securitylinkindia

A Systems Thinking Approach to Digital Transformation

Vikas Bhonsle, CEO Crayon Software Experts India The digital age is also interpreted as the age of networked intelligence. As data becomes more easily accessible, in the right format, and at the right time – organizations gain new capabilities to re-engineer business operations for faster and more efficient service delivery. Throughout the lifecycle, a comprehensive system thinking approach addresses not only the complex product and its diverse subsystems but also the wider systems of which it is a part. At the systems level, users, the environment, other products, and processes impact the product throughout its lifespan. Organizations who design considering these factors excel in their operation The concept of systems thinking is not new. The principle of “the whole being greater than the sum of its parts” can be traced back to Ancient Greece. Systems thinking is a comprehensive approach to modern business operations that focuses on how a system’s main constituents correlate and how they work overtime and within the framework of bigger systems. Applying this approach to the current technology stack will demonstrate its utility. No division in an organization is an island; how else does each section of the business communicate and merge? And, how do the systems that each department employs interact and integrate? It is the combinations of different processes that make a huge difference. Interactions result in new, more efficient actions, which streamline and facilitate efficiency. An Era of System Thinking Today digital transformation is about connecting various devices and systems that can provide value. It is about building a network of intelligence through the use of technology. It is not solely concerned with meeting customer demand but also with restructuring organizations and how they are managed to increase capital and value creation through process efficiency and effectiveness in a broad sense. In other words, the current era has taken a proactive approach to changing the entire system rather than a specific aspect, as businesses do not have a dedicated digital department and instead incorporate digitalisation into their organizational culture and strategy. System thinking allows people to use their awareness of modern systems to improve a situation. Unlike the traditional system, which focuses on separating individual pieces of what is being studied, systems thinking focuses on how the subject of study interacts with other elements of the entire system. In today’s world, digital transformation is a synthesis of customer demand, technology, and overall business goals. Employing Systems Thinking to Your Digital Roadmap Building a digital roadmap starts with a set of objectives. It starts with bringing key stakeholders from each department to compile a list of needs, differentiating between those that affect the entire business and those specific to one department. Broad goals are to be considered rather than specific ones. After creating a list of business-wide and department-specific needs that must be met by systems thinking of digital transformation, one must discuss how the department needs to intersect. This is significant for two reasons. The first is the interconnected nature of system thinking advancements. The second benefit is that it sets the tone for the solution; from the start, the company should focus on discussing connected solutions and collaborative thinking. It’s critical to start on the same page, and ensuring company-wide buy-in will lead to better development and adoption. With a clear understanding of what the business and each department want to accomplish, it is time to define the solutions that business intends to implement in the coming months and years. Collaborating with a digital transformation partner can help the business see what is possible and the range of options available. The goal is to demonstrate that digital transformation is a journey, not a race. Take a crawl, walk, run approach; always consider the potential cross-business impact of a particular solution. In the short term, the organization should aim to implement a series of digital proof points, each of which addresses a key business goal. The digital roadmap is not fixed. The company will have compiled data on each of the digital solutions implemented; they should learn from the insights and adapt its own approach. It is especially important to put in place a system that shares this insight, allowing both department decision-makers and automated programmes to learn from cross-business actions. Systems Thinking is essential for the design of complex systems as well as the execution of a company’s long-term digital strategy. Whilst using the systems thinking approach, the organizations will almost certainly be swimming in seemingly disparate data, making quick and simple modelling critical to ensuring the digital roadmap is on track.  

