@entitworld
@enterpriseitworld
@enterpriseitworld
RS 20
|
PA G E S 4 0
|
V O LU M E 0 7
|
ISSUE 04
WWW.ENTERPRISEITWORLD.COM
FOR THE CIOs. BY THE CIOs. J U LY 2 0 2 2
SECURING
THE
WEAKEST LINK Securing smartphones is difficult but necessary to achieve comprehensive organizational security
AVINASH DHARMADHIKARI
Associate Director EY
YOGESH KUMAR
Head, IT and Business Applications, Tata Advanced Systems Ltd.
P - 16
NEEHAR PATHARE
CISO 63 Moons Technologies
SATYAVRAT MISRA
VP and Head, Corporate IT Godrej Industries
EDITOR’S LETTER communication with the external customers and create them loyal and happy. Theoretically, these are very easy things, but it takes a lot of planning, vendor engagement, negotiation, tools and technology evaluation, SLA agreement, pricing, etc., which a CIO can perform out of his experience so easily. Earlier there was no involvement of the IT department in the functionality of other department except providing laptops and networking. Now the IT department is sought after when there is any strategic decision being taken to enable the department for any functionality – whether to connect with the internal people or external people. So, in one of our stories, a CIO from Malaysia says that the CIOs need to be allrounder. True they need to be allrounder. But fact of the matter is that CEOs are the allrounders in the organizations does it mean CIOs are CEO material. I would say yes. Going forward when they cross a certain age threshold or mindset should make themselves ready to become CEOs and get their managerial knowledge enhanced. And this is I think is the natural growth for a CIO.
CIOs NEED TO BE ALLROUNDERS OR CEOs
Hello Friends.
Life after the break (pandemic) is so beautiful, but there is too much of load on your shoulder. Today, the management has understood both the things that the CIOs need to be part of every project and without IT no project possible as every organization within the enterprise is being influenced by IT. So, the boss of IT – CIOs are taking cognisance of the situation and contributing. This is good from the perspective of the CIOs as they gain access to all the functionalities and try to contribute and create use cases – whether it is marketing, finance, legal, HR, etc. AI and RPA are two new technologies, which are impacting the outcome of all efforts in all the departments. If one looks at the enterprises, there are broadly 4-5 departments or organization including production, finance, HR, marketing, legal, etc. within the umbrella organizations. Today, AI and RPA are great tools for these organizations to create predictability and analyse the actions or feedback and offer solutions automatically. This not only enhances the productivity of the employees but also enhance the stickiness and
NEXT MONTH SPECIAL
S A N J AY M O H A PAT R A S A N J AY @ A C C E N T I N F O M E D I A . C O M
COVER STORY
SUPPLEMENT
INDUSTRY 4.0
QUOTES FROM TOP CIOS
The next issue is dedicated to the Industry 4.0. We would like to take feedback from the CIOs and OEMs and create our judgment on the same.
PLUS
Interviews and Case Studies
Catch interviews, guest articles and case studies of recent applications from the Industry stakeholders, IT/ITES Vendors and IT leaders and CIOs from the Enterprise IT World CIO Community.
The supplement story of the magazine would have relevant quotes from the top CIOs in India.
Send in your inputs to sanjay@accentinfomedia.com JULY 2022
ENTERPRISE IT WORLD
3
CONTENTS VOLUME 07
|
ISSUE 04
|
JULY 2022
|
W W W. E N T E R P R I S E I T W O R L D . C O M
FOR THE CIOs. BY THE CIOs.
Publisher: Sanjib Mohapatra Chief Editor: Sanjay Mohapatra Managing Editor: Anisha Nayar Dhawan Sub Editor: Kumari Ambika Art Director: Shadab Khan Web Designer: Sangeet Technical Writer: Manas Ranjan Lead Visualizer: DPR Choudhary MARKETING Marketing Manager: Tanu Malik Marketing Manager: Kunal Yadav SALES CONTACTS Delhi 6/102, Kaushalya Park, Hauz Khas New Delhi-110016 Phone: 91-11-41055458 E-mail: info@accentinfomedia.com
COVER STORY
16 SECURING THE
EDITORIAL OFFICE Delhi: 6/103, (GF) Kaushalya Park, New Delhi-110016, Phone: 91-11-41657670 / 46151993
WEAKEST LINK
info@accentinfomedia.com
Securing smartphones is difficult but necessary to achieve comprehensive organizational security.
INTERVIEW: /20 ML DataOps will play a huge role in the next wave of AI
Printed, Published and Owned by Sanjib Mohapatra Place of Publication: 6/103, (GF) Kaushalya Park, Hauz Khas New Delhi-110016
MORE INSIDE
4
Printed at Karan Printers, F-29/2, 1st floor, Okhla Industrial Area, Phase-2, New Delhi 110020, India. All rights reserved. No part of this publication can be reproduced without the prior written permission from the publisher. Subscription: Rs.200 (12 issues) All payments favouring: Accent Info Media Pvt. Ltd.
Editorial~~~~~~~~~~~~~~~~~~~~~~~~~~ 03 News~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 06
28
22 INTERVIEW
Phone: 91-11-46151993 / 41055458
INTERVIEW
32 SECURITY
34 CISO TALK
ANJANI KOMMISETTI
ROHIT SINGAL
MICHAEL DANIEL
SANDEEP KARANA
“Data Centres must be More Technologically Adaptive”
“Rahi elevates digital transformation to create integrated IT environments”
“Sophos Announces Sophos X-Ops”
“Breaking Traditions – The Journey from Passwords towards Adoptive Passwordless Authentication”
ENTERPRISE IT WORLD
JULY 2022
ITWORLD
ROUND UP
Redington India collaborates with AWS to drive cloud adoption in India
B Y S A N J AY @ A C C E N T I N FO M E D I A . C O M
Redington India Limited, a leading IT Technology provider, today announced that it has entered into a multi-year Strategic Collaboration Agreement (SCA) with Amazon Internet Services Private Limited (AISPL), which undertakes the resale and marketing of Amazon Web Services (AWS) Cloud in India. The deeper engagement with AWS will help Redington India enhance its cloud capabilities to drive growth in existing markets, and expand into Tier 2 and Tier 3 cities through its partners. It will help fuel the adoption of AWS Cloud by small-and-medium businesses (SMBs), scale growth with independent software vendors (ISVs), build unique value propositions in the enterprise segment, and strengthen the focus on public sector covering education, EdTech, and central and state governments. AWS will support Redington India and its existing 6
ENTERPRISE IT WORLD
JULY 2022
as well as potential partners with business and technical expertise, including training and enablement, solution development, and building technical competency and platform development support to accelerate their growth. Redington India will upskill its partners to cater to end customers with a wide gamut of services from AWS Cloud which include, architectural design, on premise to cloud migrations, proof of concepts, infrastructure optimization, well-architected reviews, remediation, Internet of Things (IoT) services, pre/ post-sales support, and much more. Through this collaboration, Redington India will build a Cloud Centre of Excellence (CCoE) to execute its cloud-first strategy, foster distribution of best practices in cloud computing, identify and attract new talent, and develop customized cloud solutions.
D ATA BRIEF
The CEO pay ratio increased by more than 27% between 2020 and 2021 according to Gartner, Inc.
Source: Gartner
NEWS BRIEF // IT WORLD
Kantar Study Finds Video Advertising in Native Environments Outperforms Social Media for Improving Brand Favorability and Consideration
Taboola helping people discover things they may like, today announced the results of an independent Multichannel Brand Impact study from Kantar, the world’s leading data, insights and consulting company. eMarketer forecasts show digital ad spending in the U.S. will reach $270B in the U.S. by 2023 and video plays a significant factor–more than half of marketers cite video as their most valuable ad format overall. The Kantar Multichannel Brand Impact study measured the effectiveness of video advertising within native environments against other environments, as it relates to helping reach brand impact goals. Key findings include: 1. Native video ads in the open web have a stronger impact on brand favorability and consideration than social or video platforms. 59% of study participants that received a native video ad exposure expressed brand favorability, compared to 50% for social
CIO
platform exposures and 51% for video platform exposures. 2. Brand awareness improved by 26% when adding native video ads in the open web to a marketing mix. When study participants were shown native video ads, 33% displayed top-of-mind awareness – compared to just 14% of the control group. When native video ads were combined with social platform video ads, top-of-mind awareness rose to 49%. Adam Singolda, CEO and founder, Taboola said,“Video ads continue to prove valuable to brands, especially as TV dollars are moving to digital,” “With industry estimates indicating that video advertising in the U.S. will reach nearly $50B this year, brands have a lot of opportunities to influence customers, as long as they’re choosing the right platforms and mix of platforms to relay their messages.
Vertiv Expands Presence in India with Unveiling of New Global Research & Development Center in Pune
Vertiv has announced the unveiling of its new state-of-the-art global research and development (R&D) center in Pune, India. In line with the company’s vision to boost innovation, the new expansive facility is equipped with advanced lab facilities that will support Vertiv product development and next generation Vertiv products. Located in Viman Nagar, the heart of the city, and spread over 30,000 square feet, the new facility is a strategic step towards expanding Vertiv’s presence in India and investing in the immense talent pool across the country. The global R&D center will support six new lines of business as well as shared design services for Infrastructure and Services and Integrated Rack Solutions. The new facility was inaugurated on-site by Vertiv executives, including Steve Blackwell, vice president of global engineering and Subrahmanyam Jana, senior director, global engineering; and virtually by Vertiv CEO Rob Johnson.
EVENTS
17-20 OCT, 2022
11 OCT, 2022
10-14 OCT, 2022
DATE: TO BE ANNOUNCED
Guiding CIOs and IT executives to accelerate digital business
AccleratorsX Awards
Gitex 2022
Microsoft Ignite
PLACE: ORLANDO, FL
PLACE: DUBAI, UAE
PLACE: DWTC, DUBAI
LOCATION: VIRTUAL
BY: GARTNER
BY: ACCENT INFO MEDIA PUBLICATIONS
BY: DWTC, DUBAI
WEBSITE: MICROSOFT IGNITE
JULY 2022
ENTERPRISE IT WORLD
7
NEWS BRIEF // IT WORLD
HPE GreenLake Advances Hybrid Cloud Experience with Modern Private Cloud and New Cloud Services
S/HE SAID IT
SUBHOJIT ROY
HEAD - IT, SBI FUNDS MANAGEMENT
“IT leader should be able to build a strong core IT team to support the company’s growth and business goals.”
“I have always focused on designing for impact and inventing for scale by contextualizing tech for the consumers.” Hewlett Packard Enterprise unveiled platform enhancements and new cloud services for HPE GreenLake, the company’s flagship offering that enables organizations to modernize all their applications and data. This includes a reimagined modern private cloud that provides a cloud-native experience to power an organization’s hybrid strategy, regardless of location. In addition, HPE unveiled eight new HPE GreenLake cloud services, giving customers more choice, control, and predictability for their enterprise cloud delivery. Antonio Neri, president and CEO, HPE said, “Three years ago, at HPE Discover, HPE committed to delivering our entire portfolio as a service by 2022,” “Today, I am proud to say that not only have we delivered on that commitment, we have become a new company. HPE GreenLake has emerged as the go-to destination for hybrid cloud, and
QUICK BYTE ON
our industry-leading catalog of cloud services enables organizations to drive data-first modernization for all their workloads, across edge to cloud. The innovations unveiled today further build on our vision to provide the market with an unmatched platform to spur innovation and drive transformation.” The HPE GreenLake Platform – the Foundation of the HPE GreenLake Experience HPE GreenLake edge-to-cloud platform provides customers and partners with a unified experience, control and visibility, and fast and easy access to over 70 cloud services. Today, HPE GreenLake has 65,000 customers and over one exabyte of data under management with customers worldwide. These organizations benefit from one control plane from which to automate, orchestrate, and run their hybrid cloud strategy.
H O N E Y B A JA J , G LO B A L C H I E F O F C O N S U M E R E X P E R I E N C E & B R A N D S - C L E V E R TA P
SECURITY
Mandiant Opens Managed Defense Beta Program to CrowdStrike and SentinelOne Customers “Mandiant, Inc. introduced a new beta program for its managed detection and response (MDR) service – Mandiant® Managed Defense. Open to select CrowdStrike Falcon and SentinelOne Singularity Endpoint customers, the beta program offers 24/7 access to Mandiant cyber security experts for alert monitoring, prioritization and investigation as well as the opportunity for participants to provide valuable feedback prior to the general availability launches later this year. Dave Baumgartner, EVP, Managed Solutions at Mandiant.” JULY 2022
ENTERPRISE IT WORLD
9
ITWORLD // NEWS BRIEF
Siemens launches Siemens Xcelerator – an open digital business platform to accelerate digital transformation
Equinix and PGIM Real Estate Open First xScale Data Center in Sydney for Hyperscalers Equinix and PGIM Real Estate, the real estate investment and financing arm of PGIM, Prudential Financial’s* global asset management business, today announced the opening of the first xScale data center in Sydney, named SY9x. This milestone follows the closing of the US$575 million joint venture between the parties in March 2022. With the closing of the joint venture in Australia, Equinix’s global xScale data center portfolio will be greater than US$8 billion of investment across 36 facilities and expects to deliver more than 720 megawatts (MW) of power capacity when fully built out. Including SY9x in Sydney,
EXECUTIVE
Equinix currently operates nine xScale data centers across all three regions including FR9x in Frankfurt, LD11x and LD13x in London, OS2x in Osaka, PA8x and PA9x in Paris, SP5x in São Paulo, and TY12x in Tokyo. An additional eight xScale builds are under development for approximately 70 MW of incremental capacity. Australia’s cloud computing market is expected to grow by 12.5% to reach US$14.1 billion in 2025, supported by large scale digital transformation initiatives across both the public and private sectors.[1] Furthermore, according to the Global Interconnection Index Volume 5 (GXI Vol.
