Category: Feature

Alexey Parfentiev, Senior Business Analyst, SearchInform SITA company’s security became compromised by fraudsters who copied personal data of Lufthansa, Air New Zealand, Japan Airlines, Singapore Airlines and about 4.5 million Air India passengers in the beginning of the year. The processing company could confirm the leak only a few months later. CNA Financial had to cover the ‘expenses’ brought by violators’ activity and pay $40 million to retrieve the breached data after a ransomware attack. Opting to pay ransom can not only be a high-priced choice but also an illegal one. How does ransomware needle through one’s network? An employee might open a malicious file, click a suspicious link, communicate with a violator and even keep doing the same mistake. There are monitoring systems which are capable enough or less powerful to deal with the most needed task. What should a company know to tell a strong proactive system from a solution with annoying limitations. For many companies a DLP system is a musthave solution when it comes to data leak prevention and protection from other insider threats. But customer experience while using a DLP is not always enjoyable. This article will comment on deserved and unfair reproaches to DLP systems, will clarify which are the natural limitations of such kind of systems and which are the drawbacks of particular products. Not enough functions to solve a task DLP systems have long outgrown their original purpose of data leak control. Now they are used for a much wider range of tasks within information, economic and human resources security. Today DLP solutions are true supertools. Nevertheless, a customer might need more and more functions. This often becomes clear soon after the deployment stage, as a customer ignores a full-fledged trial and relies on marketing description and third-party comparison tables. Testing does take your time in the beginning, but saves it notably when the real work with the solution begins. That’s why the actual implementation requires preparedness. Compile your own comparison table, test gradually each system and see how they work regarding the tasks you’re interested in the most. For example, one of our clients wanted to block file transfer by metadata, and other cases of file transfer were of no trouble for them. Before they purchased a DLP system, their company tried a few other solutions, and it appeared that those products didn’t manage to tackle this problem, although the brochures seemed to ensure this type of blocking. The functionality limits can also be associated with the fact that DLP systems use third-party technologies. Sometimes these are the whole engines, modules, platforms or even white-labeling a third-party product as a proprietary solution. As a result, vendors are limited by the functionality of someone else’s software and its development plan. This is a common problem for many DLP systems out there. We have decided to build our system based on our own engine, and we use it not only in our DLP but in other solutions as well. All other elements of our systems are also coded by our team. If a client needs some adjustment, error fixing or technical support we guarantee our help. Often a DLP appears to be limited in its functionality when a customer wants some specific features. If these features are crucial, and other customers might benefit from them as well, vendors tend to include these ones in their development plan. This is how we made integration with access control systems possible, and enabled joint work with BI systems, task managers, phrase search elements etc. Anyway, sometimes specific capabilities aren’t needed to solve the majority of client tasks, and the combination of existing software functions is quite enough. A client doesn’t necessarily know about it, the best practices are shared by a developer. But usually, vendors don’t include such an option, and technical support is their only customer accompanying. One more factor to consider – whether a vendor can offer anything besides a DLP. This system has become the central element of protection from any insider risks, that’s why when choosing it a customer chooses the whole ecosystem of other protection tools. If a developer doesn’t have such a product line, a company can face a problem of product integration. Often, it’s a complicated even unsolvable task, companies should think about it beforehand. DLP is difficult to deploy, it ‘eats’ a lot of resources This is one of the primary issues. Developers approach a DLP system functioning optimisation differently, as a result software solutions differ significantly as it comes to their ‘voracity.’ Despite the fact that vendors describe minimum technical requirements in detail, the deployment stage can still surprise you in a bad way. And the bigger the scope of deployment the higher the possibility of such an unpleasant surprise. There are two options. The perfect one is to launch a comprehensive trial period (deploy all the modules on a maximum number of computers). But this is not always possible. The second option is to ask the opinion of those information security specialists who use a DLP system on a number of PCs similar to yours. Be curious, let the interesting or difficult moments get shared by them. We work on minimising requirements to hardware. Last year we altered the architecture, and this allowed for DLP speed increase up to 30% and expand the variety of solved tasks – search for data in very large networks, for example. Earlier customers had to allot enough power, locate additional servers. Now our DLP requires 2-3 times less of server resources than many competitors’ solutions. The speed of deployment also matters, it’s not normal if it takes weeks or months. Processes can last longer if a client limits access or doesn’t have a technical specialist. Anyway, the optimal pace of deployment of a typical pilot version is a few hours. We guarantee it thanks to providing a customer with our technical specialist (engineer) and implementation specialist (who will teach a company how to work with the solution, help configure…

