"At Concentrix, Privacy, Security and Continuity is of paramount importance considering the interconnected and data-driven world. IT security has become a crucial function for modern information systems," says Rishi Rajpal , Director - IT Governance (Privacy, Security, Compliance and Continuity), Concentrix Corporation
What does the new-year of 2016 hold for IT security for Concentrix? Which security technologies can we expect Concentrix to invest in 2016 and beyond?
Traditionally, IT security was based on strong perimeter defenses like Firewall, IPS, Content Filtering etc resulting in a hard fringe and a soft core. In a distributed, Cloud, mobile and always-connected world, this paradigm has completely changed. There is need open up our perimeter and still protect our most valuable asset "DATA".
Today's complex IT systems and business models require a global security governance approach, which is tightly coupled with the business issues.
Relying on perimeter defense and rule-based security is inadequate, especially as organizations are moving towards cloud-based services and open APIs for customers and partners to integrate with their systems. Traditional blocking measures need to be supplemented by real time threat monitoring and blocking and other measures to prevent attacks. Application self-protection, as well as user and entity behavior analytics, will help fulfill the adaptive security architecture.
In line with the emerging technologies such as mobile, cloud, IoT, social and analytics that brings new challenges and opportunities especially in the area of identity and access management (IAM) and regulatory requirements, we have invested in strategic tools in IAM and Security Information and event management (SIEM).
It's been proven time and time again: unmanaged, unmonitored privileged accounts are an easy target for both external attacks and malicious insiders that can lead to loss or theft of extremely sensitive information.
Privileged Identity Management helps the monitoring and protection of privileged accounts and is one of the most important aspects of Identity and Access Management, and cyber security today.
SIEM technology provides Log Management, analytics, compliance reporting and real-time monitoring and incident management for security-related events from networks, security devices, systems and application. Almost every business is bound by some sort of regulation, such as PCI-DSS, HIPAA and Sarbanes-Oxley (SOX). Attaining and maintaining compliance with these regulations is a daunting task. SIEM technologies can address compliance requirements both directly and indirectly.
We will continue to assess and evaluate the changing threat landscape and invest in right tools to safeguard and our own and our client's data.
What about new-age security jargons like APT, NGFW, DLP? Would you call them a hype?
As we partner with clients to move up the value chain and handle end to end service solutions for high value projects, data and IT security becomes key to the business. We are increasingly adopting automation of sub process solutions thereby leveraging on business analytics, mobility, cloud delivery and big data.
Sign up for CIO Asia eNewsletters.