Siemens AG has launched an open digital business platform, Siemens Xcelerator, to accelerate digital transformation and value creation for customers of all sizes in industry, buildings, grids and mobility. The business platform makes digital transformation easier, faster and scalable. Siemens Xcelerator includes a curated portfolio of internet of things (IoT) enabled hardware, software and digital services from across Siemens and certified third parties; a growing ecosystem of partners; and an evolving marketplace to facilitate interactions and transactions between customers, partners and developers. Roland Busch, President and CEO of Siemens AG, said, “Siemens Xcelerator will make it easier than ever before for companies to navigate digital transformation – faster and at scale. By combining the real and the digital worlds across operational and information technology, we empower customers and partners to boost productivity, competitiveness and scale up innovations,” “Our leading portfolio is transformed towards more open applications, with more cloud-based and as-a-service solutions and IoT-enabled hardware that can be constantly upgraded. At the same time, collaboration will reach a new level with a growing ecosystem of partners.”
MOVEMENT
Dataiku Hires Bridget Shea as New Chief Customer Officer
David Kluzak as chief revenue officer
Honda Motorcycle & Scooter India appoints Kyndryl as technology partner
David Rizzo as the chief technology officer
Andrew Hollister to chief information security officer
IPO-bound Netcore Cloud appoints Shilpa Tawte as Senior Vice President of Human
10 ENTERPRISE IT WORLD
JULY 2022
NEWS BRIEF // IT WORLD
BOOK
SHELF
The Snowball: Warren Buffett and the Business of Life
GLOBAL UPDATE
BY
CICC Confirms as Supporting Partner for PhilSec 2022
PhilSec 2022, a two-day summit focused on Philippines’ cybersecurity, supported by CICC, will provide a common congregation point for the leading cybersecurity providers and many seeking organisations to network, collaborate and share the latest intel from cybersecurity. While the Philippines needs to spend over $20 billion on cybersecurity between 2017 and 2025 to compare with the “global best-in-class countries”, its Cybercrime Investigation and Coordination Center (CICC) has signed up with Tradepass to strengthen the country’s biggest cybersecurity event – PhilSec 2022. PhilSec 2022 will be held on 12 – 13 July 2022 at the Sofitel Philippine Plaza in Manila and will attract 600+ cybersecurity experts (in-person & virtual) including the Heads of Information Security, Risk, Com-
pliance, Forensics and Cyber Law from the leading public and private enterprises across the Philippines. CICC has joined as the supporting partner for PhilSec 2022 to attract the best participation and recognition for the summit that is aimed towards enriching the cybersecurity environment of the country to make it more cyber-resilient. In an interview, following the partnership announcement, Dir. Panfilo Neore L. Salva, Jr. (Director, Administrative and Finance Office (AFO), CICC Executive Committee) expressed his appreciation for the summit organizer, “It is remarkable for Tradepass through this event PhilSec 2022 to acknowledge and pay tribute to our country’s cybersecurity experts and bestow honour upon their ground breaking work that has empowered and truly uplifted the entire Philippines cybersecurity landscape.” He also appreciated the cybersecurity experts for participating at PhilSec 2022, he said, “To our country’s cybersecurity experts, let me congratulate on this very important gathering, your love for our country is best explained on this effort of yours to find time and to put your energy to this productive endeavour.”
ALICE SCHROEDER
PRICE
RS. 443.00 (PAPERBACK) WHERE
AMAZON.IN
About The Book Recounting the life and times of one of the most respected men in the world, The Snowball is the most fascinating financial success story of our time. Warren Buffett, the legendary Omaha investor has never written a memoir, but finally has given Alice Schroeder unprecedented access to him and all those closest to his work, opinions, struggles, triumphs, follies and wisdom.
About the Author Alice Schroeder began her career as a certified public accountant, working for Ernst and Young before being appointed as a managing director at Morgan Stanley in the equities division.
One Point One Solutions sees labour help desk a solution for migrant workers One Point One Solutions, sees labour help desk as a solution for migrant workers welfare. The labour help desk is a direct response to the Supreme Court judgment which directs the State Governments to effectively engage with migrant workers who have shifted to their natives post pandemic crises and facilitate end to end support and guidance to the migrant labourers. The Supreme Court has delivered a judgment in its suo moto petition regarding the “Problems and Miseries of Migrant Labourers” during the Covid-19 pandemic.
The Supreme Court order has necessitated the requirement of an external agency like us for identifying & appointing an established Call Centre partner offering services like outbound services (Voice and Non-voice), inbound services, SMS, WhatsApp and IVR Self Service. We will be running various customised campaigns based on the eligibility and availability of the schemes as mentioned in the judgment of Supreme Court of India (Problems and Miseries of Migrant Labourers) and the following medium of communication can be established for effective
implementation of laid down directives. Under outbound calling, calls will be made to migrants and explain about various schemes available and in inbound calls related to schemes will be answered. Under SMS broadcasts, bulk messaging will be initiated on the entire base informing the help desk number (1800) to migrants and under IVR self-service, customisable solutions can be provided for capturing interest/willingness to shift by migrant labours with scheme related basic communication. JULY 2022
ENTERPRISE IT WORLD
11
ITWORLD // NEWS BRIEF
Pepe Jeans selects Salesforce to build a truly customer-centric business Salesforce announced that Pepe Jeans has deployed Salesforce Commerce Cloud with an aim to build a truly customer-centric business and strengthen its direct-to-consumer (D2C) strategies. Pepe Jeans has been one of the country’s most popular denim and lifestyle brands with over 250 standalone stores, 700 department store counters, 700-800 multi-brand counters, and a presence across all leading ecommerce platforms. Salesforce Commerce Cloud, a solution that helps transform shopping experiences across all digital channels provides Pepe Jeans a unified view of its customer’s journey, in turn enabling a more personalized and tighter customer experience across its online and retail stores. Einstein Recommendations helps the teams leverage data to personalize product recommendations. Additionally, the Pepe Jeans team has leveraged Salesforce to integrate its website with its social channels to amplify the brand’s reach and build a robust online community, fostering long-term customer relationships. Moving forward, the company aims to deploy Salesforce Marketing Cloud to strengthen customer engagement with data-driven digital marketing.
Shri Nitin Gadkari presides over the Grand Opening of Neeyamo’s new All-women Global Delivery Center in Nagpur Neeyamo, a leading provider of Global Payroll and EOR services, today announced that Shri Nitin Gadkari, the Minister of Road Transport and Highways, in the presence of Shri Sameer Dattatraya Meghe, Member of Maharashtra Legislative Assembly, Hingna Constituency presided over the Grand Opening of the company’s All-Women Global Delivery Center in Nagpur. Formed in 2009, Neeyamo presently has over 3,000 employees worldwide. With an aim to create more job opportunities, the company has established its business centers in several Tier II & III cities and further intends to set up similar centers across 20 cities in India. Neeyamo has chosen Nagpur to inaugurate its first-ever all-women center. As a part of its initiatives under the Naari Shakthi framework (which was launched in September 2021 by Guardian Minister Hon’ble Adv. Yashomati Thakur, Maharashtra Government’s Women and Child Development), the Nagpur center will further empower and create a platform for women to excel in Neeyamo by creating high-end jobs for them. This center currently employs 85+ women and plans to grow by 200 before the close of 2023.
Juniper Networks Announces Cloud Metro Innovation to Drive Sustainable Business Growth for Service Providers Juniper Networks announced the innovation that will power its vision and strategy for Cloud Metro – a new category of solutions for service providers, optimized for metro transformation and sustainable business growth. Traditional “retro” metro networks are device-centric and are buckling under the extreme scale, agility and experience demands that widespread digital transformation and the advent of 5G services are bringing. Today’s announcement focuses on enabling sustainable business growth, with a series of high-performance networking 12 ENTERPRISE IT WORLD
JULY 2022
systems, powered by AI-enabled, clouddelivered automation, specifically designed to build next generation Cloud Metro infrastructure. These systems will deliver significantly-reduced natural resource consumption capabilities to help sustain the planet, improved tools and simplified working methods to help sustain over-pressured operations teams, along with embedded service assurance and security capabilities to optimize service experience, all while enabling service providers to sustain profitable business growth.
DIGEST EQUINIX SIGNS MEMORANDUM OF UNDERSTANDING (MOU) WITH GOVERNMENT OF TAMIL NADU Equinix India has signed a Memorandum of Understanding (MoU) with Guidance, the nodal agency of Government of Tamil Nadu for promotion and facilitation of the aforesaid upcoming project at Siruseri, Tamil Nadu. As part of its expansion and growth strategy in India and to extend its operations in Chennai, the company has taken 5.95 acres of land on a long-term lease at State Industries Promotion Corporation of Tamil Nadu Ltd (SIPCOT) IT Park. It is strategically located in the Siruseri area, which is known as the IT Corridor of Chennai, with large and upcoming IT parks and well-established telecom networks. PROLIFICS ACQUIRES TIER 2 CONSULTING LIMITED Prolifics, has acquired Tier 2 Consulting Limited which is incorporated and registered in England and Wales. Tier 2 delivers software solutions to its clients using modern, open-source, cloud-native technology, and an agile project approach. The Tier 2 team is composed of full-stack Java developers and Red Hat Middleware and OpenShift experts. Based on its skills and experience, Tier 2 was in fact the first Red Hat Premier Middleware Partner for the UK and Ireland. For Prolifics, the acquisition is part of its ongoing expansion and growth goals. Tier 2 brings expert custom software development – using its agile approach with disciplined delivery – to a large and loyal UK customer base. WIKA LAUNCHES PSM-630: AN AUTOMATIC HEAVY DUTY PRESSURE SWITCH WIKA India, has recently launched the PSM-630 —an automatic heavy duty pressure switch for applications like air compressor and water pumps. The model PSM-630 can also be used in industrial control, monitoring and alarm applications. The switch point is engineered in such a way that it can be manually adjusted by the customer on site and also adjustable for automatic cut-off within the prescribed range. Entire electrical system can be controlled by the pressure switch to maintain the pressure of the storage unit. The instrument can switch electrical loads of up to AC 440 V, 16 A. The integrated relief valve (option) is used for depressurising the pressure chamber of the compression piston before starting the compressor.
NEWS BRIEF // IT WORLD
MANAGEMENT
MANTRA
“Don’t just go by the buzz world which is in the market.” Pramod Gokhle, CIO, Mankind Pharma
AMD Powers Real-Time AI Processing at the Edge for Canon Free Viewpoint Video System
AMD today said that the Versal AI Core series, with AMD AI Engine technology, has been selected by Canon for its Free Viewpoint Video System expected to revolutionize the viewing experience for live sport broadcasts and webcasts. Versal AI Core devices deliver powerful machine learning (ML)-based video processing at the edge for Canon camera systems. The Canon Free Viewpoint video system consists of a ring of high-resolution cameras that surround a stadium or arena to allow broadcast viewers to see the action on the field from any position or angle in the stadium. The revolutionary technology dramatically changes how sports are viewed, putting viewers in the middle of the action. The Canon Free Viewpoint
system is expected to be deployed at multiple professional basketball arenas in the U.S. and other premier sports venues around the world. “This single-chip Versal solution allows our system to do more in real-time than we ever envisioned possible,” said Masanori Yamada, senior managing executive officer, head of Imaging Group, Canon. “Versal AI Core’s powerful edge-processing capabilities enable our system to handle multiple functions simultaneously so broadcasters can deliver new and immersive viewing experiences.” The high performance and ultra-low latency processing enabled by Versal AI Core series significantly shortens image processing time, allowing live replays to be produced in near real-time, compared to several minutes with traditional architectures. The technology will provide broadcast viewers from around the world with unique images that have never been experienced before. Live broadcast networks can also monetize live event metrics such as game and player statistics. Canon technology will move the intelligence of AI-based video processing to the edge, thereby reducing the workload in the data center.
MyShubhLife aims to disburse Rs 550 Crore Worth of Loans by the Next Financial Year
MyShubhLife, announced that it aims to disburse INR 550 crore worth of loans amid signs of economic recovery and pent-up demand among the salaried professionals, gig workers and small merchants. Equipped with an AI/ML led credit model algorithm built by its Datasciences Centre of Excellence (CoE), MyShubhLife aims to reach a disbursal target of INR 250+ crore by this financial year and INR 550 crore in the next. Starting in 2016, MyShubhLife has disbursed loans to a large number of borrowers by focusing on data driven technology and offering customized financial solutions. MyShubhLife has expanded its product portfolio to a host of credit products, including Unsecured Personal Loans, Chota Loans (small ticket), Earned Wage Access (EWA) & Revolving Line of Credit to fulfil the financial needs of the salaried and self-employed (gig workers, merchants of small and medium businesses etc). Users can avail a wide variety of loans between INR 3,000-2 lakhs with a flexible repayment tenure up to 36 months.