Firefighting is a race against time. Exactly how much time? For firefighters, that part is often unclear. Building fires can turn from bad to deadly in an instant, and the warning signs are frequently difficult to discern amid the mayhem of an inferno. Seeking to remove this major blind spot, researchers at the National Institute of Standards and Technology (NIST) have developed P-Flash, or the Prediction Model for Flashover. The artificial-intelligence-powered tool was designed to predict and warn of a deadly phenomenon in burning buildings known as flashover, when flammable materials in a room ignite almost simultaneously, producing a blaze only limited in size by available oxygen. The tool’s predictions are based on temperature data from a building’s heat detectors, and remarkably, it is designed to operate even after heat detectors begin to fail, making do with the remaining devices. The team tested P-Flash’s ability to predict imminent flashovers in over a thousand simulated fires and more than a dozen real-world fires. Research, just published in the Proceedings of the AAAI Conference on Artificial Intelligence, suggests the model shows promise in anticipating simulated flashovers and shows how real-world data helped the researchers identify an unmodeled physical phenomenon that if addressed could improve the tool’s forecasting in actual fires. With further development, P-Flash could enhance the ability of firefighters to hone their real-time tactics, helping them save building occupants as well as themselves. Flashovers are so dangerous in part because it’s challenging to see them coming. There are indicators to watch such as increasingly intense heat or flames rolling across the ceiling. However, these signs can be easy to miss in many situations such as when a firefighter is searching for trapped victims with heavy equipment in tow and smoke obscuring the view. And from the outside, as firefighters approach a scene, the conditions inside are even less clear. “I don’t think the fire service has many tools technology-wise that predict flashover at the scene,” said NIST researcher Christopher Brown, who also serves as a volunteer firefighter, “Our biggest tool is just observation, and that can be very deceiving. Things look one way on the outside, and when you get inside, it could be quite different.” Computer models that predict flashover based on temperature are not entirely new, but until now, they have relied on constant streams of temperature data, which are obtainable in a lab but not guaranteed during a real fire. Heat detectors, which are commonly installed in commercial buildings and can be used in homes alongside smoke alarms, are for the most part expected to operate only at temperatures up to 150 degrees Celsius (302 degrees Fahrenheit), far below the 600 degrees Celsius (1,100 degrees Fahrenheit) at which a flashover typically begins to occur. To bridge the gap created by lost data, NIST researchers applied a form of artificial intelligence known as machine learning. “You lose the data, but you’ve got the trend up to where the heat detector fails, and you’ve got other detectors. With machine learning, you could use that data as a jumping-off point to extrapolate whether flashover is going to occur or already occurred,” said NIST Chemical Engineer Thomas Cleary, a Co-author of the study. Machine-learning algorithms uncover patterns in large datasets and build models based on their findings. These models can be useful for predicting certain outcomes such as how much time will pass before a room is engulfed in flames. To build P-Flash, the authors fed their algorithm temperature data from heat detectors in a burning three-bedroom, one-story ranch-style home – the most common type of home in a majority of states. This building was of a digital rather than brick-and mortar variety, however. “Because machine learning algorithms require great quantities of data, and conducting hundreds of large-scale fire tests was not feasible, the team burned this virtual building repeatedly using NIST’s Consolidated Model of Fire and Smoke Transport, or CFAST, a fire modeling program validated by real fire experiments,” Cleary said. The authors ran 5,041 simulations, with slight but critical variations between each. Different pieces of furniture throughout the house ignited with every run. Windows and bedroom doors were randomly configured to be open or closed. And the front door, which always started closed, opened up at some point to represent evacuating occupants. Heat detectors placed in the rooms produced temperature data until they were inevitably disabled by the intense heat. To learn about P-Flash’s ability to predict flashovers after heat detectors fail, the researchers split up the simulated temperature recordings, allowing the algorithm to learn from a set of 4,033 while keeping the others out of sight. Once P-Flash had wrapped up a study session, the team quizzed it on a set of 504 simulations, fine-tuned the model based on its grade and repeated the process. After attaining a desired performance, the researchers put P-Flash up against a final set of 504. The researchers found that the model correctly predicted flashovers one minute beforehand for about 86% of the simulated fires. Another important aspect of P-Flash’s performance was that even when it missed the mark, it mostly did so by producing false positives – predictions that an event would happen earlier than it actually did – which is better than the alternative of giving firefighters a false sense of security. “You always want to be on the safe side. Even though we can accept a small number of false positives, our model development places a premium on minimizing or, better yet, eliminating false negatives,” said NIST Mechanical Engineer and Corresponding Author Wai Cheong Tam. The initial tests were promising, but the team had not grown complacent. “One very important question remained, which was, can our model be trusted if we only train our model using synthetic data,” Tam said. Luckily, the researchers came across an opportunity to find answers in real-world data produced by Underwriters Laboratories (UL) in a recent study funded by the National Institute of Justice. UL had carried out 13 experiments in a ranch-style home matching…

