Ripu Bajwa, Country Manager - Data Protection Solutions, India, Dell-EMC, in conversation with Sachin Nandkishor Mhashilkar, CIO&Leader, provides advice to Indian CIOs to combat threats around critical data, especially in mobile environment. He further highlighted DELL- EMC's Isolated Recovery Solutions
How do you see Indian enterprises gearing up for digital economy - in terms of data protection?
Post demonetization, the entire nation saw a paradigm shift in business transactions. People went cashless and most of us were introduced to new and effective payment methods. Nowadays banks and financial institutions are looking forward to transform their systems and processes through digitization. Hence, cyber security still remains one of the major concerns as cyber-attacks have been destroying businesses over time. India still lacks the skilled resources required to be prepared for a cyber-attack but with banking and commerce becoming electronic, and being linked to unique identifiers, such as Aadhaar, there is lots of room for improvement. With the deployment of several security solutions by various organizations and businesses to protect their integrity, several counter attacks have been seen in recent times. Enterprises have taken up several risk assessment measures in order to save their data.
Your advice to Indian CIOs/CSOs to combat threats around critical data, especially in mobile environment.
Mobiles devices are the easiest targets for cyber criminals as mobile malware has become highly profitable. This has been misleading programmers into committing cyber-crimes more than ever before. Most people today store their confidential and important data on their smartphones which makes it even more essential to protect them from cyber-attacks. Various ‘trojans’ disguised as mobile apps are unknowingly downloaded by us which leads to data breach. Cyber criminals today have extended their reach beyond individuals to governing bodies and businesses. Usually when a cyber-attack takes place, we try to hide the fact that we have been attacked but we need to know that the attacker can share or sell this data which might be time sensitive for monetary benefits. Hence it becomes a top priority for CIOs to facilitate exchange of valuable information to be a step ahead of the cyber criminals. The most important steps which should be taken are to ensure that the device and the network are secured primarily. This can be done by ensuring that the devices are protected by robust security solutions and also by implementing proper authentication measures. It is also necessary to secure the number of large-scale datacenters, which serve as engine rooms for mobile Internet.
How do you protect enterprises who are adopting IOT?
We have seen major growth in the number of IoT devices which in turn has given rise to the potential risks to modern enterprises. Smart devices have led to an increase in the volume of data raising concerns related to data privacy and security. Enterprises who have adopted IoT solutions must ensure that the devices are properly connected to the cloud. We need to keep in mind that having an efficient storage capacity is as important as managing the IoT data cost. The immense growth of IP networks has left IoT applications extremely prone to malicious attacks and can cause damage to the IT infrastructure. IoT devices need to be authenticated before they integrate or sync with the centralized network, making sure that the device is protected from spoofing attacks. The infected device acquires data from other devices connected to the network and replaces it with malicious data of its own. Software patching is another method which avoids the IoT device from being compromised, preventing data loss. However, one must make sure that every software update that it undergoes must be from an authentic source. IoT software analytics must be taken proper care of so that it can alert the user once there is an irregularity in behavior. This will let the user disconnect the infected device from the network preventing further damage.
Can you highlight a bit on Dell-EMC’s Isolated Recovery Solutions?
We are prone to several cyber threats across various networks we are connected to. Businesses have been performing tremendously well in protecting themselves against the most popular threats known to us. But they still seem unprepared for the new incoming attacks that can compromise security and data. DELL-EMC released its new Isolated Recovery Solutions which provides complete protection against attacks and safeguards the data. Organizations all over are being victimized by such attacks and majority of them result through end-user devices. The response time between security breach and data damage needs to be fixed in order to maintain harmony in an organization. DELL-EMC believes that recovery is the only way to bounce back from such attacks. Due to which we come to a conclusion that isolating the recovery data adds an extra layer of protection. The companies need to figure out which solution needs to be deployed in order to meet the recovery point objectives. There is also a need to have an isolated datacenter environment for the mission-critical data, which would require everyone to go through authentication levels so that they can access the network. An automated process should be in place to keep a track of data copies and “air gaps” between the isolation and production zones. A proper scan of the copy data in the isolation zone needs to be conducted to check for malware. Post which the recovery procedures need to be followed.
Your roadmap (Dell-EMCs) in India from Data Protection Business stand point?
The roadmap for Dell-EMC in India is to support our customers on their digital transformation journey ensuring that there is no loss of data. The key role would be to facilitate easy management and mitigation of risks arising due to cyber-attacks. We aim to provide higher quality engagement and support to our customers by leveraging our comprehensive portfolio of products, solutions and services.