SBI signs MOU with KDEM to provide access for funds and special financial services for Start-ups in Bengaluru The Karnataka Digital Economy Mission (KDEM) has partnered with India’s largest publicsector banking conglomerate, the State Bank of India (SBI) to support the start-up ecosystem of Karnataka. KDEM and SBI exchanged a Memorandum of Understanding (MoU) wherein SBI will be now partnering with the Fintech Innovation hub at Mangaluru and leveraging the CGTSME scheme to provide funding support to the start-ups in the state. The MOU is a first of its kind step for start-ups by any banking institution. Exchanged in the presence of Dr. Ashwathna-
rayan C N, Hon’ble Minister, Dept of Electronics, IT BT S&T, and Shri Rana Ashutosh Kumar Singh, Deputy Managing Director (Transaction Banking & New Initiatives), SBI & Shri Nand Kishore, Chief General Manager (Bengaluru Circle), SBI. The MoU was signed by Mr. Sanjeev Gupta, CEO, KDEM, and Shri S. Radhakrishnan, General Manager, NW-I, SBI, Bengaluru Circle. The MoU will empower SBI to build a robust mechanism for the Karnataka Governmentrecognized start-ups supported by KDEM to avail financial services including credits to the
start-ups. The important feature of the MOU is to extend Credit Guarantee Fund Trust for Micro and Small Enterprises (CGTSME) to ELEVATE Winners and to AIF-supported start-ups of Karnataka. The Elevate-Idea2PoC was launched by the Department of Electronics, IT, BT, and S&T, Government of Karnataka to identify and nurture innovative start-ups and provide them the necessary boost at various stages through funding or mentoring. So far, we already have 750 ELEVATE winners with us, and with this MOU more than 1000 start-ups are going to be supported. JULY 2022
ENTERPRISE IT WORLD
13
ITWORLD // NEWS BRIEF
96% of Indian Businesses Plan to Expand into New Markets in the Next Twelve Months
Nokia partners with Indian Institute of Science to establish Networked Robotics Center of Excellence Nokia and the Indian Institute of Science (IISc) announced the opening of the Nokia Center of Excellence (CoE) in Networked Robotics at the IISc Bengaluru. The CoE will promote inter-disciplinary research involving robotics and advanced communication technologies in 5G and Artificial Intelligence (AI). The CoE will also develop use cases across industrial automation, agriculture and disaster management. The center will facilitate engagement and cooperation between academia, start-ups and industry ecosystem partners to research and develop these use cases. The research projects undertaken by the CoE will include the design of advanced robotics, AI and automation solutions built upon next generation telecom networks and their applications for solving societally relevant problems. The agreement for setting up the CoE in Networked Robotics
was concluded in August 2020, and since then a core group has worked tirelessly to set up and equip the center. Nishant Batra, Chief Strategy and Technology Officer at Nokia, said, “We want India to drive global innovation in an era of convergence where a few years from now, extended reality (XR) and digital-physical fusion will allow us to create, collaborate and communicate in unprecedented ways. There is substantial untapped intellectual capability and competence in India, and our collaboration with a prestigious institution like IISc will enable exciting possibilities for industry and society.” Govindan Rangarajan, Director at IISc, said, “Next generation communication technologies like 5G and 6G will contribute enormously to the growth of India’s economy.
Businesses in India are planning major investments in digital technologies to support ambitious expansion plans after lessons learnt from the pandemic. New findings from an annual survey of technology decision-makers, by Equinix, Inc., suggest that 96% of IT leaders in India indicated their organization is planning to expand into new markets in the next 12 months. A majority (67%) of those planning an expansion said they are most likely to support it by deploying virtually in the short-term and then building permanent physical infrastructure when needed. The pandemic also continues to have a significant impact on Indian businesses’ digital strategies with 63% of respondents citing that their IT strategy has become more aggressive and ambitious because of the pandemic. Indeed, 65% confirm their IT budgets have increased as a direct outcome of its legacy – an insight into the now broadly acknowledged necessity for robust digital infrastructure to pivot to evolving business needs in an instant. Furthermore, a majority of respondents (63%) believed the technology changes and investments implemented during the pandemic are here to stay. More than half of Indian businesses (57%) surveyed for the Equinix 2022 Global Tech Trends Survey are observing a significant positive business impact from having a strong 5G network to take advantage of new technologies such as Artificial Intelligence (AI) and internet of things (IoT).
Vertiv Releases First Environmental, Social and Governance Report Vertiv released its inaugural environmental, social and governance (ESG) report, the company’s first public report of its ESG activities. The report outlines Vertiv’s approach to energy and water efficiency; diversity, equity and inclusion (DE&I); employee health and safety; and other ESG-related topics. The content covered in the report serves as a baseline upon which the organization will build future efforts. Rob Johnson, Vertiv CEO said, “We all know how critical connectivity is to our daily lives and the global economy. The world’s appetite for data continues to rise, and our solutions keep data systems on and connected. At the same time, 14 ENTERPRISE IT WORLD
JULY 2022
we recognize the current and potential impacts of climate change,” “We are seeking to meet the growing demand for critical digital infrastructure, and simultaneously mitigate environmental impacts from our operations and products. As a result, we’re innovating to come up with more efficient and effective ways to support critical digital infrastructure.” Vertiv’s ESG Executive Steering Committee, made up of senior leaders from across the organization, is driving a company-wide evaluation of ESG performance. Some of the activities and results highlighted in the report include: ▪ The introduction of new and upgraded
products with high energy and water efficiency attributes, with others planned for release in the coming months and years. ▪ Participation in several industry partnerships aimed at addressing data center efficiency and emissions, including the EcoEdge PrimePower Project (E2P2), the Sustainable Digital Infrastructure Alliance (SDIA), the European Data Centre Association (EUDCA), and the RISE Partnership Program. ▪ An internal review of Vertiv’s Scope 1 and 2 greenhouse gas emissions.
COMMSCOPE // Q&A
COMMSCOPE INTRODUCED PROPEL TO ADDRESS THE EVOLVING DATA CENTRE LANDSCAPE Propel helps maximise existing infrastructure investments while intelligently and effectively preparing for future applications.
“As part of our CommScope NEXT organic growth initiative is continued innovation, we continue
BY AMBIKA@ACCENTINFOMEDIA.COM
to increase our investment in technologies that will fuel growth for CommScope for years to come.”
How is a CommScope helping data centres manager to adapt to the evolving data centre landscape in India and globally? With increasing internet penetration, large and small enterprises have also incrementally started utilising cloud computing to simplify data storage. We have witnessed consumers adopting streaming services and AI applications by employees, students, nurses, enterprises, local communities, and government organisations, resulting in increased data centre needs. By investing in strategies to significantly enhance data centre capacity, the industry continues to respond to a growth in economic activity online. At CommScope, we have introduced Propel to address the evolving data centre landscape. With this technology, leading-edge network architectures will deliver greater capacity to end devices more effectively, thereby saving time and energy and significantly lowering the cost per gigabit. Propel facilitates the migration to Terabit speeds by providing reliable connectivity and robust network infrastructure that aligns with rapidly emerging data centre applications, enabling faster, more efficient access to data. Propel introduces 16-fiber cabling to support the fast-growing 400 Gbps and 800 Gbps speeds and emerging 1.6 Tbps speeds. Propel modules are available in four
MYLARAIAH JN,
DIRECTOR- SALES, ENTERPRISE BUSINESS, INDIA & SAARC, COMMSCOPE
interchangeable sizes with matching cable constructions to scale applications with system architectures easily. All components have an ultra-low loss for optimal performance and a specific QR code for performance tracking and online instructions.
and digital services. These changes showcase the altering profile of the data centre ecosystem. According to JLL, the rise in the data centre industry will make India a global hub and is expected to create an economic value of $1 trillion by 2025.
How modernizing the data centres could impact the economic growth of the country? With digital transformation, India’s data consumption is expected to grow at a CAGR of about 72.6 per cent to 10,96,58,793 million MB by 2022, according to a study by Assocham-PwC. As a result, individuals and businesses are turning to the cloud to store this massive amount of data to access it as needed. Moreover, as per a 2022 EYNASSCOM cloud survey, 67% of large enterprises have accelerated their cloud adoption, 39% of medium-sized and 38% of small companies have embarked on their cloud journey. Digitalization has modernized the data centres and as a result, the role of data centres is expanding to analyse data more quickly and provide analytical insights. Enterprises have already started investing in edge data centres as it enhances security, allows data to flow at high speed with minimal latency, reduces costs by bringing data closer and ultimately supporting mission-critical applications
What are CommScope’s future investment plans? As consumers and data-driven enterprises use more bandwidth and migrate to the cloud and mobile applications, the rate of change in networking has accelerated. We are redefining how we connect and changing the network architecture required to support customer demand due to the exponential growth in video and mobile data consumption. As this transformation continues, CommScope is uniquely positioned to offer its industry-leading combination of innovation, solutions portfolio, global production, and quality control to support enterprises’ growth and success. As part of our CommScope NEXT organic growth initiative is continued innovation, we continue to increase our investment in technologies that will fuel growth for CommScope for years to come. In 2022, the core businesses will invest approximately $600 million in R&D and new product introductions.
JULY 2022
ENTERPRISE IT WORLD
15
COVER STORY // MOBILE PHONE HACKING
COVER STORY
SECURING THE WEAKEST LINK Securing smartphones is difficult but necessary to achieve comprehensive organizational security BY SANJAY@ACCENTINFOMEDIA.COM
16 ENTERPRISE IT WORLD
JULY 2022
MOBILE PHONE HACKING // COVER STORY
T
he proliferation of mobile devices into the corporate network is drastically changing the security dynamics of enterprises. As more employees work from home and many more access corporate resources on the go, there are a many more devices logging into the corporate network compromising enterprise security. As rules of the game change and mobility becomes a part of corporate culture, mobile phones are creating new vulnerabilities in the security architecture and hackers are increasingly targeting mobile phones as an easy entry point. There has been a huge surge in mobile malware attacks sending malicious SMS text messages— also known as smishing—and application links to unsuspecting users. According to Veeam Ransomware Trend Report 2022, the most common entry point for a cyber-attack is still phishing emails, malicious links or website that has dubious underpinnings. Despite the enormous efforts in educating and training employees, cyber criminals are consistently able to ingress into enterprise networks with innovative approaches by winning the confidence of people. The pervasive use of smartphones to access enterprise networks has opened another floodgate for criminals to gain entry into the network. Says Amey Subash Lakeshri, Associate Director, EY, “Today, we want everything on the fingertips—booking cinema tickets, boarding pass, shopping etc—from morning till evening, everything we do is on the phone. So digital transformation is bringing about enormous changes in our lifestyle, but it is also exposing us to greater attacks and vulnerabilities as we are witnessing increased attacks via mobile phone in the last two years.” There has been enormous changes in our lifestyle from pre-pandemic to post-pandemic days. Says Neehar Pathare, CISO, 63 Moons Technologies, “Indians are spending way more time on the mobile phone in the post-pandemic days from 3.7 hrs to 4.7 hours per individual each day, so naturally the number of attacks are increasing as the time of mobile usage increases.”
Hackers Exploiting Mobile Lifestyle The pandemic pushed the mobile devices to the front and center of our lives. It has become far more than a device for communication and we started using the mobile to accomplish many routine tasks including meetings, financial services, training sessions, tele-consultation for health, attending school classes, grocery shopping, playing games, watching films and listening to music. The array of activities spanning personal and professional lives which requires to access company networks, banking information, health care details is fertile hunting ground for hackers. For instance, there has been a huge increase in the number of mobile attacks from around 1330 attacks in 2019 to 12,000 attacks this year. Conducting these activities requires downloading applications, most of which store data in an insecure manner. The surge in app download is exponential at 2.3 billion, and naturally malicious actors are gravitating towards mobile devices for exploiting vulnerabilities. According to Blackberry 2022 Threat Report, 76% of tested mobile applications store data insecurely, and this becomes a threat for organizations pursuing BYOD policies and those supporting mobile and remote workers. Says, Yogesh Kumar, Head, IT and Business Applications, Tata Advanced Systems Ltd, “We know that giving OTP is dangerous, but giving permissions when we download apps is even more dangerous. Sometimes giving permission is a precondition for the app to work, and the app wants to know the location, it wants to access the phone directory and photographs, etc making an ingression into all the private data of the user. So basically, when we download app, we are allowing the app to control our device.” In fact, getting access to the phone is rather easy as there is lot of personal information floating in public spaces and this information is used creatively to lure users into clicking malicious links. Says Yogesh, “Today it is easy to know personal details of people from social media platforms such as Facebook where we share everything about ourselves. So, hackers entice people with freebies and offers that appear to be
JULY 2022
ENTERPRISE IT WORLD
17
COVER STORY // MOBILE PHONE HACKING
YOGESH KUMAR HEAD, IT AND BUSINESS APPLICATIONS TATA ADVANCED SYSTEMS LTD.
“We know that giving OTP is dangerous, but giving permissions when we download apps is
even more dangerous. So basically, when we download app, we are allowing the app to control our device”
AVINASH DHARMADHIKARI ASSOCIATE DIRECTOR, EY
“Today, we want everything on the fingertips—booking cinema tickets, boarding pass, shopping etc. Digital transformation is bringing about enormous changes in our lifestyle, but it is also exposing us to greater attacks and vulnerabilities.”
genuine and as soon as you click on the link, the malware installs and waits for an opportune time to ingress into the enterprise network.” What is aiding the process is that people are using weak passwords using familiar combinations such as the name and birth date, etc, which is easily again available in the public forum, thanks to social media. Another challenge is arises from the popularity of digital payments which is immensely convenient but has a flipside as it often becomes an entry point for malware entry. The QR code is a two-dimensional barcode which can be scanned with the built-in scanner in the mobile device. But this provides perfect conditions for malicious actors to push QR code malware toolkit by replacing legitimate QR codes with fake ones. Threat actors are using ingenious methods to engineer scams including incorporating QR codes in phishing, a technique known as quishing to bypass traditional security systems. In December 2021, this technique was used in Germany to steal bank information details wherein victims were asked to scan the QR code to allow impersonating bank officer to make changes in the privacy policy.