Healthcare facilities like hospitals, special healthcare centers and clinics have myriad of specialized protection requirements. What’s more, they require security, safety and hygienic environment for the patients, doctors, nurses and paramedical staff. Hospital and healthcare authorities should consider a smart healthcare solution to address various security, safety and hygiene challenges effectively. Specific requirements Hospitals and health care facilities are designed to be places of healing, recovery, and tranquillity. However, with high volumes of people constantly coming and going – visitors, volunteers, patients, and others – maintaining smooth operations and responding quickly to emergency events are becoming more challenging. Furthermore, recording the activities of hospital personnel, securing limited access areas, and keeping parking lots operating efficiently require intelligent technology. Some of the most common requirements for a hospital solution might include, ensuring around-the-clock safety for patients and staffs, quickly evaluating incidents for prompt event response, effectively managing access control and attendance for critical and restricted areas and centralizing operations for all the various systems. Smart healthcare solution Prama Hikvision’s Solution for healthcare facilities helps answer to all of these concerns and more with its advanced technology, powerful cameras, and reliable recording devices. Everywhere from guard stations to intensive care units, Hikvision products powerfully assist and protect healthcare facilities and personnel, making both security and management for hospitals easier and more intelligent. Temperature screening and face mask wearing alert thermographic cameras, temperature measurement walk-through detector and MinMoe face recognition terminal with temperature screening and face mask wearing alert, are helpful to manage large number of hospital staff, visitors, patients and doctors. Hikvision temperature screening solution, with multiple product types and wide range of applications, is designed for the detection of skin-surface temperatures so as to achieve rapid and safe preliminary screening in public areas with high efficiency in a multitude of scenarios. These include thermographic cameras, MinMoe terminals, metal detector door, DeepinMind NVRs and smart onboard terminals. A complete hospital solution requires the synergy of a number of systems – video security, panic alarm, and access control systems, to name a few. Hikvision offers advanced and comprehensive solutions that fluidly integrate all the moving parts, making setup and daily operations much easier for unique conditions. The solutions include following activities and requirements – reception to patient calling, internal calling system, doctor monitoring, paging in clinic, 2nd generation IP video intercom solution, IP VDP intercom clinic kit and analog video intercom solution. Prama Hikvision’s smart healthcare security solution covers nurse station to patient areas and other critical parts of the hospital. Command and control room I t offers powerful and unified security management to ensure quick response to alarms with advanced alarm management function. It effectively helps to manage access control systems including assigning permissions, managing user groups, and more. It also offers an intuitive dashboard showing the status of devices. It further helps to set up automatic health inspections and receive notifications of errors. Parking lots The parking solution helps efficient vehicle access management by reducing the labor costs with automatic vehicle entry by ANPR camera. It helps to manage the vehicle flow and entry/ exit records efficiently. It enables comprehensive monitoring for the entire parking lot with clear video both day and night. Entrance monitoring I t helps clear monitoring at all time by capturing sharp imaging at entrances even in high contrast conditions with WDR cameras. It uses people counting technology to record numbers of visitors for capacity control and optimized security. Lobbies and nurse stations I t helps enabling emergency response to sudden events. The solution helps detect and respond quickly to events such as a patient falling, with intelligent cameras. It helps efficiently display hospital floor map or health-related public announcement with digital signage, clearly record all works and interactions at reception or nurse stations. Pharmacies All-around protection with multiple systems helps keep pharmacies safe and secure. Strict and controlled access with face recognition terminals to ensure that only authorized persons can enter the premises. The solution keeps video log of all entry and exit records of the visitors. It monitors the indoor temperature and send alarm notifications if any temperature anomaly is found. Doctor’s offices The solution has compact video security cameras for routine monitoring. They record the daily work of doctors in case any medical arbitration is required. These cameras monitor offices during offhours to ensure the safety of all information such as patients’ clinical records or other medical information. Patient areas Thoughtful and efficient care is ensured by the CCTV monitoring of patient areas. The patients are provided a panic button to call for help in case of emergency. They can communicate easily with audio intercom (public broadcasting also available) Corridors Effective monitoring of all areas enhances healthcare security. It offers full view of the corridor without losing any detail with the specially-designed corridor monitoring mode (3:4 frame ratio). It helps utilize intelligent cameras to monitor sudden events, enabling quick responses. These solutions are available in two categories of healthcare facilities – hospital solutions and clinic solutions. Safety and hygiene through Prama Hikvision intercom (VDP) solution This solution can be used for doctor to patient as an intercom (VDP) solution. Further, it can be used for reception desk for patients. It can be used to effectively communicate between nurse, doctor and patient in the hospital. DS-KD9613 is FRS unit, which is having face+biometric+card access. Visitors either call to reception or patient room. After the visiting hours visitors can contact patients. It can help maintain social distance in hospitals and health centres. Doctors, nurses and other regular paramedical staff of the hospital can directly use facial recognition terminals for their touch free entry and attendance in the hospital. EZVIZ solutions for healthcare EZVIZ camera can be installed in the isolation ward of each patient using Wi-Fi, then to install EZVIZ app on the doctor/ hospital mobile/ laptop, and to add all cameras on the app with name of the cameras as patient name/ id. One can monitor patient remotely from anywhere whenever possible using mobile…

