An incident in the past has helped ACPL Systems better prepare for the prevailing condition. Vishal Bindra, CEO, ACPL Systems, shares more on how the past experience is coming handy in tackling the current scenario
As a security solution provider, how do you assess the current scenario and the lessons learned; what’s your preparedness to handle such unprecedented situation?
About eight years ago, we faced a huge outage in our email server during a long public holiday. We could not reach out to our service providers, and with no access to servers, it turned into a big challenge for us. It was an in-house hosted facility and office was closed due to holidays.
With this incident, we realised as a solution provider, we ourselves don’t give the required attention to IT hygiene or IT management. As a lesson, we decided to move to cloud as much as possible. Today, we have email, accounts, CRM, and service desk including others hosted on cloud. Since we were doing a lot of support work, we started providing remote support to our customers. We have built a unique system with the customers, which is not affected by the COVID-19 situation.
Customers ask for engineers to be present on site and they end up doing L1 work. Hence, we decided to deploy 80 per cent of workforce for L1 work and 20 per cent for L2 work. We have worked out a formula, wherein we deploy L1 team on site, whereas, L2 and L3 teams work as shared resources, providing remote support to customers. All these processes are coming handy to us while working remotely during this period.
The moment we realised that the prevailing situation is worsening, it took us 48 hours to set up the remote processes where we looked at three areas – patch management, putting DLP under control, and installing endpoint detection and response (EDR) tools our teams’ work stations. When the lockdown was announced, all our employees were already working from home, as the steps taken ensured a seamless work.
Highlight some of the challenges being faced in providing service or support to customers during this period?
We have enabled five organisations adopt work-from-home practice; WFH is not a challenge today. We have moved our customers’ critical resources first towards WFH, followed by rest of their teams. We also reached out to our OEMs that provide access to tools like VPN, so that customers’ workforce can work from home.
Hence, instead of implementing a new technology, we identified the different existing technologies, which can become route to secure internet access from home. As we had short time to shift all the applications to cloud, we gave cloud access to our customers wherein from a particular IP, they can reach to particular destination inside their application.
Post this, accessing email became easy, as customers were already using Office365 or Google. We also gave them access to their secured applications and ensured that we deploy an EDR tool. We are now monitoring our customers to prevent attacks.
Additionally, we conducted various sessions for our customers and educated them on the different types of phishing attacks they can expect during this period. We asked them to access data only through VPN. Due to less support requests and low workloads, we shifted some of our internal teams to look at their customers’ incidents, monitor their firewall, and EDR among others. Till now, this approach has worked successfully for our customers.
Meanwhile, we have asked our customers to prepare a list of critical applications that are difficult to access remotely. With this, we will be able to move those applications to cloud. This is not just help them in the current scenario, but also help them identify the next steps they need to take once they resume office. While every organisation wants to move to cloud, this exercise will help them find what needs to be moved first.
This is the best time for enterprises to dive deep into their applications and check the areas of difficulty. We are ensuring customers get firewall-as-a-service and encouraging them to use SD-WAN. We are also utilising this period to help customers identify the next investments they should make. Customers are not just looking to deal with the current scenario, but also finding ways to reduce costs while maintaining the same level of efficiency.
In this time of total lockdown, how are you ensuring 24×7 service and support to your customers?
Prior to this crisis, we have been providing 24×7 support to our customers and we continue to do so even today. All our telephone support lines are open, and our critical customers have access to the hotline numbers. Dedicated engineers are working with their set of customers and they are totally capable and responsible to handle customer. For instance, we have been doing migration for two of our large ITeS customers and it is going as per the schedule defined earlier. For another customer, a large pharma company, we moved their two large international sites within just 24 hours for remote working.
Realising that customers would require our constant support, we also provided personal training to our employees and prepared them for any eventuality.
Soon we will witness changes in business models, wherein there will be far more remote workers in any organisation. In such scenario, what are the best cyber security practices for customers? And how would you, as a security solution provider, complement in such a scenario?
For software development or IP creation, organisations will start adopting the model of virtual machines, wherein anyone can login from anywhere, and get the secured container. As far as software development is concerned, the ‘container or docker’ market will pick up in the times to come. This is one thing that we, as a solution provider, have also started adopting. The larger organisations can also benefit from this approach. Today, with the emergence of digital technologies, most of the vendors are talking about diminishing boundaries wherein one can connect to a particular application from anywhere securely. And within a year’s period, we will see a huge reduction in private or captive data centres.