18 ENTERPRISE IT WORLD
JULY 2022
The Threat to Business and How to Overcome Given that mobile usage has been ubiquitous in people’s life, it is no longer a personal device. The challenge for enterprises in securing mobile devices is exactly this—where does the personal space end and when does the phone become a business tool. Even if the device is owned by the organization, it is difficult to enforce discipline because it blurs the boundaries of a personal device in many ways and therefore extending the enterprise security to mobile devices is particularly challenging. So how is this threat panning out in businesses and how are enterprises addressing this challenge. Says Neehar of 63 Moons, “Primarily the mobile device presents three kinds of threats. One is that the screen is small and leads to inadvertent mistakes by users who may click on links that they would not normally do. Second and more importantly is the threat that emerges from stolen devices. And finally, mobile devices are used as a gateway to enterprise resources where the hacker is not interested in the phone data but wants to use it as an access point to more critical data.” To counter this kind of attacks, robust security architecture comprising VPN, multi-factor
authentication, identity-based access to resources must be implemented and enforced. As an experienced senior IT leader Satyavrat Misra, Vice President and Head, Corporate IT, Godrej Industries says, “A common threat to mobile devices arises is when users tap into public wi-fi networks and hackers take possession of unencrypted data by using man-in-the-middle technique.” Across the world, there has been significant increase in attacks on mobile phones. Researchers at Proofpoint have detected a 500% jump in mobile malware delivery attempts in Europe in the first few months of 2022 just as mobile devices in North America had been facing similar onslaught. For instance, North America experienced a 300% increase in smishing attacks just the third quarter of 2020. “A phishing/smishing link is a common way to gain entry into the mobile device wherein the malicious actor tries to trick the user into using the credentials on a fake place, while a mobile malware can lie in wait until the time the user activates a financial application for transaction and steal the data,” says Satyavrat of Godrej Industries. Although the primary aim of phone malware
MOBILE PHONE HACKING // COVER STORY
NEEHAR PATHARE CISO, 63 MOONS TECHNOLOGIES
“Indians are spending way more time on the mobile phone in the postpandemic days from 3.7 hrs to 4.7 hours per
individual each day, so naturally the number of attacks are increasing as the time of mobile usage increases.”
SATYAVRAT MISRA VICE PRESIDENT AND HEAD, CORPORATE IT GODREJ INDUSTRIES
“A common threat to mobile devices arises is when users tap into public wi-fi networks and hackers take
possession of unencrypted data by using man-in-the-middle technique.”
is to steal user name and password for email and bank accounts, it is easy to underestimate the risk mobile hacking poses to an organization and should therefore operate on an assumption that the phone can be lost or hacked and put in place corporate security strategies to combat it. This includes backing up mobile devices, having in place data classification policy that identifies data that should never leave the network and educating employees to make informed decisions regarding what kind of data should be copied on a mobile device. Educating employees must be a key plank of countering cyberattacks. Training employees during onboarding about the dangers of clicking on malicious links, being wary about using public wi-fi, how to identify phishing emails and spoofed accounts, and setting up string passwords for phones. It is also important that employees undergo annual refresher courses to update the information. “Often employees have pre-conceived notions like iOS is more secure, but when people voluntarily give permission to access data, the application can create instability,” says Yogesh. Mobile device management—MDM as it is generally known—is crucial in extending
corporate-grade security to mobile devices and helps to implement several complex solutions. MDM enables to control and monitor devices in several ways including locking and wiping data remotely; data encryption; deliver configurations and updates remotely; access control features; and data containerization. Satyavrat of Godrej Industries says, “I think MDM is a missed opportunity during the pandemic, but we see significant momentum in adoption now. Yet implementing MDM is a complex thing as mobile is seen as a personal device and people do not adhere to guidelines. At the same time, while MDM is a great way to extend corporate security, its implementation needs to be simplified for easy roll out.” Yogesh from Tata Advanced System also adds that roll out of MDM is difficult as people tend to view the mobile phone as a personal device and are wary of blocking social media and other applications that have become a part of the lifestyle. A better way to control and secure the phone from a corporate perspective is to enforce containerization wherein the personal and professional data is stored in separate containers keep the data secure in case of attacks, so company data is encrypted and hackers are not able to access
critical data. Going Forward Securing the enterprise has become more complex in the post pandemic era as it is not just the perimeter fencing that is required but it is equally crucial to secure every mobile device and smart phone employees are using to access corporate information. Not just within the company premises but even as employees work remotely from the comfort of homes, cafes and public spaces accessing the mobile Internet and public wi-fi. Technologies such as MDM enables to wipe out data remotely in case of theft but the challenge for effective MDM implementation continues. There is no silver bullet to secure the organization and mobile devices. However, experts agree that security policies must be carefully implemented after due weightage is given to data discovery and evaluation of what kind of data is there, where does the data reside, which kind of data needs attention and how to secure that data. Also, good practices such as disabling permission to an app which is not used will go a long way in keeping the device secure.
JULY 2022
ENTERPRISE IT WORLD
19
Q&A // IMERIT
IMERIT
ML DATAOPS WILL PLAY A HUGE ROLE IN THE NEXT WAVE OF AI
BY AMBIKA@ACCENTINFOMEDIA.COM
iMerit to focus on technology and human-in-the-loop expertise to give enterprises a true end-to-end solution. Tell us more about iMerit? We founded iMerit in 2012. Prior to this I was part of the team that led the IPO of Support.com and was General Manager of Hewlett Packard’s $1.5 billion channel business. iMerit was created with the goal of doing business while creating social impact. In 2015, iMerit raised US$3.5 million in Series A funding from Khosla Impact, the Michael & Susan Dell Foundation, and the Omidyar Network. In 2020, in Series B funding, it got US$20 million, led by British International Investment. Today, it has a global presence with 10 delivery centers in India, Bhutan, and the US. It has become a tech-enabled data annotation powerhouse with over 5,500 employees. The company’s business model centers around providing employment in underserved regions and harnessing latent talent through continuous and inclusive skilling. iMerit provides end-to-end services to guide data scientists through all phases of their data annotation projects and architect a solution that meets their needs. iMerit works with leading brands across the globe, with Fortune 500 companies in healthcare, autonomous mobility, government, GIS analytics, finance, insurance, retail, ecommerce, agricultural AI, legal, and others. iMerit provides AI data solutions for all forms of content and mediums, including: ● Computer vision services: Video and Image annotation; keypoint and landmark annotation; bounding box annotation; polygon annotation; skeletal tracking; semantic segmentation; panoptic segmentation; 3d cuboids; lines and splits; multi-sensor fusion; Lidar data annotation
20 ENTERPRISE IT WORLD
JULY 2022
● Natural language processing (NLP) and
language services: Audio validation and transcription; sentiment and intent analysis; named entity recognition and linking; topic or object classification; grammatical and discourse analysis; transcription services; audio transcription; text transcription ● Content services: Data enrichment, verification, and extraction; content moderation; data or content quality control; entity labeling; entity categorization; item taxonomy According to you, what is the next wave of AI? Which areas of Machine Learning & AI will be dominating? Over the past year, the AI ecosystem has witnessed a push to move to a more data-centric approach from the current model-centric one. And data is the single biggest differentiation in ensuring the success of ML models in the real world. More and more AI products are entering production which will provide feedback loops once released. A feedback loop of results will force enterprises to adapt their ML data operations to meet the evolving demands of their AI models. Algorithms in the field will come back with edge cases, which data operations will work to resolve before the algorithm is redeployed. Hence, ML DataOps will play a huge role in the next wave of AI. As AI advances, so does the technology in the background. The combination of technology and human-in-the-loop expertise will give enterprises a true end-to-end solution as they move to deploy their models in the field. By bringing together the right expertise, judgment, and technology, the highest quality data possible will be generated.
What impact do you think AI will have on businesses and sectors, especially in India? AI is going to be at the core of businesses and sectors across the world. We understand this and we are at the forefront of employing AI for business transformation. Since the Digital India initiative was launched in 2015, the government has pushed for AI implementation and digitisation. As the drone policies in India were recently liberalised, we will see a rise in AI-based drones in the agriculture and military sector. Highly digitised industries such as IT, financial services, telecommunications, media, and retail have led the way in AI implementation. The impact of AI will vary according to industry and its success will depend on factors like cost, technology, security, infrastructure, awareness and skilling. Why do you think a significant portion of AI projects fails? What are they lacking? Data deficiency is among the most common reasons behind AI/ML project failure. To combat this, it is critical to ensure that the data is both relevant and accurate, in addition to ensuring availability. Data is a historic snapshot and not necessarily an accurate representation of the data yet to come and any significant change in the data can cause the model to give inaccurate results. To ensure high-quality data, an effective data collection strategy should be in place and the data needs to be continually updated to reflect the new realities of the world around. Robust annotation of data is a key piece to ensuring the AI systems work effectively. Properly addressing edge cases and anomalous scenarios helps the technology make correct decisions and function properly, even in new or uncommon situations. To minimize human obstacles causing an ML project to fail, it is essential for all stakeholders of the project to collaborate, communicate, and coordinate effectively. What makes iMerit different from its competitors? How is it impacting businesses and people? iMerit offers expert-level data labelling with more than 98% accuracy, which is guaranteed through a thorough learning and development process and industry-dedicated staff. Having labelled hundreds of millions of images, iMerit’s end-to-end solution offers support all through the AI development cycle. We offer extensive solutions compared to our peers, including full-time in-house annotation workforce, industry subject
IMERIT // Q&A
pain points: ● Real-time access to project information including edge cases, insights, and analytics ● One view to see everything related to the ML DataOps pipeline including progress and interventions required ● Better time-to-value Our end-to-end AI data solution, iMerit DataStudio, delivers high-quality data at scale. ● Rapid Team Scalability ● Experts-in-the-Loop ● Tool Inclusive Annotation ● Flexible Data Formats ● Objective Quality Metrics
R A D H A
B A S U
FOUNDER & CEO, IMERIT
“AI is going to be at the core of businesses and sectors across the world. We understand this and we are at the forefront of
employing AI for business transformation. Since the Digital India initiative was launched in 2015, the government has pushed for AI implementation and digitisation.”
matter experts, custom solutions, SOC2 Type II Compliance, in-house people training and expertise with edge scenarios. Last year, you launched Expert-inthe-Loop AI Data Solution iMerit Data Studio at your flagship event, ML Data Ops Summit, could you tell us more about it? We launched iMerit Data Studio in November
2022, which is among the first fully integrated end-to-end AI data solutions for companies leveraging expert-in-the-loop machine learning workflows. iMerit Data Studio includes Ground Control, Edge Case and People Platform, and was developed in response to customers’ need for rapid scale-up with deep expertise in higher quality data. iMerit is helping to solve these customer
The products in the suite are: ● iMerit Ground Control: single source of truth for managing all workflows within the data labelling pipeline. Clients can configure new projects, monitor progress, engage edge \ cases and access in-depth analytics and insights ● iMerit Edge Case: adaptive engine for identifying, monitoring and labelling edge cases with greater precision, providing improved efficiency with a workflow platform for collaboration ● iMerit People Platform: delivers scalable operations infrastructure through expert skilling and skill matching, optimizing a dynamic workforce and complex workflows iMerit DataStudio is in beta with select customers. It’s the next step in ML DataOps architecture that improves client AI performance. What is next for iMerit & you? Any plans for the India market? As the AI market moves closer to production and deployment, iMerit’s work and growth will reflect the changing priorities of teams working to leverage ML across industries. Over the next year, it will make significant investments in technology to better enable AI data solutions across the lifecycle of products and services. The focus will be to develop and provide a complete package to clients from a workforce and technology perspective. This will involve an investment in the company’s infrastructure and ability to scale alongside our clients. There will be a continued emphasis on solving complex challenges in ML DataOps. We will invest in building a deeper understanding of tools that can enable creation as data moves from the unstructured stage to pre-ML, and all the way to production, where data management is required.
JULY 2022
ENTERPRISE IT WORLD
21
Q&A // RARITAN & SERVERTECH
RARITAN & SERVERTECH
DATA CENTRES MUST BE MORE TECHNOLOGICALLY ADAPTIVE
BY SANJAY@ACCENTINFOMEDIA.COM
With the ever-growing Data Centres market in India, there comes a lot of challenges also. The biggest challenge is growing power consumer per rack besides uptime and other issues. Enterprise IT World tried to understand from Anjani Kommisetti, Country Manager – India & SAARC, Raritan & Servertech - brands of Legrand about his assessment of the Data Centre challenges and mitigation plans. Excerpt.
What is the trend in the Data Centres market, whether it is on -prem, cloud or third -party Data Centres growing? In the Data Center environment, the future years are projected to be a period of consolidation. For businesses to operate successfully in the future, IT must be able to meet hybrid requirements without being disturbed by unforeseen events. New technology, new designs, and how AI can be used to improve agility are likely to be at the forefront of CIO/CTO discussions. Data centres must be more technologically adaptive, scalable, and efficient in order to be more agile. The digital shift happened swiftly, but many people did not take advantage of technology to its full potential. DC backbone upgrading would be beneficial for managing digital traffic processing, which has grown significantly in the previous two years as the need for speed and performance has increased. The rapid move towards distributed edge computing will be fuelled by the rise in cloud usage brought about by the adoption of IoT and the arrival of 5G. The role of edge data centres in bringing the cloud to the local level has has already grown critical. We could even see containerized data centres, which are modular data centres constructed within a normal shipping container! ‘Server rooms in a box’ offer a number of benefits for mobile and Wi-Fi technologies, and they may soon be as widespread as electrical substations.