Sandesh Kaup, Country Manager, Milestone Systems, India & SAARC The 2020 pandemic is one of the biggest watershed moments in modern history. In the last year, we have seen the world coming to a halt. However, thanks to technology, we were able to find new ways to carry on, to connect, and work remotely. The video management system (VMS) industry, too, is guided by the responsibilities to invent, innovate, and leverage technology progress to enable the world to thrive in the new next. In the coming months and years, we can expect to see more innovative and emerging technologies coming together and forming new trends. Here are the four megatrends that we see will influence and impact the industry in the coming times. Formative AI Formative AI is a megatrend, an umbrella term shaped by emerging technologies of preceding years – Aggregation, Automation, and Augmentation – that can dynamically change in response to situational variances. It demonstrates how fast-emerging technologies are forming new trends. As per Gartner, formative AI will be used to streamline mathematical and machine learning models and will be fine-tuned over time. It will impact technologies such as AI-augmented design, AI-augmented development, ontologies and graphs, small data, composite AI, adaptive machine learning (ML), self-supervised learning, generative AI, and generative adversarial networks. Formative AI enables application developers and UX designers to create solutions using AI-enabled tools with real-time interactive feedback to improve the usability of software and intelligent products. The most advanced can generate novel models to solve specific problems. Gartner predicts that future machine learning models will be based on Formative AI, which will impact technologies such as AI-augmented design, AI-augmented development, ontologies and graphs, small data, composite AI, adaptive machine learning (ML), self-supervised learning, generative AI, and generative adversarial networks. Distributed Cloud Distributed clouds are cloud services that are distributed to different physical locations, where the operation, governance, updates, and evolution of the services are taken care of by the public cloud provider. Distributed cloud is also termed as the next generation of computing, as it retains the advantages of cloud computing while extending the range and use cases for the cloud. Distributed cloud is the first model that incorporates the physical location of cloud-delivered services as part of its definition. In earlier models, the location was never factored into the service, which inspired the term ‘cloud computing. Specifically, the proposition of enabling low latency compute with the distributed cloud is essential to the VMS industry, where moving a significant amount of data from physical on-premise sites is simply not an option. In the distributed cloud, computing can also happen at the edge, if required. With the distributed cloud, evolving models of cloud computing can be leveraged for every business opportunity. Composite Architecture According to Gartner, a future ‘composable enterprise’ is designed to respond to rapidly changing and decentralized business needs with packaged business capabilities built on a flexible data fabric. Composable enterprise embraces the API (Application Programming Interface) approach delivering business outcomes through the assembly and combination of packaged business capabilities. Composite architectures enable integrated enterprises to work seamlessly and change with the requirements without having to rebuild or reinstall the entire solution. It enables an open data fabric to serve a variety of core and add-on solutions. Digital Ethics With changing intricate technology that deals with users’ data, the ethical use of technology plays a very important part. Until now, ethics was mostly centered on compliance and risk. In the upcoming times, digital innovation governance will not just be a compliance metric but the basis of business operations. Ethics must be a key offering in the business, with digital ethics linked to concrete business key performance indicators. One of the trends within digital ethics is Responsible AI which focuses on ensuring ethical, transparent, and accountable use of AI technologies in a manner consistent with user expectations, organizational values, and societal laws and norms. Responsible AI can guard against the use of biased data or algorithms, ensuring that automated decisions are justified and explainable. Organizations can initiate their active role in promoting the responsible use of technology by signing end user license agreement (EULA) with their partners, which is a legally binding agreement between partners, solution providers, or even associated software and hardware components, media, printed materials, online or electronic documentation, and any updates or corrections. Organizations can also sign the Copenhagen Letter, a technology declaration that Milestone co-authored to aspire to open an honest public conversation about the power of technology and how technology should enhance the quality of life and adopt a corresponding Copenhagen Clause into their own agreements. These four new megatrends and the acceleration of emerging technology adoption in the last year have placed video technology at the frontline of new creative demand and opportunity in the VMS industry and adjacent markets like retail, transportation, and smart cities. The underlying technology of physical security systems that have been used for security, loss prevention, and access control is now taking on new types of use cases such as heat mapping in public spaces, crowd counting, improving the retail experience etc. For instance, video analytics analyses the behavior of the objects captured and reports if any unusual movements or abnormality is detected in the footage. Thermal cameras and crowd counting solutions, likewise, can be integrated with an open video management system to help alert authorities in real-time if a spot gets too crowded and where social distancing norms are flouted. Again, in retail stores, video analytics are helping store managers manage footfalls and help customers avoid close contact inside the store by designing single flow routes and store exit points, where people can avoid meeting one another. Also, in addition to assisting in complying with COVID-19 guidelines, these technologies are being employed to protect employees’ and customer’s health when we ultimately re-open for business.   

