iOPEX Technologies Securing Sensitive Data and Safeguarding Against Cyber Threats
iOPEX transforms and optimizes work to flow with less friction while using digital engineering capabilities in automation & AI, coupled with rigorous operational discipline which significantly improves customer experience, economic gains, and business insights. During an interaction with Vidushi, Ashok Thalavaiswamy, Senior Director IT and Cyber Security iOPEX Technologies discussed how iOPEX Technologies ensure the security of sensitive data and about the cybersecurity infrastructure.
What measures does iOPEX Technology employ to ensure the security of sensitive data within its systems and networks?
We do not allow official email ID access on devices other than office-provided devices using “Using Google Context-Aware Access”. Based on the business requirement, we are blocking sending mails outside iOPEX domain or allow only specific domains to have access to send and receive mails. We blocked external devices like USB drives, Blue Tooth, and others from connecting in to ensure security system is intact.
End Points using Anti-Virus Software:
At iOPEX technologies, we have blocked personal emails and drives using Zero Trust Network Access, which will block the sites if you are accessing an outside office network as well. We use BitLocker to avoid data loss from laptop theft and others. We also restrict data storage in local drives and allow data storage only within the company-provided share drives. Monitoring the data movement using DLP (data leak prevention) and train and educate all users.
Can you describe iOPEX’s approach to threat detection and incident response in cybersecurity?
At iOPEX, as part of the cybersecurity strategy, threat detection and incident responses are plugged in automatically, considering their importance. With clear definition of policies along with continuous monitoring towards threat detection get carried out using the SIEM (Security Information and Event Management) tool. iOPEX framework gets triggered during the security incident, resulting in appropriate communication, ensuring coordinated responses in automated approach.
How does iOPEX Technology stay updated with emerging cyber threats and vulnerabilities, and how do you integrate this knowledge into your security protocols?
The iOPEX dedicated team gathers all the relevant trends and updates from various sources. We also have a panel of experts on our advisory team, enabling us to stay updated with the cyber threat landscape. We periodically review the process and procedures and protocols, and based on the emerging trends, appropriate changes are carried out within the framework, resulting in a coordinated and updated response.
What role do employee training and awareness play in iOPEX’s cybersecurity strategy, particularly in preventing social engineering attacks or insider threats?
We at iOPEX strongly believe technology and tools independently cannot be depended on to prevent threats. Owing to this, we continuously support our teams by providing them with required knowledge and skills through periodic training sessions. Also, we ensure active business leadership participation is contributed considering the importance of training programs with clearly defined functional objectives, training mechanism based on the team’s requirements by clearly communicating the importance of cyber security to the entire team.
Can you provide an overview of your current information security ecosystem?
We have multiple projects at iOPEX Technologies. We are into IT/ITES and support different customers. As per customer requirements, we have IT security Policies; Access levels vary depending on business needs. Hence, we need to set up LAN & Wi-Fi segments for respective projects. Aruba ClearPass created VLANs for each project and defined LAN and Wi-Fi policies. And created a separate VLAN for Guest users / Clients with separate IT policies. The guest VLAN is isolated from other VLANs.
Hence this will not impact any security issues. We have prepared the Guest Wi-Fi Portal using Aruba ClearPass. This helps clients request Internet access on their own and upon validation the team will enable internet access from the backend with defined timelines. The tool also helps us create reports on users’ access, utilization, duration, and others, which can be used both internally and externally.
What steps have you taken to build a robust cyber defense infrastructure?
We block external devices like USB drives, Bluetooth and others connecting to End Points using Anti-Virus Software. This can be blocked using Active Directory as well. The sites will be blocked if you access outside the office network using Zero Trust Network Access. Using Bit locker to prevent data loss from laptop theft. We do not allow access to official email ID’s on other devices. We limit data storage to local drives and allow only data to be stored on company-provided shared drives, which can only be accessed by company devices. Training and educating all users about data movement using DLP (Data Leak Prevention).
In what ways do you leverage AI and ML in your cybersecurity measures?
We have provisioned an isolated AI environment. Users can use those facilities and play around with technologies safely. Also, we have provisioned VDI (Virtual Desktop Infrastructure) Environment for Al & Where you couldn’t copy data from your system to VDI or vice-versa.
With the increase in remote working, what specific challenges have you faced in terms of cybersecurity?
During the Pandemic Period, Work from Home / Anywhere became mandatory, and this became an expectation for users of the Hybrid Model of working culture. The IT department provides a secure environment for users to access internal and customer applications and browse the Internet. After the evaluation, we have decided to proceed with the Zero Trust Security Solution
This allows users to connect from anywhere securely. Similar Internet policies are applied, when they Work from Anywhere and in Office. Also, Access Applications traffic will pass through a private channel (Tunnel) and be encrypted. Location-based access ensures business data privacy and security.
We have enabled antivirus compliance checks. Zero Trust will block the Internet if the Antivirus is not up to date; they should click the update button or contact the IT department to update their antivirus software. This ensures systems are always up to date with AV.
We have removed all direct access to applications. Hence users should access applications only via the Zero Trust Solution.
Ransomware attacks are on the rise. What preventive measures do you have in place to mitigate the risk of ransomware?
We ensure that all our users access the Internet, Intranet Applications and Customer Applications through a secure channel. This relieves the IT team of IT security headaches. We block external devices like USB drives, Bluetooth and others connecting to End Points using Anti-Virus Software. This can be blocked using Active Directory as well. Using Zero Trust Network Access, you can also access outside the office network, blocking your personal emails and drives.