22 ENTERPRISE IT WORLD
JULY 2022
What is the total market size in India and SAARC, and how is it growing through 2022? India data center market size was valued at $4.35 billion in 2021 and is expected to reach $10.09 billion by 2027, growing at a CAGR of 15.07% during 2022-2027. What are the factors driving the Data Centres market in India? The Indian data centre industry is passing through an interesting phase. Increase in smart device users and digitisation is increasing the use of smart applications which is in turn is leading to spikes in big data, data analytics, data mining, etc., hence demand for high powered data centres. The challenge is to accommodate more data in less space which means more computing per rack, hence more power per rack. All challenges need to be addressed while also achieving cost reduction by optimising racks. The dynamics of the changing marketplace, where IT is not just a business enabler but a key player that provides a huge competitive edge, is prompting companies to be more agile in dealing with the growth of their IT infrastructure. CIOs must not only think of technology, but also in terms of consumer behaviour and consumer access points to see how one can adapt and modify their infrastructure to deal with the changing marketplace. Today, CIOs are forced to optimize their data centre infrastructure to the hilt in every aspect - be it power, storage, real estate, etc. There are various tools that are avail-
able to help CIOs in achieving these objectives. The challenge for Data Centres industry is power consumption how the stake holders are working upon it and how Raritan is supporting their initiatives? With Raritan’s Intelligent Power Management Solutions, customers can identify critical gaps. A gap anywhere between 30% to 50%, seems challenging. With advanced technology features like programmable sequencing, Raritan addresses these challenges efficiently and allows the customers to use up to 80% of the allocated power whereas in normal scenarios the customer would be using only 35% at max. This way, customers can find a way to optimise the power at rack and accommodate more computing without much change in the infrastructure. How automation is being an influential factor for the Data Centres growth? Robotic Process Automation (RPA) driving hyper automation is a result of the need for integrating various platforms, applications and huge amount of data types. Today, what is critical is how quickly you can process data and offer solutions that can bridge the gap between a product technology and consumer’s need. Data processing closer to the end device enables instantaneous actions, enabling channel community to offer better business value to the customers. Today, most of the consumer devices or components that are launched for automobiles, health devices, smart watches or even washing machines are IOT enabled. They have pre-installed applications that help consumers control, reset, change settings, etc. at the touch of a button. In all this, there is a consumer request, programming implementation, and automation which needs end point intelligence. So it is a collaborative effort which encompasses thought, design, technology, and intelligence enablement. For example, if a user is away and wants to switch the air conditioning on in his car so that its cool by the time he gets in, this is possible only because of automation. The request has to be processed over the internet which means that the data has to go somewhere and trigger something that is remotely available. For such large number of regular requests, huge amounts of data is generated. And this data has to be stored, analyzed, processed to help create a pattern to understand the needs. Raritan’s investment in next-generation data centre solutions will help IT meet such management challenges. Today, we are providing customers with innovative solutions that help better
RARITAN & SERVERTECH // Q&A
offers greater consumer proximity. Another trend we see is collocated edge data centers, that will prove to be commercially viable for all business types to use and benefit from – as we see continuous growth in data, it would be impractical to not make edge data centers cost effective. Edge data centers must also be mobile – shift from one location to another – the concept of containerised data centers presents a huge prospect as to how we manage data today. What is the road map of Raritan in Indian Data Centres market? Raritan is a proven and strong player in the space of Remote access management and Intelligent Power management solutions. As part of the Legrand Data Solutions (LDCS) family, we are addressing a larger portfolio in the Data Centres market which offers a complete one stop solution for all Data Centres infrastructure requirements, from design to deployment. We are focusing on providing agile solutions for Data Centres and our product portfolio is continuously innovating in this regard.
A N J A N I
K O M M I S E T T I
COUNTRY MANAGER – INDIA & SAARC, RARITAN & SERVERTECH - BRANDS OF LEGRAND
“Many times, availability of power becomes a hurdle at the rack to adapt these dynamic changes on hardware. This is where Raritan adds value to help customers to adapt the dynamic changes as well accommodate more computing per rack.”
manage their IT infrastructures and resources in order to deliver business value. What is your opinion on the growth of edge computing? Every individual connected to the internet is influencing the way data is being made available to them and managed. As consumer behaviour continues to evolve, demand for better solutions, their availability, and performance have turned the Indian business landscape into a racing ground. The massive surge in data size with increased usage of IoT devices, virtual communication platforms, digital payments, growing demand for OTT content, etc. has led to
enterprises gradually shifting to edge computing which happens at close proximity of the customers, thus lowering latency by reducing data flow. Compared to edge, computing at the cloud or core is a more tedious and time-consuming process as the data has to travel back and forth from a central server, that affects the decisionmaking capabilities of any business. Gartner also predicts by 2025, 75% of enterprise data will be processed at the edge. Taking an example of an ATM – these are located where banks have majority of their customers. We can see a clear trend of microdata centers or minicomputers in each complex or being set up closer to housing societies or industrial sectors where it
What is your competitive advantage? Raritan has been always in the center of the data center with our IP KVMs and intelligent PDUs. And now being a part of LDCS, Raritan’s customer has access to many more products and solutions. LDCS has been formed with the objective of understanding what a customer wants and helping them setup data centres tailored to their specific requirements, right from the design stage onwards. Our approach is very flexible, and we combine or mix our solutions to offer the right services to customers. On the component side, we are probably one of the very few companies that offer a one-stop end to end data centre solutions. We differentiate ourselves on being a product plus solution provider – end-to-end data centre experts. How are you mitigating the challenges of the CIOs in deciding on their Data Centres strategy? One of the key challenges for any CIO is the power optimization and cooling optimization - meeting the PUE expectations while also performing better at lower operational costs. So, the key is the reliability factor, which the CIO cannot compromise on. But at the same time, they need scalability as the need is growing and the capacity or the delivery has to be increased. Added to this, the speed of adapting new technologies and components is always a challenge. At LDCS, keeping these three factors in mind, we focus on design and implementation for agility. JULY 2022
ENTERPRISE IT WORLD 23
Q&A // ONSPOT SOLUTIONS
ONSPOT
ANTI-COUNTERFEITING BY ONSPOT SOLUTIONS IS AN ADVANCED SUPPLY CHAIN MANAGEMENT Onspot’s focus on providing patented cloud-based digital solutions for Anticounterfeiting, Consumer Engagement & Visibility in Supply Chain.
BY AMBIKA@ACCENTINFOMEDIA.COM
What inspired you to launch the ONSPOT SOLUTIONS? How were the early days of its making? The idea for Onspot was founded by me when I encountered a fake bottle of water many years ago. After taking ill for months thereafter, I thought about working on a Technology where one could verify product identity, and understand its authentication. I finally designed the Solutions in which, “buyers (could) beware,” as the adage goes. The company’s mission is very much fundamental in its outlook by providing patented cloud-based digital solutions for Anti-counterfeiting (Product Authentication), Consumer Engagement & Visibility in Supply Chain remains Onspot’s focus. What problem are you trying to solve? Onspot tackles many pain points that occur in the supply and distribution chain between plants, OEM partners, warehouses, distributors, stockists, and retailers for companies and brands. Through a systemized approach, all are linked through the Onspot platform and get up to the minute information on the progress and whereabouts of goods with additional value-added features which ease day-to-day problems such as breakage and lost or stolen goods along the value chain. A brand can now know every step in the supply chain of every product’s schedule so that problems can be resolved, and changes can be implemented based on the information that is made available. Through OnSpot Solutions, a brand is provided with data to help understand consumer behaviour and low sale areas to create laser-focused marketing campaigns and tailor-made experiences for end-users. Our patented technology also helps 24 ENTERPRISE IT WORLD
JULY 2022
identify counterfeiting. Can you share the journey of your Company? OnSpot Solutions entered the market in 2020 to close the gap between manufacturers and their consumers by promising product authenticity and digitizing every step of the supply chain to fuel well-informed decisions whose outcome directly influenced a brand’s overall growth. At OnSpot Solutions, we ground ourselves in unmatched technology drawn from years of thorough R & D. OnSpot has a dynamic team of passionate engineers and security experts who have achieved technological success in Google, Amazon, and Yahoo Etc. We now have a nationwide presence, with a Head office in Mumbai, a North Regional office in Noida and an East Regional office in Kolkata – all dedicated to increasing the transparency in a brand’s supply chain. Clients across industries with which Onspot works have been receptive and provided accolades. These industries include pharmaceuticals, electrical hardware, automotive, oil and lubricants, cosmetics and personal care and the spirits segment. At this pace of growth, what is your vision 5-10 years down the line for the organization? As part of its roadmap to the future, OnSpot Solutions shall focus on aggressive core product expansion, research and development, talent acquisition, and a comprehensive suite of products for all business segments with a focus specifically on the Pharma, FMCG industries, electrical and automotive (lubricants and spares), segments. The company envisions much growth
in this active segment and truly looks to bridge the gap between brand and consumer. It seems not just the need of the hour, but a longer-term business and living approach for brands and individuals alike. Onspot has been gaining traction from its salesforce deployed around India and through company to company references as the goals of market-leading brands are united in the step against anti-counterfeiting and consumer outreach. We maintain patents in India and abroad and are one of the first to create such technology. How are your solutions different from the competitors? To set ourselves apart from our competition, OnSpot Solutions grounds itself in unmatched technology drawn from years of thorough R & D. Onspot’s product authentication and the anti-counterfeiting system works with current barcodes and packaging, with minimal tweaks or add-ons such as QR codes and other types of overt and covert tracking measures, depending on the amount of tracking required. Our technology avoids the need for significant adjustments to a brand’s existing production manner. The technology is built around a simple smartphone app that enables product verification anywhere in the supply chain. It also provides a flexible system that allows for individual customization and security improvements in response to the danger posed by counterfeiters. We keep innovating our product and try to offer more varied solutions to be different from our competitors. Counterfeiting is a global sickness. How has this affected India? While counterfeiting is a global problem that has affected every economy in the globe, the trends in the last two years are concerning for the Indian economy and Indian lives. During and after the pandemic, the Indian markets have been getting consistently adulterated by criminals selling fake and substandard products, endangering the lives of our paramedical professionals, security volunteers, patients, and society at large, by taking advantage of the high demand for medicines, health supplements, safety products, hygiene products, and other essentials. Serial scammers are now using new-age manufacturing and printing technology too, to imitate finishes, print boxes, labels, codes, and packaging that perfectly look like authentic products. In 2020, the global pandemic and the rise of e-commerce sales led to an increase in fake goods. For example, in cosmetics and personal care, there are reports of a 56% increase in counterfeit products sold via online channels. More seriously, fears over shortages of medicines, pharmaceuticals – and now vaccines
ONSPOT SOLUTIONS // Q&A
Tell us your experience in brand building in the supply chain? While marketing is still considered to be the driving point of any brand, it can’t be the only aspect of building a successful brand. The right products, persuasive communication, effective customer service and efficient delivery channels, serve as the pillars for our brand building. Especially after the pandemic, manufacturers and consumers are becoming more and more aware of the importance of technology. Now, manufacturers are keen to adopt newer technologies to stay ahead of the competition. In brand-building, one of the key aspects is to build customer loyalty through prompt service and constant innovation. As a supply chain technology business, we are constantly investing in Research and Development, and adapting to different technologies and methods to drive continuous improvements and take our brand ahead of the competition by meeting the growing and ever-evolving needs and demands of the consumers.
LO K E S H
H A R JA N I
FOUNDER & CEO, ONSPOT SOLUTIONS
“Our technology avoids the need for significant adjustments to a brand’s existing
production manner. The technology is built around a simple smartphone app that enables product verification anywhere in the supply chain.”
– in many regions have led to greater penetration of counterfeit goods, against which consumers need protection. This scenario now has increased the use of anti-counterfeiting solutions; track and trace schemes among brands. How did the pandemic change you as a founder and leader? The pandemic, although tragic in many ways, actually opened many new doors and opportunities for technology companies like us. People were working from home and ordering everything online. The e-commerce sector saw a huge boom and that made people understand the importance
of technology in the supply chain even more. So, as a founder, I lead my team into tapping into this opportunity and making the maximum out of it. We got busy addressing new and increased demands prompted by a shift in consumer habits. As a founder of a technology company, I saw it beneficial to educate manufacturers about the technology. That made more brands come on board with us as they saw the benefits of having a digital service like ours. I have been lucky to have acquired good talent and those that are industry-specific since it deals across a plethora of sectors with each having its unique format and requirements.