By Vikas Bhonsle, CEO, Crayon Software Experts India As more and more IT systems are outsourced, zeroing in the best cloud providers is critical to long-term success. The market is already vast, with different brands offering large numbers of services. Apart from the big providers like Microsoft, Amazon and Google, there are also smaller niche players, who provide bespoke services. With too many choices to opt from, you must put down the selection and procurement process appropriate as per the needs. The right time to select a cloud provider I t is significant to understand the requirements of a business before choosing a cloud service provider. Clarifying the specific requirements and minimum expectations in advance, while assessing providers ensures that they are compared against the requirement checklist and not against their competitors. It is a faster way to narrow down the list of providers. With more clarity on the requirements such as technical, service, security, data governance and service management, you will be better prepared to interrogate and negotiate with your potential providers. Common areas to focus while choosing a service provider Apart from the unique requirements that a company will have from a cloud provider, there are some common areas of focus during any service provider assessment. 1. Certifications & Standards Providers must comply with recognised standards and quality frameworks, which demonstrate adherence to industry best practices and standards. This may not only help to determine which service provider is best to choose from, but they can be very helpful in shortlisting potential suppliers. 2.Technologies Integration & Migration Services The cloud provider’s technology must support the cloud objectives of your organisation. Assess what migration services they can provide and how much customisation is required to integrate with their platforms. In the case of some providers offering limited services, understand if any third party support is needed and if the platform provider can recommend any that have experience and extensive knowledge of the target platform. 3.Support For SaaS (Software as a Service) providers, a roadmap of features, service and integration is highly desirable. Depending on the particular cloud strategy, companies may also want to evaluate the overall portfolio of services that providers can offer. If you plan to use separate services from a broad mix of providers then this is not very relevant, but if the preference is to use only a few key cloud service providers, it is important for the providers to offer a good range of compatible services. 4.Data Management Data management and security are currently of foremost importance. You can opt for providers that give the best choice and control regarding the jurisdiction in which the data is stored, processed and managed. Cloud service providers should be transparent about their data centre locations, but you should also be proactive in finding this information. Assess the data encryption strategies of the provider and the measures that they take to protect data. Look to understand the provider’s data loss and breach notification processes and ensure they are aligned with your organisation’s risk appetite and legal or regulatory obligations. 5.Service Dependencies & Partnerships Certain factors such as the service provider’s relationships with their key vendors, their accreditation levels, technical capabilities and staff certifications can be crucial in choosing the best provider. It is pivotal to uncover any service dependencies and partnerships involved in the provision of cloud services. For example, SaaS providers will often build their service on existing IaaS (Infrastructure as a Service) platforms. Thereby, it must be clear how and where the service is being delivered. 6.Contracts, Commercials & SLAs Cloud agreements and SLAs should specify how issues should be identified and resolved, by whom and in what period. Look for a clear definition of the service and deliverables. Get clarity on the roles and responsibilities relating to the service (delivery, provisioning, service management, monitoring, support, escalations etc.). Scrutiny of these terms is vital, as often service credit calculations are complex – ask for worked examples or give all shortlist providers the same imaginary downtime scenario and compare different compensations offered. 7.Reliability & Performance Several methods can be employed to measure the reliability of a service provider. First, check their performance against their SLAs for the last 6-12 months. Secondly, know how the provider deals with downtime, as it is inevitable with most cloud services. Also, there should be documents and proven processes for dealing with planned and unplanned downtime. Get clarity of their methods and practices of communicating with customers during times of disruption. This includes their timeliness, how do they prioritise and what is the severity level assessment of issues. 8.Migration Support, Vendor Lock in & Exit Planning Cloud providers may use proprietary technologies, which lead to vendor lock-in during exit, meaning that a customer cannot easily transit to another provider, as the technology will not be compatible. It can impact portability to other providers or in-house operations. It is especially true if applications have to be re-architected in order to run on a service provider platform. It is eliminated by ensuring that the chosen provider has minimal use of proprietary technology. Similarly, ensure there is a clear exit strategy in place at the start of the deal. Moving away from one cloud service provider isn’t always an easy or smooth transition, so it’s worth knowing their processes before signing a contract. Furthermore, consider how the data will be accessible, what state it will be in and for how long the provider will keep it. 9.Business health & Company profile Assessing the technical and operational capabilities of a potential supplier is important. At the same time, the provider must be in the best financial health and profile. The most compatible or competitive cloud service is immaterial if the provider doesn’t have a sound business. Contractual assurances and good intentions cannot save the day, if the providers get into financial troubles and do not have the resources to refund the losses. Check if the organisation has had entangled legal history and how they have been…