Read More

What the Recent CERTIn Directives Mean for Businesses in India

By Shrikant Shitole, Chief Executive Officer, iValue InfoSolutions As of July 1, businesses in India must comply with new regulations set forth by the country’s Computer Emergency Response Team of India (CERT-In) organization and the Ministry of Electronics and Information Technology (MeitY). These new directives require businesses to report any cyber incident within 6 hours – one of the shortest cybersecurity incident reporting windows. The recent directives from the Computer Emergency Response Team of India (CERT-In) have caused quite a stir in the security community. Apart from mandatory reporting of cybersecurity-related events, organizations must sync server time stamps, maintain 180 days log back-up, and customer details of virtual private network (VPN) services for a period of five years. The rules [PDF] mention 20 cyber incidents to be reported, including data breaches, ransomware, and fake mobile apps. The new guidelines will come into effect from June end and will also be applicable to cloud service providers and virtual private server providers. What does it mean for businesses? CERT-In’s directive is a cause for concern for businesses in India. Domestic and global industry bodies like ITI are voicing their concern and the potential impact on every business. Impact on VPN providers During the pandemic, a paramount cybersecurity tool has been a Virtual Private Network (VPN). According to a report by Atlas VPN, VPN usage in India exploded with a growth of 671% in 2020, totalling 348.7 million users by the first quarter of 2021. The growth is mainly attributed to the Indian governments growing restrictions on internet usage. India joins a handful of countries, like Belarus, China, Iraq, North Korea, Oman, Russia, and the United Arab Emirates, that heavily regulate or outright ban VPN services. The new guidelines are a severe pushback to VPN providers in India. For many, it goes against their core USP of privacy, strict no-log policies, and their main selling point of anonymity. Companies like NordVPN and SurfShark are considering moving out in light of the guidelines. While CERT-In is said to issue a clarification on the April 28 directives, we are yet to see any shift in their stance on VPN privacy. Impact on crypto wallets Joining the league of financial service regulators, CERT-In now requires virtual asset service, exchange, and wallet providers to maintain Know Your Customer (KYC) and financial transactions for five years. Experts suggest that these directives will form the foundation for crypto regulation in India. This follows the recent Union Budget announcement of a flat 30 percent tax on gains from cryptocurrencies and a 1 percent TDS on all crypto transactions. Organizations must start syncing their system clocks with ICT systems and connect to the Network Time Protocol (NTP) server of the National Informatics Centre (NIC) or National Physical Laboratory (NPL). Syncing timestamps with distant servers raises latency issues. Large data centres would prefer a server that is nearby and trustworthy public NTP servers (like Google) over time sync servers of NIC and NPL. How will CERT-In create dedicated server time? We are yet to get clarification. The cost, time, and resources to implement the change Making changes in organizational security in just 60 days is challenging. The number of resources required to sustain the new changes is questionable on either side. Would CERT-In be able to handle the load? Organizations must maintain logs of ICT systems for a rolling period of 180 days and retain personal data such as names, addresses, phone numbers, emails, and IP addresses of subscribers for a minimum of five years. This could be a potential violation of GDPR norms. Companies would also need to maintain log servers or invest in services of Security Information and Event Management (SIEM). While SIEM is a valued option, the cost of implementing these changes would be hefty for small to medium organizations. The failure to comply with CERT-in directives would attract a fine of up to Rs.1,00,000 or imprisonment for up to a year under Section 70-B(7) of the IT Act. The bottom line? We are eagerly anticipating clarity in certain places, especially whether additional infrastructure has to be created to store the data. Or whether they are allowed to outsource the storage of data to third-party data storage, retention, and localization service providers. While India’s move to strengthen the digital ecosystem is a welcome initiate, in the long run a pragmatic approach would gain better coverage, keeping a fine balance between national security, public surveillance, business priorities, and netizen’s privacy.  