How is IoT/Big Data/AI/Robotics evolving today in the industry as a whole? Organizations are now investing heavily in supply chain technologies to address data quality, compliance, risk management, connecting silos, understanding fast-changing markets, costing, and supplier relationships. Applying technologydriven models across supply chain operations is the way forward for companies to better prepare for the risks of supply chain management, product development, and sales lifecycles. Onspot has been successful in deploying its technology across many sectors including electrical hardware, automotive, pharmaceutical, oil and lubricants, cosmetics and personal care and the spirits segment. What are some of the challenges faced by the industry today? One of the main challenges the industry faces today is that the Cloud back End needs to be integrated seamlessly into the Brand’s production line to ensure that these unique random codes are printed on the products before they are dispatched. To combat this, we have developed a packing software that allows the client to pack and ship these unique codes from their manufacturing lines to the retailer, who interacts with the end customer. Across the entire distribution chain, scans are done at all checkpoints to ensure that what was sent is received, thus providing a blockchain kind of security until the end consumer receives it. The challenge essentially is the smooth coordination of everything from the back end to the end consumer in a timely manner. JULY 2022
ENTERPRISE IT WORLD 25
CIO TALK // ASCENT GROUP
BY SANJAY@ACCENTINFOMEDIA.COM
What is the trend in this finance sector as far as technology adoption is concerned? Lately there has been a lot happening – especially in terms of the innovation and technology. But what I can say is that as the technology is evolving, we the IT leaders need to always catch up, keep up with the latest and best, so that we are not left behind. The threat landscape is also growing rapidly. It is very important for us to always be vigilant and updated in terms of the security technology that would enable us to protect our environment. All these things are coming together and happening whether it is in Malaysia or Singapore or around Asia Pacific. The NBFCs have evolved over the years and technology has enabled the sector but has challenges too, what is your opinion? In terms of technology, yes, we need to be prepared in every angle – especially during pandemic where the hybrid working environment was prevalent. Traditionally people go to office but now people are working in hybrid mode. So, the basic thing is that we need to keep abreast with the latest technology. We need to make sure that all aspects of the connectivity and access to our systems is secure as the potential of thread is bigger. We need to really take care in terms of the security, authentication, and access. I can see that most of my colleagues have a lot of PCs. They are already mobile. But in some organizations, they were not ready when they moved from work to home environment. They did not have devices which later they procured, and it is a reactive measure. But we were proactive and 100% of our workforce were ready for this and we just had to move their locations from office to home or a remote place. We added security with multi-factor authentication. We had control of reducing potential threat. During the pandemic, we allowed our workforce to access all our services only through Citrix platform. Citrix allowed us to have the secured connectivity which solved the secure access of our servers and systems. Not only it reduced the risk but also it was easier for us to monitor and manage the productivity. Now the pandemic is not over, what is kind of preparedness for this phase? In terms of the preparation: the management is always given emphasis on the safety of our workforce. We already have flexy work and hybrid work policy. Since we have enabled them with
26 ENTERPRISE IT WORLD
JULY 2022
ASCENT
A CIO HAS TO BE AN ALLROUNDER IT Leaders and CIOs irrespective of regions are going through a very tough time. Challenges are manifold for them. They need to learn from each other. We spoke to Ts. Saiful Bakhtiar Osman, Head of IT – APAC, Ascent Group, Singapore, to understand his way of working and managing the challenges. Excerpt. technology and devices, they are able to deliver day to day activities. From our side, we need to protect all our resources and devices. So, it is very important that all the endpoint devices, PCs and laptops have the latest patches from Microsoft or other OSs and updated signatures from the antivirus providers so that our devices are protected. Deliberate attacks from the hacker group happening and ransomware penetration is on rise. In 2021, 90% of organisation were attacked by ransomware or some sort of malware. What is your future defence strategy? In terms of protection, we already have the tools. E-mail is the biggest entry point of attack. We need to have a good e-mail filtering so that we can filter all the spam messages, malicious e-mails, and spurious and malicious attachments. By having the filter, we ensure higher chance of protecting ourselves against the measure attacks. From what I understand is when ransomware attack happens, they enter the system and lurk for the most fragile time to infect the entire system. So, the first level of protection is protecting e-mail and second one is protecting the browser. We also have a few tools in terms of browsing protection. We also have tools in terms of isolating the attacked surface. The browsing protection tools filter all the traffic and sends the traffic into the sandbox. This concept is very good for me because whenever there’s any malicious code or Trojan, it gets detonated in the sandbox. This practice mitigates
the risk of your environment being compromised. What about BCP? Currently our ITDR is our BCP because we are 100% on cloud. Currently we are utilising the global footprint of our cloud which is Tensing. All our systems are in Singapore region. So just in case anything happens to our main system in Singapore region, we have additional two data centres in the same region, which is quite good in terms of availability. But in case all three goes down, instantly we will shift the workload to our system and servers in Japan region. Switching between Singapore region and Japanese region is quite instantaneous – almost zero downtime. What new technologies are you evaluating including RPA to AI? Currently our focus is around analytics because we are a finance technology company having Fund Solutions, Corporate Solutions and Fintech Solutions. We manage our own funds, and we are in this business for a long time. We have a pool of capable analysts. By having analytic tools, we are able to provide better reports in terms of forecasting, daily pricing, etc. Good analytics tool is very important for us as it not only helps us service our customers but also our payment partners. Using analytics we can consolidate reports into dashboard, which is easier to present to the management. We are looking at creating a dashboard for the management, whereby a single click can provide them entire view of the entire portfolio and other things of their interest..
ASCENT GROUP // CIO TALK
TS. SAIFUL BAKHTIAR OSMAN HEAD OF IT – APAC ASCENT GROUP, SINGAPORE
“We need to really work closely with the business in understanding what
should be the financial implications, marketing outcome, etc. Any technology we are going to focus must be useful to the organisation. It must contribute to the overall profitability of the organization.”
It is a big challenge in our organisation – not just to finding the right skillset but the right skillsets in the security area. We are now working with our technology partners to provide services’ experts to assist us in protection on cloud. We currently have interim solution though, but we are seriously looking at hiring an experience hand to join our team.
“My advice is that “you need to work closely with the management and try to talk their language, so that whatever proposal you give is supported by them. All the proposals should be based on right risk assessment.”
As a senior IT Leader, what is the biggest challenge you want to mitigate for your CEO? Personally, I think a CIO has to be an allrounder. He needs to understand the operation. We are no longer the cost centre of organisation because by leveraging the technology we enable organizations to have more profit and sustainable. So, in order to do that, we need to really work closely with the business in understanding what should be the financial implications, marketing outcome, etc. Any technology we are going to focus must be useful to the organisation. It must contribute to the overall profitability of the organization. Human churning is happening in a big way, finding skillsets is very difficult, how do you handle the situation?
Any future project you are working on now? Now we are busy in setting up new country offices. Recently we received the licence from Abu Dhabi. Next target for us is to open office in the USA. Currently we have offices across the APAC region including Australia, Japan, Mauritius, Hong Kong, China, Malaysia, India and Singapore is the HQ. We are working on country specific regulatory compliances in our new locations. We have consolidated IT resources in Malaysia and India. From these two locations we manage all the sites. What is your advice to the CIOs? My advice is that “you need to work closely with the management and try to talk their language, so that whatever proposal you give is supported by them. All the proposals should be based on right risk assessment.
JULY 2022
ENTERPRISE IT WORLD 27
Q&A // RAHI
RAHI
RAHI ELEVATES DIGITAL TRANSFORMATION TO CREATE INTEGRATED IT ENVIRONMENTS
BY AMBIKA@ACCENTINFOMEDIA.COM
Rahi provides end-to-end global IT solutions that could help businesses convert long-term goals into success. Briefly tell us about Rahi? Given the ever-changing environment, more so in recent years, technology has become increasingly dynamic, hence the need to understand a business’ requirements and devise a resilient and agile architecture. To address this need gap, Rahi was co-founded in 2012 by Sushil Goyal, Tarun Raisoni, and Rashi Mehta. The purpose was to provide end-to-end global IT solutions that could help businesses convert longterm goals into success. Rahi is elevating digital transformation to create integrated IT environments and drive competitive advantages. We are providers of innovative technologies that are aligned with an organization’s IT needs and give a tailor-made solution. Rahi has a presence in 6 continents, across 22 countries, and 32 cities with 1000+ customers, over a span of 10+ years. The company provides a full lifecycle of technology solutions from assessment, architecture, design, implementation, and managed services, to professional services and support. Our products and solutions comprise: Audio/Video: We offer A/V products that can help to communicate, entertain and increase engagement and enhance collaboration. We enable businesses with flexible options that can be tailored to each specific environment. Cloud Infrastructure: Our expertise in designing and implementing private or hybrid cloud environments using existing or new infrastructure has helped many businesses maintain visibility and control of workloads ensuring performance. Enterprise IT Infrastructure: Our enterprise IT services extend from data center infrastructure
28 ENTERPRISE IT WORLD
JULY 2022
management (DCIM) solutions, server consolidation, and virtualization to storage and asset management. Data Center: Our data center infrastructure solutions help enterprises build an IT environment to meet increasing business demands while factoring in agility and dependability. Global Services and Logistics: We also offer logistics services that include product assembly, packaging, tracking, and security. Together, these capabilities enable us to deliver multivendor IT solutions across geopolitical boundaries, helping customers operate efficiently and effectively in every market they serve. Networking & Security: We provide assessments for security, simultaneously scanning the network for cyber breaches and delivering a threat intelligence report. We brief the clients about security incidents and provide a cyber threat assessment for better security measures. What is Rahi’s competitive advantage and positioning in the market? Enterprises need to adopt a new technology consumption model that is relevant to today’s business needs. A strategic partner, robust IT solutions, preparedness for an unpredictable future, and agile and flexible network architecture will make this vision a reality. We are a one-stop vendor-agnostic solution provider for our customers. As a technology enabler, which delivers solutions and services that maximize the performance, scalability, and efficiency of today’s integrated environment, we stand for six core values: ● Customer First: Our philosophy has
always been customer first; we believe that our success depends on that of our customers. And then we have a win-win situation ● Integrity and Ethics: Integrity and ethics underpin our business model. We don’t compromise on our integrity and ethics ● Trust and Support: We work as a team that trusts and supports each other ● Open, Constructive Feedback: We have a listening post for our people to share ideas, voice concerns, and contribute positively to our organization’s day-to-day functioning and growth. ● Pursuit of Opportunity: We give our team the flexibility to pursue opportunities when others say “no.” We review opportunities with everyone to ensure they align with our values and goals. ● Giving Back: We strive to give back to the communities where we live and work. What are your support resources in India? We have developed the processes and skill sets to deliver IT solutions to customers in India and globally. Our logistics and distribution teams understand supply chain processes and deliver engineering and support resources efficiently. We have our technical team spread across 41 countries and 6 continents that are always willing to meet the demands of customers. We have 8 offices across major cities with over 300 employees, and 70 partners in India and they enable us to cater to our Indian customer requirements even in remote locations. What are the industry trends post-pandemic? There has been accelerated technology adoption by enterprises and a rapid pace of digital transformation due to the pandemic. Enterprises have become more innovative, agile, and flexible, and understood the need for enhanced technologies to achieve business goals. Some of the key trends being witnessed are: Quantum Computing: Quantum computing handles information differently when compared to conventional computers. Its computing power is trillion times more powerful and efficient than the most advanced supercomputers we have today. Quantum computing is becoming popular in various industries like banking and finance for high-frequency trading as well as for reducing credit risks and frauds. Artificial Intelligence: By 2025, the AI industry is estimated to reach $190 billion. It offers solutions to various industries like IT, health, education, security, and logistics. AI is known for its superiority in image and speech recognition,
RAHI // Q&A
closer to sources of data. Many enterprises are moving to edge computing to enhance the operational efficiency of their businesses across the globe. Financial services, healthcare, autonomous cars network, mixed reality, IOT, IIoT etc, are adopting edge computing. Multi-cloud integration: The multi-cloud strategy helps in aiding flexibility and avoiding vendor lock-in. This trend has become useful, especially after the adoption of the work-fromhome model. Various organizations are looking to implement tools that provide multi-cloud management and integrate workloads across multiple clouds. HyperScale Data Centers - Hyperscale Data Centers is a large warehouse-like structure that has its own servers, storage system, powerhouse, and networks. It is used for large data and cloud-based applications. With an increase in the demand for data, hyperscale data centers are expected to grow at a tremendous rate over the next decade. Hyperscale data centers are capable of managing the volume of data, compute, and storage services they process. Cloud computing, software platforms, social media, and content delivery are some of the factors that are driving the growth of hyperscale data centers.
R O H I T
S I N G A L
VP - INDIA, RAHI
“Enterprises need to adopt a new technology consumption model that is relevant to today’s business needs. A strategic partner,
robust IT solutions, preparedness for an unpredictable future, and agile and flexible network architecture will make this vision a reality.”
navigation apps, smartphone personal assistants etc. Edge Computing: Classic computers were not able to handle the sheer volume of data and its
complexities hence, edge computing was born to handle excessive amounts of data. Edge computing is a distributed computing framework that is used for computation while keeping data storage
What are your views on the next generation as being the ones who will likely adopt the metaverse more seamlessly? Metaverse is a virtual ecosystem where we can work, play, and live. This requires a technological infrastructure that supports colossal data streaming while maintaining low latency. Many organizations are investing in the latest technologies like virtual reality, blockchain, video meetings, and augmented reality to bring the concept of metaverse to life. Proper network architecture and data center infrastructure are the key factors that determine the success of metaverse. Local data processing at the edge for users and enormous data processing capabilities that support the metaverse world at data centers will be required for a seamless virtual world. A report by Bloomberg Intelligence states that the financial possibilities of the metaverse are expected to reach US$800 billion by 2025, and US$2.5 trillion by 2030. The industry has been receiving a great response from various sectors which would transform virtual reality technology and the future. It cannot be denied that the Metaverse would unimaginably change our lives. Facilitating existence beyond reality, metaverse would help in fulfilling our dreams that we cannot realize in our real lives.