Shibu Paul, Vice President – International Sales at Array Networks 2021 is the dawn of a new decade, with the new decade the Indian tech industry is ready to witness a revolutionary change surrounding various factors and one of the most important factors that is to undergo this change is ‘cybersecurity.’ This change is validated with the continuous emergence of reports on the increasing number of cyberattacks against India’s government agencies, private organizations and individual users. According to a report by Kaspersky, India witnessed 36 million cyberattacks between January and November 2020, whereas the number of attacks in 2019 for the same months was 18 million. This only emphasises the need for a better cybersecurity measure to be brought in to keep the data safe from cyberattacks. multi-factor authentication (MFA) is one of the best ways to keep threat actors at bay. In 2020, many organizations had to do a complete overhaul of their cybersecurity measure, a few other organizations had to rejig their security features, especially with remote working culture coming into the picture. All of this leads to one problem – IT Complexity. The best solution for IT administrators is to provide easy safety access for employees who are remotely logging in. Using Array’s AG series secure access gateways, organizations can provide tokenless, secure and easy-to-use multi-factor authentication. Through interoperability with 3rd party dual and MFA solutions, the AG series adds an additional layer of defense against unauthorized access and misuse of data and applications. Using this, administrators can adapt the level of support needed using contextual information such as login behavior patterns, geo-location and type of login system being accessed. Many a time threat actors find it easy to breach the security set up by IT administrators due to the loopholes that come into existence as a result of complex cybersecurity setup. If MFA is provided at the user end, there will be an additional security that will help the users prevent any sort of breach from their end. This will in-turn help in avoiding identity theft, use of stolen credentials, avoiding data breaches due to malicious attacks and so on. While firewalls and antivirus solutions keep the systems safe via backdoor entry, it’s MFA that guards the front doors. As per global multi-factor authentication (MFA) market report, the MFA market revenue which was $8,967 Mn in 2019 is estimated to reach $16,105 Mn in 2025, with a CAGR of 10.25% during 2020-2025, thus showcasing the opportunity and the demand MFA is set to rise in the next five years. This leads to the question of why now more than ever MFA is of importance. MFA is easy to implement and is considered an inexpensive security add-on by IT administrators. It is considered beneficial as it will enhance the organization’s security by requiring users to identify themselves by more than a username and password. Using MFA an organization can achieve compliance, increase flexibility and productivity by bringing-in stability with streamlining login process and it complies with single sign-on (SSO) solution. While providing cybersecurity is now a complex matter since the threats posed by the actors is equally proportional in complexity, a simple add-on such as multi-factor authentication helps take users and organizations one step closer towards keeping the data safe.  

Until now, it has been difficult for remote sites and operations to protect their people and assets – especially where no power supply or fixed networks are available. Now, there’s a simple, practical, cost-effective solution to this challenge in the form of Hikvision’s Solar-powered Security Camera Setup. The challenge of protecting remote and rural sites All kinds of remote and rural sites require constant security monitoring, from farms and fisheries, to forestry operations, oil and gas pipelines, and even national parks. The problem is that these kinds of sites are frequently ‘off-grid,’ lacking the power and fixed network connectivity needed to deploy security monitoring cameras. As an additional challenge, many sites have only temporary security requirements, making the cost of deploying ‘fixed’ cameras prohibitive. This is the case for open air music festivals, political rallies, and many other events. A range of other sites and operations also have short-term monitoring needs, from construction sites to temporary road maintenance works. Meeting security requirements at these kinds of remote and temporary sites requires a new kind of ‘standalone’ solution – one that can operate independently, without physical connections to either the energy grid or to a fixed network. Additionally, standalone solutions should be fast and simple to deploy, highly durable to withstand the most adverse weather conditions, and affordable enough to meet the needs of all kinds of remote sites and operations. Boosting security with Hikvision’s Solarpowered standalone solution To help remote operations to boost their security, Hikvision has created the Solar-powered Security Camera Setup. This solution uses a 40 Watt photovoltaic panel and a highly durable 20 Ah rechargeable Lithium battery to power a Hikvision EXIR Fixed Bullet Solar Power 4G Network Camera. Because the Solar-powered Security Camera Setup uses solar power and includes a micro SIM card for connectivity with the 4G network, there is no need for fixed power or network cables on site. Additionally, operators can monitor, review, and store footage remotely, 24 hours a day, 365 days a year. Key benefits for remote sites and operations Using the Hikvision solution, remote sites and operations can boost their security quickly, easily, and at low cost. With no need for a fixed network or power supply, and simple installation that can be carried out by just one person, the solution can be rolled out in hours – with very little need for ongoing maintenance or support. Key benefits include: High-quality imaging for fast, effective incident responses The Hikvision EXIR 4G Network Camera provided with the Solar-powered Security Camera Setup offers high resolution imaging (1920×1080 pixels @30fps). Additionally, the camera provides very clear images even where strong back-light exists due to Hikvision’s 120dB true wide dynamic range (WDR) technology. The excellent quality and clarity of video imaging means that operators can quickly identify and react to security incidents at remote sites – helping to reduce negative business impacts. 