Read More

Relooking at Hospital Security

In a new world where healthcare systems need to be of the highest order, the processes have taken a strong momentum to improve infrastructure and amenities following the pandemic years. The policies are rapidly resurfacing as they have become crucial for the citizens of a country. Hospital Security involves securing patients, staff, visitors, and physical infrastructure. Hospitals have multiple access points and witness huge crowds daily. Most hospitals are considered ‘soft targets’ as they are high-density locations including crowded areas such as schools, shopping malls, and schools. They commonly have many access points with limited security guards. Even the threats of theft, violence and other crimes are real risks for hospitals. These are some of the common reasons why we may be more vulnerable to certain types of security risks in the coming future if left unattended. In the face of a pandemic, risks are heightened, and the need for stricter security norms looms large. The role of hospital security is to ensure the safety, security, and welfare of all patients, staff, and visitors to their full capacity. Apart from people, it is also important to secure medical equipment, operating rooms, facilities, and sensitive information. Without adequate safety and security measures, hospitals can become easy targets for intrusion and unwarranted activities. Statistics There are a total of 18,99,228 hospital beds in India, out of which 11,85,242 are in the private sector, and the remaining 7,13,986 are in the government sector. 59,262 ICU beds are in the private sector and 35,699 beds in the public sector. (April 2020, analysis by the Center for Disease Dynamics, Economics & Policy). The Union Budget of 2022-23 allocated INR86,200 Cr. to the Ministry of Health and Family Welfare, a nearly 16% increase in comparison to FY 2020-21. By 2036, the population of India is expected to increase to 151.8 crores (approx.) at the rate of 1.0 percent annually. Calls for better infrastructural facilities. Types of Hospital Safety Patient and child safety, emergency services, contract staff, catering establishments, parking traffic, pharmacy control, clinical safety, equipment protection, fire safety, and evacuation. Risks & Security Threats The healthcare industry is widely regarded as having a weak security system. The main challenges that arise in hospital security are: Deficiency in manpower and infrastructure. Unchecked visitors due to heavy traffic at the entry and exit gates is one of the probable risks. The parking area is a hot spot that needs immediate attention for threat control, as the damages may result in an expensive disaster. Healthcare data breaches and cyber-attacks expose highly sensitive and valuable information of patients. In 2016, a kidney trafficking racket was wedged in Mumbai’s hospital meanwhile Delhi faced an incident that includes the swapping of newborn babies due to gender biases in 2017. The year 2022 recorded an unpleasant episode where some of the relatives ransacked a private hospital in Nagpur and further assaulted a doctor after the patient’s death. These are some of the issues that are confronted by hospitals every day, and the number of such incidents per year is increasing. If we tighten our security systems, it may reduce the scope of these cases significantly. Together with manned guarding, vigilance, surveillance, and electronic security can such threats be addressed better. Safety Measures Maintenance of the records and medical history of all patients as credible National Health Data is important for the govt, and stakeholders, and to also maintain transparency with the democratic citizens of this country. Provisions by regulatory authorities, planned strategy, patrolling and reporting, quick response teams (QRTs), protection of high-value laboratories, allotting of investigation officers, more organized and categorically strict ‘entry & exit’ systems, easing out language barriers, and reduction of cues, monitoring, and checking of cue reduction besides registration of all visitors. Electronic access systems for physical security needs like printing photo ID access cards and face recognition systems for the authorized staff, and visitors. Biometric authentication such as fingerprints, upgraded software integrations, high-speed internet access, 24×7 control room regulation, and automatic door controllers with a magnetic locking system. Disease control/ prevention, administrative security, and safeguarding of dormitories having high-risk equipment and inflammable tools. Reliable and latest information on healthcare resources and their deployment can address problems with real-time solutions. To further ensure a district-level electronic database of information on health system components. Hospital staff & security coordination training, fire training, and security guards training to counter any mishaps for real-time action control. Verification of IDs and badges to make sure the doctors, patients, and visitors are at their assigned wards. Furthermore, contactless access card readers for easy access. Effective communication amongst security officers, quick monitorization of strategically positioned CCTV cameras. Metal detectors and screening tests of all visitors. Handling the patient’s and their relative’s emotions in cases of serious medical issues. Besides the doctor, a skilled healthcare security officer can maintain composure and tactically handle the emotions of the deceased/ injured. Patrolling by the trained security officers for potential fire threats due to sparks generated via electrical equipment or combustible materials. Regularly examine the expiration dates of the fire extinguishers. Further reporting the issue to the firefighters. Abduction of infants, inmate escapes, drug theft, and even gun violence are some of the crimes committed in hospitals. These crimes can be avoided by a strong and effective security system to avoid these crimes. Establish integrated health information Exchanges, architecture, and national health information networks. The year 2020 recorded the concentration of most ventilators and hospital beds in India and found seven states that topped the charts. Uttar Pradesh, Karnataka, Maharashtra, Tamil Nadu, West Bengal, Telangana, and Kerala. Amongst which the highest number was recorded in UP (as shown in the previous page). Although the dynamics have changed now with an increase in the number of hospital beds and ventilators over the years. Besides taking these necessary steps; the latest tools and technology are the requirement of the emerging healthcare sector. To detect and protect people from waste, and acquired infections, systematic management systems, information systems, establishing hospital committees, planned…