JULY 2022
ENTERPRISE IT WORLD 29
Q&A // CLEARTOUCH
CLEARTOUCH
Cleartouch IS DRIVING THE EVOLUTION OF CX IN CONTACT CENTERS
BY AMBIKA@ACCENTINFOMEDIA.COM
Leveraging analytics to understand customer trends. What are key trends that will power customer experience through contact centers in 2022 and beyond? The modern-day contact center already uses a host of technologies to manage customer interactions, track productivity, and much more. These capabilities are often disjointed, and they don’t offer end-to-end visibility over the customer journey. In the age of digital transformation, customers expect enhanced engagement services from companies. Due to this, organizations are increasingly leaning towards outsourced services for customer engagement through contact centers. Here are some trends that will drive customer service operations in the coming years• Migration to the Cloud: Software that is hosted on the cloud can be accessed from any location, making it a great choice for remote workers, but it can also offer higher levels of security and more powerful features. Contact centres are expected to keep moving technologies to the cloud whenever possible. • Use of analytics across customer journey: To fully understand a customer and implement better CX strategies it is vital for businesses to leverage analytics. Advanced analytics is the key differentiator that can make significant improvements in customer satisfaction. For instance, contact centers can make use of analytics at different stages of the customer journey. Interaction analytics can be used to enhance interactions between an agent and a customer through insights like response and hold times, abandoned calls, resolution time, and call transfer rate. Furthermore, tools like voice and predictive analytics can also be leveraged to track positive and negative feedback while also helping agents with forecasting and scheduling. • AI-enabled self-service channels and automated workflow: With contact center 30 ENTERPRISE IT WORLD
JULY 2022
adoption on the rise coupled with labour shortage challenges, companies are increasingly gravitating towards AI-enabled solutions to provide high-quality CX with sophisticated, scalable selfservice options that go beyond the redundancy of chatbots. Contact centers will benefit from AI with robust data and history about customers, empowering agents to enhance customer service operations and also automate repetitive and manual processes. • Omnichannel conversations: The rise of digital channels has bolstered contact centres as an industry, as businesses have more ways to connect with customers. They need to be in tune with the latest customer trends and provide them with the best customer experience possible. Engaging with your customers no matter where they are and engaging at each touchpoint of the sales cycle has become a central platform to success in the new digital world. Omnichannel communications can not only enhance product or service value but also drive customer loyalty, improve brand perception and help organizations gain a competitive edge. How can analytics be leveraged to derive meaningful customer insights by enterprises? Today’s empowered customers interact with a particular brand through various touch points across many channels like website, mobile apps, offline stores or contact centre. Each interaction is a vital part of the overall customer experience. Thus, making it extremely critical for contact centers to understand the ‘voice of the customer.’ To do so, various tools have to be employed to harness the power of call center analytics and various metrics and KPIs that are motivations, interests, and needs associated with customers. Analytics can help identify sales conversion drivers, build, monitor, and measure customer engagement index, and ensure regulatory and
statutory compliance. Enterprises can better strategize their analytics by employing a few simple techniques: • To better serve customers and gain a competitive advantage, set specific research and analysis that will not only provide you with insights but also help you with actionable insights. • If enterprises don’t have access to internal data that provides insights into customer experience, then they look at drawing insights from larger market research performed by organizations in the same space. It will help determine customer trends and problems your customers face. • In order to learn how to tackle complex CX problems, focus on simple projects that can generate valuable insights and recommendations. Adopt the same techniques to further tackle more complex issues. How customer experience can be enhanced in contact centers through solutions like Voice Analytics and AI-enabled chatbots? When the pandemic struck, the call volumes at a customer bank’s call center went up drastically. They were moving their agents to work from home, and the call volumes were increasing. So, their time to resolve customer queries went up, which made their customers unhappy. The enterprises decided to automate their processes to handle their customer queries better. There wasn’t any consensus on what could be automated. Voice Analytics is primarily an effective voice recognition tool that analyses and records a spoken conversation. Companies across industries like insurance, technology, financial services, and healthcare are leveraging this technology to generate insights into actionable customer services. ClearTouch’s Voice Analytics provides critical support to agents by using audio from recorded calls and converting them into structured data for searching and analyzing. This solution supports advanced search and filtering, enterprise-grade speech recognition and transcription, contextual call playback data, tagging and commenting, transcript visualization, and full Payment Card Industry (PCI) redaction. What are some of the biggest challenges faced by contact center agents in customer service operations? Contact centers are seen as tough work environments and often face challenges like attrition, agent absenteeism, and agent turnover, all of which affect the customer service quality, team morale, and effectiveness. Here are a few major challenges that contact agents face frequently: • Low customer satisfaction: One of the
CLEARTOUCH // Q&A
as ten separate programmes to answer a single question, and they are wasting a lot of time on administrative duties. The amount of toggling makes it difficult to provide a positive consumer experience. Organizations want a cloud-based customer care platform that enables fast and simple client interactions while enabling agents to manage numerous systems from a single point of contact. Why is cloud security becoming crucial for enterprises? As organizations get ready to expand their footprint in the business world, they are now using the cloud as a source of expansion. They have prioritized a cloud-first approach to enable their businesses to transform with agility at scale. As technology evolves, the risks of cyberattacks are also increasing. It is therefore important for companies to ensure that their data is secure and protected from any kind of threat. While companies increasingly look to cloud computing as a means to expand, modernize and stay competitive, it has its own risks.
U T H A M A N
B A K T H I K R I S H N A N
EXECUTIVE VICE PRESIDENT, CLEARTOUCH
“ClearTouch’s “always-on” cloudbased delivery model provides customers with
immediate access to the newest version of the ClearTouch platform as well as the ability to easily scale up or down adjusting to evolving business needs.” biggest challenges contact center agents face is satisfying customers. However, with increasing customer expectations enabled due to digitization and adoption of social media, coupled with cut-throat business competition, it has become even more challenging for agents to engage with customers. Hence, it is vital for contact centers to implement innovative and engaging techniques like Voice Analytics, IVR, Omnichannel strategies to provide an enhanced experience. • Lack of training: The important aspect of providing superior levels of CX does not stop with having access to high-end technology solutions. What is more important is training contact center agents on how best to use technology that will equip them to solve customer queries. Contact
centers should set up regular training sessions with agents and appraise existing techniques to significantly improve operations and services. • High attrition rate: A significant attrition problem plagues the call centre sector. Fewer employees are available to ensure efficient work execution when a trained agent quits the company. This causes the business to expand its workforce in order to offset the attrition, which drives up the cost of acquiring, training, and developing new employees. • Lack of tool integration: Instead of utilizing a single, more modern platform, many contact centres use several, out-of-date software systems and tools to assist with their daily operations. As a result, agents are opening and closing as many
What are some of the biggest challenges that ClearTouch has faced this year? Due to lack of digitization and customer service operations, enterprises find it challenging to streamline their operations. With our integrated contact center, we have been able to provide customers with Omnichannel experience, List Management Services, Voice Analytics, Call Recording, Intelligence and Reporting. Some challenges that we have addressed for our customers are: • For our customer in the BFSI space, we migrated a traditional bank’s contact center agents to work from home within 24 hours using our cloud contact center platform. • As ‘speed’ is at the center of customer experience, we have helped address over 95% of customer support issues immediately for a BPO, by helping reduce 100’s of hours in report generation for a BPO • To exercise per-minute pricing, we did customizations for our customers at zero cost, which otherwise would have been expensive • To further equip contact center agents with call volumes, we helped reduce the call hold time for agents in the RCM industry from 40 minutes to near zero • We helped remove the challenge of entering alphanumeric characters that were error-prone, in the RCM industry • We implemented list management services and enhanced the ability to extract data from multiple sources and manage data automatically. JULY 2022
ENTERPRISE IT WORLD
31
SECURITY // SOPHOS
SOPHOS
SOPHOS ANNOUNCES SOPHOS X-OPS Sophos X-Ops Links Together SophosLabs, Sophos SecOps and Sophos AI, Three Established Teams of Cybersecurity Experts at Sophos, to Help Organizations Better Defend Against Cyberattacks. Sophos, announced Sophos X-Ops, a new crossoperational unit linking SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against constantly changing and increasingly complex cyberattacks. Sophos X-Ops leverages the predictive, real-time, realworld, and deeply researched threat intelligence from each group, which, in turn, collaborate to deliver stronger, more innovative protection, detection and response capabilities. Sophos is also issuing “OODA: Sophos X-Ops Takes on Burgeoning SQL Server Attacks,” research about increased attacks against unpatched Microsoft SQL servers and how attackers used a fake downloading site and grey-market remote access tools to distribute multiple ransomware families. Sophos X-Ops identified and thwarted the attacks because the Sophos X-Ops teams combined their respective knowledge of the incidents, jointly analyzed them, and took action to quickly contain and neutralize the adversaries. Joe Levy, chief technology and product officer, Sophos, said, “Modern cybersecurity is becoming a highly interactive team sport, and as the industry has matured, necessary analysis, engineering and investigative specializations have emerged. Scalable end-to-end operations now need to include software developers, automation engineers, malware analysts, reverse engineers, cloud infrastructure engineers, incident responders, data engineers and scientists, and numerous other experts, and they need an organizational structure that avoids silos,” “We’ve unified three globally recognized and mature teams within Sophos to provide this breadth of critical, subject
32 ENTERPRISE IT WORLD
JULY 2022
matter and process expertise. Joined together as Sophos X-Ops, they can leverage the strengths of each other, including analysis of worldwide telemetry from more than 500,000 customers, industry-leading threat hunting, response and remediation capabilities, and rigorous artificial intelligence to measurably improve threat detection and response. Attackers are often too organized and too advanced to combat without the unique combined expertise and operational efficiency of a joint task force like Sophos X-Ops.” Speaking in March 2022 to the Detroit Economic Club about the FBI partnering with the private sector to counter the cyber threat, FBI Director Christopher Wray said, “What partnership lets us do is hit our adversaries at every point, from the victims’ networks back all the way to the hackers’ own computers, because when it comes to the FBI’s cyber strategy, we know trying to stand in the goal and block shots isn’t going to get the job done. “We’re disrupting three things: the threat actors, their infrastructure and their money. And we have the most durable impact when we work with all of our partners to disrupt all three together.” Sophos X-Ops is taking a similar approach: gathering and operating on threat intelligence from its own multidisciplinary groups to help stop attackers earlier, preventing or minimizing the harms of ransomware, espionage or other cybercrimes that can befall organizations of all types and sizes, and working with law enforcement to neutralize attacker infrastructure. While Sophos’ internal teams already share information as a matter of course, the formal creation of Sophos X-Ops drives forward a faster, more streamlined process necessary to counter equally fast-moving
adversaries. At the beginning of 2022, SophosLabs and Sophos MTR had been investigating an uptick in reports of attacks against Microsoft SQL Server installations, using two venerable and longpatched remote code execution vulnerabilities (CVE-2019-1068, CVE-2020-0618). These attacks leverage Remcos (a commercially available remote access trojan) and deploy various families of ransomware including TargetCompany, aka
SOPHOS // SECURITY
MICHAEL DANIEL PRESIDENT AND CEO CYBER THREAT ALLIANCE
“Modern cybersecurity is becoming a highly interactive team sport, and as the industry has matured, necessary
analysis, engineering and investigative specializations have emerged.”
Mallox; GlobeImposter, aka Alpha865qqz; and BlueSky. Meanwhile, over in the world of Rapid Response, a direct view of the initial stages of an attack is usually only seen in retrospect. In this case, the victim first noticed that something was wrong: a full-on ransomware attack against an unprotected SQL server. Acting on their own, the enterprise chose to wipe and restore their systems from backup, this time installing Intercept X.
However, the server in question was lacking crucial patches, so the door remained open to the attackers. Michael Daniel, president and CEO, Cyber Threat Alliance, said,Effective cybersecurity requires robust collaboration at all levels, both internally and externally; it is the only way to discover, analyze and counter malicious cyber actors at speed at scale. Combining these separate teams into Sophos X-Ops shows that Sophos
understands this principle and is acting on it.” Sophos X-Ops also provides a stronger cross-operational foundation for innovation, an essential component of cybersecurity due to the aggressive advancements in organized cybercrime. By intertwining the expertise of each group, Sophos is pioneering the concept of an artificial intelligence (AI) assisted Security Operations Center (SOC), which anticipates the intentions of security analysts and provides relevant defensive actions. In the SOC of the future, Sophos believes this approach will dramatically accelerate security workflows and the ability to more quickly detect and respond to novel and priority indicators of compromise. Craig Robinson, IDC research vice president, Security Services, said, “The adversary community has figured out how to work together to commoditize certain parts of attacks while simultaneously creating new ways to evade detection and taking advantage of weaknesses in any software to mass exploit it. The Sophos X-Ops umbrella is a noted example of stealing a page from the cyber miscreants’ tactics by allowing cross-collaboration amongst different internal threat intelligence groups,” “Combining the ability to cut across a wide breadth of threat intelligence expertise with AI assisted features in the SOC allows organizations to better predict and prepare for imminent and future attacks.”
JULY 2022
ENTERPRISE IT WORLD 33
CISO TALK // L&T TECHNOLOGY
L&T
“BREAKING TRADITIONS” – THE JOURNEY FROM PASSWORDS TOWARDS ADOPTIVE PASSWORDLESS AUTHENTICATION The next level in IT security is going “passwordless.
SANDEEP KARANA HEAD – INFORMATION & CYBERSECURITY L&T TECHNOLOGY SERVICES LTD.
“Passwordless Authentication helps strengthen IT security by removing
the need for risky passcode administration practices and minimizing potential attack vectors.”
BY SANJAY@ACCENTINFOMEDIA.COM
Introduction We use a variety of applications to perform daily tasks in our day-to-day lives, both professional and personal. With more technological dependence, each application necessitates security and use of password, which in turn necessitates the need for as many passwords as applications used. To make our lives easier, we tend to use easy-toremember passwords, such as date of birth or anniversary, first name + last name combination, nick names or a mix with one of the dates or appending running serial number. Many a times, we may use the same passwords across multiple applications for personal and professional life. While making our lives simple with easy-toremember passwords, we unknowingly make the work of a hacker easy as well by using such easy-to-guess passwords. In today’s IT world,
34 ENTERPRISE IT WORLD
JULY 2022
L&T TECHNOLOGY // CISO TALK
Password-less Authentication
Risk-Based Profiling for access
Adoptive Password-less Authentication
Figure 1: Adoptive Password-less Authentication Adoptive Passwordless Authentication is a journey and organizations are likely to take time to adopt has it requires considerable amount of effort, cost and time to implement when compared with other methods of authentication. According to Microsoft’s Passwordless Strategy, one needs to: A. Identify, develop, and implement a password replacement tool or offering B. Reduce the user-visible password surface area C. Transition toward a password-less deployment, and then D. Eliminate the need for passwords from the existing identity directory
Figure 2: Strategy of Adoptive Passwordless Authentication The below heat matrix represents the best journey that can be opted for Adoptive Passwordless Authentication:
MFA
Risk Based Access
relying only on username and password is not enough to protect critical data and systems against the growing number of sophisticated cyber-attacks. According to Verizon 2022 Data Breach Incident Report, 82% of breaches involved a ‘Human Element’. In 2015, cyber breach via stolen credentials was around 26%, which grew to 45% by 2017 and soared to over 80% by 2021. On the contrary, breach by exploiting vulnerability was around 55% in 2015 which reduced to 45% by 2017 and by 2021 it had further reduced to around 25%. The number says it all – cyber breach using stolen credential or password is a hacker’s favorite.