24×7 security monitoring – in any weather The product employs BMS (battery management system) in its 20Ah Lithium battery, which ensures the optimal use of the battery energy. With its smart power management features, the Solar-powered Security Camera Setup provides up to 7 days of operation during cloudy or rainy periods when fully charged. Its 4G camera further adds a 32GB eMMC (embedded multimedia card) besides the SD card, this ensures continuous video recording when there is an anomaly with the SD card or the network environment. Additionally, the self-sufficient unit is waterproof (accredited to the IP67 standard), and windproof (with a hurricane rating of 12). All this means that operators can continue monitoring and securing their remote sites without interruptions – even in the harshest and most challenging weather conditions. Rapid, simple, cost-effective installation A single person can install the solution at remote sites, making the process fast, easy, and cost-effective, thanks to its lightweight design. The pole mounted unit weighs just 14kg, and there are no complex cables to connect – further reducing deployment time and complexity. This speed and ease of deployment significantly lowers barriers for remote sites and operations looking to boost their security. It is also a major reason why it is the ideal choice for temporary sites such as construction sites and road maintenance sites. The key features of the Hikvision Solarpowered Security Camera Setup High quality imaging with 2MP (1920×1080 @30fps) resolution. Clear imaging against strong back light with 120dB true WDR technology. Ah rechargeable lithium battery with 7-day operation even in cloudy and rainy weather. 40-Watt photovoltaic panel for standalone operation. Support battery management features, including battery display. Battery high/ low temperature protection and charge/ discharge protection, with low-battery sleep protection and remote wakeup features. 4G Micro SIM card with LTE-TDD/ LTE-FDD/ WCDMA/ GSM transmission capabilities. Water and dust resistant camera (IP67 certified).  

Nikhil Korgaonkar, Regional Director, India & SAARC, Arcserve Cyber Security Ventures predicts that global data storage will exceed 200 zettabytes by 2025. To understand the quantum of this you can say, if each terabyte in a zettabyte were a kilometer, then 200 zettabytes will be equivalent to approximately 260,000 roundtrips to the moon. This data will come from data stored on private and public IT infrastructures, utility infrastructures, private and public cloud data centers, personal computing devices such as PCs, laptops, tablets, and smartphones, and IoT (Internet of Things) devices. Protection of this data is most crucial for any enterprise. Even the strongest of firewalls don’t guarantee complete protection for enterprise data – the actual wealth of any organization. A forefront defense firewall is part of the drill, but there must be a foolproof data protection plan at the end. In 2021, enterprises will see the next phase of changes in data protection trends as they are experiencing tech-tonic shifts brought about by digital transformation in 2020. 1. Remote Workforce Security and Data Protection Gartner lists ‘securing your remote workforce’ as the topmost security project for 2020-2021. In the first quarter of 2020 when enterprises were forced to migrate their entire workforce to remote work almost overnight, IT became busy creating safe and efficient remote access to the enterprises’ files and applications. The focus was security from a network and data perspective. Due to the critical nature of data which was now cloud-based and distributed, enterprises had to rely on hasty and last-minute security infrastructures which opened doors to cloud-based attacks. Cybercriminals took full advantage of this disruption in the workforce norms and increased phishing and ransomware attacks on the remote workers. Today, remote desk protocol (RDP) is currently considered the number one attack vector for ransomware, and even virtual private network (VPN) appliances are not able to save the situation entirely. What enterprises need is data recovery resilience in the face of increasing cyberattacks and IT disasters. With more data getting stored in the cloud, companies will need to develop more robust plans that aggregate and protect distributed data in line with new vulnerabilities in 2021. At the same time, the IT teams must track and secure non-compliant and compromised devices as they are still being used in remote settings. 2. Customer Data Protection Initiatives I gnoring data protection and privacy norms is a blunder businesses can make especially when it comes to customer data. Research shows that almost 60 percent consumers will stop doing business with an organization that has experienced a cyberattack in the past year. The data also indicates that one in four consumers will jump ship to a competitor’s product or service after a single ransomware-related service disruption. That’s a steep price to pay for letting customers down, and it’s not a surprise that so many enterprises are taking steps to ensure they provide the highest level of data protection for their users. 2021 should see enterprises prioritizing user data protection in both new and existing initiatives. They are likely to make use of technology to detect and resolve internal and external threats to data security. At a broader level, the Indian government is in the process of finalizing its personal data protection bill. The bill is expected to establish a data protection authority to protect personal data of individuals and create a framework for processing such personal data. 3. Enforcement of Data Protection Regulations and Compliance Data regulations are important. They ensure enterprises follow the same set of standards when protecting, sharing, collecting or storing sensitive data. Around 66 percent countries in the world have passed their own national data protection laws such as the European Union’s General Data Protection Regulation (GDPR) and Singapore’s Personal Data Protection Act (PDPA). India is in the final approval stage of its data protection bill which is expected to be presented to the parliament this year. While countries