Read More

CP PLUS Expands with State-of-the-Art, Futuristic Manufacturing Facility in Andhra Pradesh

CP PLUS, India’s leading CCTV brand, began producing surveillance devices locally in India in its Manufacturing facility in Tirupati, Andhra Pradesh 5 years ago. And since then, the brand has enhanced its manufacturing capabilities to reach the plant’s maximum production capacity of 1Mn units a month. Now to meet the growing demand, CP PLUS has put up another manufacturing unit in Kadapa District, Andhra Pradesh. With the production commencing in Q2, 2022-23, this new facility will have 3 times the production capability vis-à-vis the existing capacity i.e., 3Mn surveillance units per month, which will make it the world’s largest manufacturing unit for surveillance products, outside China and 3rd largest in the entire world when including China. The CP PLUS manufacturing facility Kadappa in the state of Andhra Pradesh has been integrated with the world’s latest Fuji made state-of-the-art technology SMT lines and semi-robotic assembly & packaging lines. All production area has been designed with ESD flooring, dust-free and air-conditioned environment to achieve world’s best quality of products. This manufacturing facility has a wide range of Reliability Test Equipment to ensure High quality of products manufactured and also to qualify for various certifications required in Tenders and by Govt. of India organizations like RDSO, AAI, PWD, Indian Navy etc. Aditya Khemka, Managing Director of CP PLUS expressed his intentions to further expand the production capacities manifolds in the future. “Backed by our R&D proficiency, we have plans in action to further augment our capabilities and become many times larger than the current size to produce 6 Mn units per month in near future to make our brand more and more Atmanirbhar in order to accomplish our PM’s dream and to make India truly self-reliant,” he said. “In addition, we have 10 acres of additional land for which we have firm plans to develop facilities for Backward Integration in the CCTV domain. CCTV & Recorders’ components like Housing, Cables, and Adapters among the others are placed in the first phase of manufacturing which will lead to an actual increase in Local Content in manufacturing and go another mile in the localization and indigenization process of CCTV manufacturing in India,” he continued, “With visible Govt. support, we do foresee Exports of Surveillance products in near future from this stupendous production facility.” All these areas of high-volume production, Backward Integration & Exports will attribute to a larger employment generation for the country, especially for Women as the brand’s current workforce consists of 90% of female workers. Manufacturing for other domestic and international brands, CP Plus has also become the largest Indian OEM and ODM as well, giving strong competition to Chinese companies and reaching the leading spot in the entire surveillance industry. CP PLUS is a pioneer Indian brand responsible for leading the security and surveillance industry in the country for many years now. Since its very beginning, CP PLUS has dominated the CCTV industry by introducing affordable solutions and a reliable sense of security to the general public and creating awareness about enhancing public safety. Now, the brand’s name itself has become a synonym for CCTV in many parts of the country. Being a leading brand in the surveillance industry, CP PLUS has successfully conducted hundreds of government projects, securing railway and police stations, air and sea ports, government institutions, public roads, and even entire smart cities. Currently, CP PLUS is also in talks with the Government of India to introduce the PLI scheme for the surveillance industry and also about amendments to the Public Safety Act to further improve Electronics Security for India and its public. The growth and popularity CP PLUS has witnessed every step of the way successfully placed the brand at the forefront of the surveillance industry, so much so that now CP PLUS is not just India’s No. 1 surveillance equipment manufacturer but also has the largest production facility for security and surveillance products anywhere outside of China in the whole world.  