Without MFA
Security
Strong
Weak Passwords
Password Managers
Inconvenient
Password-less
Convenient
Convenience of use
Figure 3: Authentication Heat Matrix Although, the importance and need for passwordless and risk-based authentication or even Adoptive Passwordless Authentication is rising, there are still no pre-defined paths and timeframes for the journey. Any organization needs to choose their own path in the journey to achieve complete IT security, depending upon current maturity level, risk appetite, effort and investment and change management requirements.
The Past: Cyberattacks using stolen credentials in 2021 February 2021 will be remembered for the supply chain cyberattack involving software from SolarWinds, where several U.S. government agencies were compromised. The hackers deftly exploited a key vulnerability in the cybersecurity services provider’s network monitoring software, which then allowed them to enter laterally and gain unauthorized access. While this has not been confirmed, reports
JULY 2022
ENTERPRISE IT WORLD 35
CISO TALK // L&T TECHNOLOGY
indicate that the root cause of the cyber-incident was in fact a weak password, and that it was publicly accessible through a misconfigured GitHub repository. Similarly in November 2021, GoDaddy reported a major security breach. The incident compromised GoDaddy accounts of over a million WordPress customers. Attacker(s) had gained unauthorized entry into GoDaddy’s Managed WordPress hosting environment, leveraging a compromised passcode to facilitate the hacking of the company’s provisioning system. The GoDaddy incident exposed the customer numbers and email addresses of about 1.2 million customers, besides compromising the original WordPress Admin passwords and several SSL private keys. Another example from is Verkada, where hackers breached the company’s systems using an admin password leaked online in a misconfigured customer support server. An important point to note here is that, nowa-days, there are a number of online applications that can verify whether an email ID or phone number has been breached by hackers.” The Present: Adoptive Authentication For strong passwords, it is always best to use different passwords for different applications and not writing them down, but just remembering them. According to SIMFORM’s survey, an average person has at least 40 apps installed on their mobile phone. Remembering 40 complex and different passwords can be challenging. To address this, Password Manager applications are becoming more and more popular. A password manager is an app that generates new, random passwords for the sites you visit and stores them in a secure, virtual vault. The next time you visit a site that requires you to log in, the password manager will automatically fill in your credentials. The features of such apps are not limited to username and password - password managers can save sensitive data such as name, address, and credit card information while others can save important documents, medical information, and safe codes. But the question remains, is depending only on username and complex password enough? With Multi-Factor Authentication (MFA), the system users must provide at least two (or more) “factors” when they wish to access applications, network, and resources. Most common methods to achieve this are A. Something you may know – including a PIN, or answer to a security question B. Something you may have – including a
36 ENTERPRISE IT WORLD
JULY 2022
smartphone, smart card, or a one-time pass token, C. Something unique to you - including biometrics such as retina scans, fingerprint or voice recognition This gives additional protection, over and above the username and password combination. But MFA may not be a full-proof plan as there are ways to bypass MFA as well and it can become challenging due to its double authentication process. Hence, when providing access, additional risk analysis needs to be performed and based on the outcome, appropriate access to be provided to resources. This approach is known as Adaptive Authentication. Often referred to as a risk-based authentication framework, Adaptive Authentication is designed to select the appropriate authentication factors with an eye on the perceived risk and associated user behavior. Factors such as the user’s geographical location, the device used, and the role of the user can play an important part in whether (if at all) and what access should be granted. Think of an advanced MFA model! Adaptive Authentication offerings deliver a higher degree of security as compared to twofactor authentication – the most commonly used user authentication scheme. The latter is quite predictable, and you know that you will need to enter a passcode. However, hackers know that too. How do you confirm that the passcode made it to the right person? You can’t, and that is what makes the whole idea of Adaptive Authentication so much more relevant to the end-user. Adaptive Authentication protocols are designed to continuously monitor the user’s given security posture, incorporating extended authentication factors as necessary. It is remains aware of the typical activities for the user, so that when a suspicious event occurs, the safety protocols isolate the affected user and protect key business applications. Some Adaptive Authentication solutions even leverage Machine Learning (ML) and Artificial Intelligence (AI) to detect new attack vectors before they become known, helping IT personnel in fighting back cyberattacks. Unlike standard authentication protocols, Adaptive Authentication is designed to adapt to the evolving situation. The paradigm is built as the epitome of identity and access management amidst the challenge of modern cyber threats. The Future: Improving IT security with Passwordless Authentication There is a saying, “hackers do not break-in, they log in”. The next level in IT security is going
“passwordless”. If there are no passwords, hackers will not have anything to steal. Passwordless Authentication was designed to allow user access to applications or IT systems without having to supply a passcode or trying to remember the answer to a security question. The user, instead, can provide some alternate evidence, including a proximity badge, their fingerprint or retina scan, or a hardware token. The paradigm is often leveraged in combination with Single SignOn and Multi-Factor Authentication solutions to help deliver an improved user experience, while strengthening security and reducing cost and complexity in IT operations. Passwordless Authentication helps strengthen IT security by removing the need for risky passcode administration practices and minimizing potential attack vectors. It is also focused on delivering an improved user experience paradigm by eliminating the oft-quoted secrets and passwords fatigue. Leveraging Passwordless Authentication, we no longer have to rely on passwords that need to be memorized or security question answers which must be recalled. Users can be migrated to: • USB devices (FIDO2-compliant keys), physical tokens, or Proximity badges • Software certificates or tokens • Fingerprint, retina scanning, or voice/facial recognition, • Mobile phone-based applications In a corporate environment, for devices and applications to be passwordless while maintaining seamless working conditions, additional layer of Single-Sign On (SSO) plays a crucial role. - Adoptive Passwordless Authentication Using passwordless method, in addition to risk-based profiling for authentication creates Adoptive Passwordless Authentication system.
References: 2022 Data Breach Investigation Report (DBIR) | Verizon The Most Significant Password Breaches Of 2021 | Expert Insights App Usage Statistics 2021 that’ll Surprise You (Updated) (simform.com) Password-less strategy - Windows security | Microsoft Docs
MANDIANT // TECH TRENDS
MANDIANT
MANDIANT M-TRENDS 2022 REPORT PROVIDES INSIDE LOOK AT THE EVOLVING GLOBAL CYBER THREAT Global median dwell time continues to decline; however, a significant number of new threat groups and malware families have emerged.
BY SANJAY@ACCENTINFOMEDIA.COM
Mandiant, Inc. the findings of Mandiant® M-Trends® 2022, an annual report that provides timely data and insights based on Mandiant frontline investigations and remediations of high-impact cyber attacks worldwide. The 2022 report––which tracks investigation metrics between October 1, 2020 and December 31, 2021—reveals that while significant progress has been made in threat detection and response, Mandiant continues to see adversaries innovate and adapt to achieve their mission in targeted environments. Global Median Dwell Time Drops to Three Weeks According to the M-Trends 2022 report, the global median dwell time––which is calculated as the median number of days an attacker is present in a target’s environment before being detected––decreased from 24 days in 2020 to 21 days in 2021. Digging deeper, the report notes that the APAC region saw the biggest decline in median dwell time, dropping to just 21 days in 2021 compared to 76 days in 2020. Median dwell time also fell in EMEA, down to 48 days in 2021 compared to 66 days the year before. In the Americas, median dwell time stayed steady at 17 days. When comparing how threats were detected across different regions, the report found that in EMEA and APAC, the majority of intrusions in 2021 were identified by external third parties (62% and 76%, respectively), a reversal of what was observed in 2020. In the Americas, the
CHARLES CARMAKAL SENIOR VICE PRESIDENT AND CHIEF TECHNOLOGY OFFICER, MANDIANT
“Chinese cyber espionage activity ramped up significantly in recent years, with Asia and the U.S. remaining the most
targeted regions.”
detection by source remained constant with most intrusions detected internally by organizations themselves (60%). Organizations’ improved threat visibility and response as well as the pervasiveness of ransomware––which has a significantly lower median dwell time than non-ransomware intrusions–– are likely driving factors behind reduced median dwell time, per the report. New Threats Emerge as China Ramps Up Espionage Activity Mandiant continues to expand its extensive threat knowledge base through frontline investigations, access to the criminal marketplace, security telemetry and the use of proprietary research methods and datasets, analyzed by more than 300 intelligence professionals across 26 countries. As a result of relentless information gathering and analysis, Mandiant experts began tracking 1,100+ new threat groups during this M-Trends reporting period. Mandiant also began tracking 733 new malware families, of which 86% were not publicly available, continuing the trend of availability of new malware families being restricted or likely privately developed, according to the report. Charles Carmakal, Senior Vice President and Chief Technology Officer, Mandiant, said, “Chinese cyber espionage activity ramped up significantly in recent years, with Asia and the U.S. remaining the most targeted regions. This year’s M-Trends report notes a specific focus on government organizations as well as the use of the same malware families among multiple cyber espionage actor sets, likely due to resource and tool sharing by disparate groups. Further, with the implementation of China’s 14th Five-Year Plan in 2021, we expect to see cyber espionage activity continue to accelerate in support of China’s national security and economic interests over the next few years.” M-Trends 2022 also notes a realignment and retooling of China cyber espionage operations to align with the implementation of China’s 14th Five-Year Plan in 2021. The report warns that the national-level priorities included in the plan “signal an upcoming increase in China-nexus actors conducting intrusion attempts against intellectual property or other strategically important economic concerns, as well as defense industry products and other dual-use technologies over the next few years.”
JULY 2022
ENTERPRISE IT WORLD 37
SECURITY // DATA PRIVACY
KAUSHIK BHADURI GLOBAL SECURITY AND RESILIENCY PRACTICE LEADER, KYNDRYL
“Organisations should place Data Privacy always considered as
private by organisations, among their top business prioritie.”
otherwise can impact the share value. Furthermore, businesses also have the responsibility of collecting, storing and leveraging personal data of customers to meet regulatory obligations, failing which could result in legal punishments, including hefty fines and even prison time in some cases.
DATA PRIVACY
DATA PRIVACY AS A DISCIPLINE IS GROWING IN IMPORTANCEW
BY AMBIKA@ACCENTINFOMEDIA.COM
It increases business value, improves brand image and builds customer loyalty. Years before consumer internet or even computers, many retail brands were manually capturing customer information to serve the latter better during repeat sales. Consumers were willingly sharing their personal details, with majority of them not even worried of it getting misused. However, there is a dramatic change in today’s business environment with customers increasingly expressing their concerns about data privacy and security issues. A consumer survey across Australia. Canada, France, Japan, UK and the US, a couple of years ago by Consumer International and the Internet Society, confirms these apprehensions. According to the survey, 75% of people distrusted the way data is shared, 63% of them found connected devices ‘creepy’. Today, such fears exist in Indian consumers too. Businesses should take this aspect seriously and consider this as an opportunity to regain and build consumer trust and nurture it, creating the competitive advantage. For both organisations and customers, Data Privacy Management is extremely crucial, especially in the current world, where the line between offline and online is blurring. Customers provide their personal information to sellers, assuming 38 ENTERPRISE IT WORLD
JULY 2022
the latter will safeguard their data. Yes, every time a consumer logs in to his or her device to check mails, for entertainment or news updates, they are casually giving away personal information that could get misused later. Significance of Data Privacy Data, the new currency has evolved to become a business asset and provides several business insights leading to the delivery of a great customer experience, one of the key business objectives. In the modern world, new-age technologies and tools contribute to easy collection of personal information. Organisations should place Data Privacy among their top business priorities. Not always considered as private by organisations, chances of data leaks are high, with it falling into hackers’ hands, severely harming the users as well as businesses. Among other unwarranted uses of personal data, it can be sold to other sellers and advertisers without the consent of the users. Organisations should display transparency in collecting personal data and how it is utilised, while protecting it to build customer trust and gain the confidence of potential investors, which
Data Privacy is an evolving discipline Businesses generally integrate data privacy, primarily to ensure regulatory compliance and avoid penalties. However, data privacy as a discipline has many other benefits too. Besides appealing to the investor community, financial losses and customer churn can be avoided without harming brand reputation. An effective data protection program should provide clarity of the sensitive data, while ascertaining who has access to the information. All employees should be trained and involved in data security responsibilities. Necessary sensitive data policies should be implemented to ensure regulatory compliance. Processes and technologies for continuous data protection should be automated. A mechanism for continuous monitoring should be put in place. Only by ensuring best practices across all business units are diligently followed and data privacy standards are integrated with their processes, can the data privacy policy be effective. Data Privacy is recognised as the human right in the UN and it is important to establish a data privacy culture across the organisation. Government of India has plans to introduce policies on data governance and cybersecurity. The country’s IT Act may be replaced with Digital India Act, with new regulations set to replace the Personal Data Protection Bill. It is also critical for users to learn the value of data privacy and be vigilant when sharing their personal information. To reiterate the importance of Data Privacy, every year 28th of January is observed as Data Privacy Day across many countries, to increase awareness, and provide a boost to data protection best practices.
Transforming telecommunications enriching the customer experience atos.net
rh-msd2019-a5-print-ad-pathed-201907.pdf
RNI NO: DEL ENG/ 2017/ 69906 Postal Reg. No.: DL-SW-01 / 4200 / 17-19
1
1/7/19
12:40 PM
Date of Publication: 15 of Every Month Date of Posting: 1 & 2 of Every Month