personal health information across providers, insurers (payers), government, clinicians and individuals leveraging various platforms and devices, he says.
Chandra Sekhar Pulamarasetti, Founder & CEO – Sanovi Technologies, says, “Sanovi offers Business continuity and IT Disaster recovery automation software products to ensure our customers can reliably and quickly recover their IT applications and systems from any outages and ensure service continuity to the end users. The Role of IT in Security will be to support compliance with newer regulations, prevent newer kinds of cyber-attacks and ensure a resilient IT Infrastructure, even if there are breaches in security.”
IT in security – the practice of defending information from unauthorised access, disruption, modification, or destruction – has undergone a critical transformation. Currently, it is critical that an organisation’s IT security strategy aligns to its business priorities, and enables advancement as it is key to reciprocate economic stability and growth.
Asoke K Laha, President & CEO of Interra Information Technologies Inc., says, “At the heart of many critical innovations lie a secure and fluid exchange of information. We are presently in an information-centric economy and find ourselves in an age of digital warfare where information is constantly at risk. It requires direct interaction with customers, tighter integration with partners and the incorporation of external talent and resources, while at the same time safeguarding trademarks, copyrights, and patents.”
He maintains that IT in security has made tremendous progress in driving tighter linkages between business innovation goals and security actions. For example, many organisations are increasingly using web-based collaborative tools to facilitate information and knowledge sharing among various user groups in order to improve productivity. There has also has been growing recognition of the need to take a risk-based approach to security, such as information risk management.
Vikas Bhonsle, CEO-Crayon Software Experts Pvt Ltd, feels, “Every Company needs to have an ultimate data security guide. Most of the sensitive information of a customer like Personally Identifiable Information, Financial Information, such as payment information, personal files, bank account details, credit history, etc., are hard to replace and can be very dangerous if it falls into the wrong hands. While there are the human risk factors, more critical would be the Data loss resulting out of natural calamities such as a flood, earthquakes, etc., can pose a much bigger threat.”
Data security is broadly split into three important components – Risk assessment, Securing Data and Mobile Data Security, and there needs to be an IT-based robust security mechanism to insulate those against any possible threat.