Read More

Integration Streamlines in-Home Peace of Mind

The advances of technology have meant a dramatic rise in the amount of devices we use in our homes. In fact, the European smart home market is expected to grow to USD39.6 billion by 2025. This ranges from entertainment to practical everyday tasks like drawing curtains and dimming lights. But perhaps the most useful are those that allay our base fears around security in the home. Alarms, security cameras, and access systems are becoming increasingly popular as people strive to make their homes a secure and comforting haven – even within the context of their busy lives. Hikvison has a range of smart devices to provide that in-home peace of mind – and they can all be controlled from one place. Too much of a good thing With multiple devices comes a variety of different controlling mechanisms – usually one for each device separately. Remember the days when you had only one remote control for your TV, for example? Now you could conceivably have four or five for your entertainment system – TV, sound system, DVD player, satellite box etc. This is a kind of ‘tipping point’ – when technology advancement can cause frustration, rather than making your life easier. It’s this frustration that’s led to the popularity of systems that bring various elements of the home together. These range from smart speakers that allow the family to play music in different rooms, to apps that control lighting. And then there are the ‘digital assistants’ that can bring a number of IoT devices together all over the home. Imagine being able to do this for your security. A central indoor station can provide access to all your alarms and security cameras. And this can also be available on an app, so you can verify alarm alerts even remotely. Add to this the ability to control your access point – i.e., front door – and you start to see how an integrated security system can provide great peace of mind, rather than adding multiple ‘interfaces’ to your daily life. All-in-one indoor station Hikvision’s All-in-one Indoor Station provides a central device to be able to manage a homeowners CCTV, access control, alarm and intercom technologies. It has a range of functions allowing the user to keep an eye on all of these devices, giving them a holistic overview of their home security. If an intruder sets off an alarm, the system can provide a video ‘footage’ clip from an adjacent camera, thanks to smart linkages. They can see this on the pre-installed HikConnect app too, with added functionality of zooming in and out on the image, and fisheye mode for relevant cameras. The front door is usually where the home starts – and where the peace of mind also needs to begin. The All-in-one Indoor Station allows users to see who is at their door, and even let them in with the click of a button below the screen. This works too if they are using the app – so they can let someone in remotely once they have been able to verify their identity using the door intercom camera. Intercoms can also be fitted with two way intercom – which means the user can have a conversation with the visitor, either through the Indoor Station or their app. This is particularly useful in a world of multiple deliveries encroaching on busy lives. Open and simple to install The story for installers is great too. The Android (v10) base of the device means its open architecture, so adaptions and 3rd party software can easily be integrated. The user experience is continually being improved, making it intuitive – both for users and installers. The fact that this means they don’t have to install multiple devices to manage an in-home solution saves them a lot of time and cost. Alongside the HikConnect app is Hik-ProConnect – an app designed for installers to be able to manage and configure devices remotely. This also streamlines their aftercare efforts, with a wide range of activities being possible remotely, once they have their customer’s approval to do so. While technology enters our lives an increasing levels, the smart money is on the methods of bringing disparate technologies together. Open platform architectures and platforms mean more and more devices will be able to talk to each other. This is the beginning of the world of advanced IoT, where we start to really see the benefits of smart connected technologies in our homes. No more scrabbling behind the sofa for a remote!  

Read More