The client, is a Microfinance institution committed to working towards women’s economic empowerment. It is providing innovative and affordable financial products to women from unbanked sections in society in both rural and semi urban areas. It has branches in 16 states across India.
Number of users : 1200 Devices
Introduction: Every Good Corporate citizen has to have robust Information Policies encompassing the Operations, Information Security and the Application to safe guard the interests of all the Stake holders. It is pertinent that it is even more important for the Financial Institutions who are under constant and concerted cyber attacks for fradulent financial gains. RBI, the Regulator of Indian Banking System has given guidelines for the Information Policies for Financial Companies including NBFC.
As per the Guidelines, dated: 8th June 2017, NBFCs may formulate a Board approved IT and IS policies in-line with the objectives of the organisation. RBI also recommends initial and periodic IS Audits to ascertain Cyber readiness, IS Risks, IT Operations, Governance, Business Continuity, Cyber Threats, vulnerabilities, changing needs in line with customer requirements, and a periodic review (atleast Once in a year) and a mechanism/ plan for cyber crisis management and reporting RBI on any Events
Security Threats:
Day-by-day, the scale and complexity of Digital threats are increasing. Cyber-attacks have caused chaos on some of the world’s largest financial services organizations.
In 2013, just over half a million samples were malicious, it has only gone up to 2 million in 2015 and in 2017, the number is three and half a million. Such is the rapid spread of malicious codes and attacks on the Internet.
The digital risk scene is transforming significantly; the quantity of malignant applications has alone risen relentlessly over the most recent four years to 2.5 Million. Creating suitable defense mechanism against threats, including the recent ones like Ransomware and browser exploits gives peace of mind to the Corporates.
The Need:
The Client was looking for a simple solution to manage all the security related actionables, across the entire network and covering all computing devices including mobile Phones and also to effectively mitigate the future cyber threats to their Network.
As they hold personal and financial informations of their clients, they were looking for a combination of Cybersecurity tools and processes to defend the organizations’ data from cyber attacks and accidental data loss or breaches.
Technologies including Artificial Intelligence and an advanced form of machine learning to improve the detection of suspicious malware files, control access to bluetooth and removable media, to manage applications, to control accidental information/ data loss and to enable proper web Access control to detect and block any other attacks were needed.
The Solution:
The Client evaluated security products of Sophos, recommended by VAYS Infotech, amongst various other Popular products in the Market to deal with an expansive range of CyberSecurity Risks.
It was Sophos Endpoint Protection which met their expectations, especially those pertaining to Antivirus, Web Control, Data Loss Prevention, Peripheral and application control.
The Client initially did proof of concept and tested Threat Protection with DeepLearning, Real time scanning-local and network shares, Real time scanning -internet and Runtime Protection with sample malware files and the outcome was meeting their expectations.
By compelling category-based web filtering on and off the corporate network, our client gets better control over the content employees can access over the net.
The Client can Allow/ Block /Warn Risky file types ((ActiveX Controls (ocx)), Adobe Flash Video (flv, swf), Adobe PDF(pdf), DOS Command File (com),Java Applet (class), Java Archive (jar), Other Executables, Windows Executable (exe), Windows Installer (msi), Windows Library File (dll)), Advertisements, Social Networking Sites, Adult & potentially inappropriate categories & Downloads.
With application control, the Client can allow / block application by category or name, thus reducing risks posed by employees accessing malicious, PUA, illegal or unauthorized software.
The Client also has better control over removable media like Bluetooth, Floppy drive, Optical drive, Removable storage, Wireless, Media Transfer Protocol (MTP)/ Picture Transfer Protocol (PTP) with Peripheral Control.
The Data Loss Prevention (DLP) allows the client to Allow/Block unauthorized data flow based on Contents, File types and File names.
The Other Benefits of Sophos Intercept-X End Point Security includes, Deep Learning, Malware Detection, Active adversary mitigation, Root Cause analysis on malware Origins and Exploit prevention. The Sophos UTM (Unified Threat Management) furnishes extreme system security bundle with everything in a singular modular appliance, is easy to manage through its centralized console, offering dashboards for both partners and customer users. The Client IT team can receive notifications, customize their security status and recover passwords through the user dashboard.
About Vays Infotech:
Vays Infotech serves the IT needs of businesses across various industries including Financial Institutions. Whether clients require on-site or cloud-based solutions, telephony or data systems, fully-managed IT or project management, Vays has the expertise to meet the industry-specific needs of our clients. Vays is headquartered in Bangalore, India & Operations in Chennai, UAE & Singapore.
Vays Infotech can advise clients on the right solutions for mitigating Security related risks and also for implementing Guidelines from the Regulatory bodies like RBI. Vays can keep track of renewal dates and licenses, manage the installation, respond to alerts through the partner dashboard.
Click here to know more about our End Point Security.