are taking precautions and creating guidelines to create a safe data economy for their businesses and people, it’s unfortunate that enterprises don’t take it as seriously as they should. Companies, globally often don’t play by the rules and the annual cost of noncompliance to businesses runs at a staggering average of $14.8 million, according to a Ponemon Institute report. Interestingly, it is seen that the cost of compliance to an enterprise is often much lesser than that of non-compliance. As we move into 2021 and remote work and cloud adoption continue, it is hoped that enterprises will go in for an increased enforcement of regulations and data privacy laws. 4. Data Protection from New Ransomware Techniques Ransomware techniques will become more sophisticated and innovative. For instance, there will be ransomware ‘families’ that will refine their tactics, techniques and procedures to become more evasive and finesse their sophistication, targeting multimillion-dollar business. Then there will be an increase in the number of entry-level, apprentice-type ransomware attackers offering ransomware-for-rent, or ransomware-as-as-service, allowing targeting of high volumes of smaller prey. ‘Secondary extortion’ will increase where attackers steal and threaten to publish sensitive or confidential information if their demands are not met. This brings us back to data protection. Ransomware and other cyberattacks will not stop. An enterprise can deal with all kinds of ransomware attacks provided it has invested in data protection and recovery. According to a recently released Sophos 2021 Threat Report, organizations are hard-pressed to predict the evolution of cyber threats because ransomware gangs are constantly devising new tactics to hold critical data hostage and solicit ransom payments. Enterprises, therefore, must take a proactive approach through an integrated first and last line of defencs that offers ransomware prevention, detection and removal, and if automated data restore to on-site and cloud targets. Integrating cybersecurity and data protection as a coordinated deployment is critical for an enterprise. Arcserve’s new X Series Appliances integrate both and are designed to create a robust system scalable for enterprise data centers. These appliances uniquely combine deep learning endpoint protection and on- and offsite disaster recovery with over…

Shibu Paul, Vice President – International Sales at Array Networks Vulnerability is a costly affair for organizations. Every data stored within the organizations carries its own value, but without the right networking and security measure, all efforts to keep the data safe from attackers come to nought. Every year companies face new forms of threat and experts come up with new ways to fight those threats, for example, the pandemic witnessed in 2020. While the pandemic is receding in India, companies are still contemplating returning to office. Remote working is now a part of the work environment. Even new recruits are being given an option to work remotely by many. Strong networking is now necessary more than ever and 2021 is ready to witness trends in networking and security to fight threat actors. So what are the networking trends of 2021? Network automation: Applications in any organization today range from traditional to cloud-native. In situations like these, it is not easy to manage the applications. So to have speed, agility and consistency in the operations organizations resort to network automation. According to a recent survey the pandemic has boosted network automation to the top 70 percent to help organizations navigate the changes. Zero trust: Traditional security parameters are time and again proved to be ineffective with more high-tech targeting tactics. In order to fight threats at micro-level while authenticating every request to gain access into the network at every point, experts advise on implementing zero trust. By 2027 at 19.71% CAGR, the zero trust security market is projected to reach $94.35 Bn and this is the indication of the important role zero trust is to play. SD-WAN: Managing a branch of networks is not a simple task and neither is cloud connectivity. To manage several networks and for faster cloud connectivity, organizations are now resorting to a Software-defined wide area network (SD-WAN) which is a virtual WAN architecture. Experts believe that due to unforeseeable reasons by 2020 the demand for SD-WAN had reduced; however, with the new work culture like remote working or hybrid work environment the demand is expected to increase. The work processes shifting from traditional to cloud is also an indication of the possibility of SDWAN’s demand increasing. Cybersecurity mesh: To achieve scalable, flexible and reliable security, the concept of cybersecurity mesh is popular. For intensified remote working like the current times, there is a need to protect data from external and sometimes internal threats and cybersecurity mesh is the right approach. IoT and network edge: The point where an enterprise-owned network connects to a third-party network is called network edge. With the overflow of data, many data centers and devices experience strain. To remove this strain from DCs, the network edge physically moves the computation part from DCs to the edge of the network. By offloading network traffic not only can edge computing conserve the network resources, it will in turn also reduce network latency and bottlenecks. SASE: By implementing Secure Access Service Edge (SASE) organizations are revamping their network architecture. With SASE companies can now allow remote working, enable IoT endpoints and aid teleworkers. SASE is the closest solution for organizations that have distributed workforce but decentralized infrastructure as they would need a different security posture as part of that architecture. Internet of behaviors (IoB): IoB which is an extension of IoT refers to the interconnection of devices resulting in a vast variety of new data which links to the behaviour of people. Gartner predicts that by 2023 individual activities of 40% of the global population will be tracked digitally to influence behavior. To manage such a vast variety of data a strong network solution is required which would avoid the websites or the organization’s platform from collapsing. Hybrid work model: The hybrid work model existed before the pandemic hit the world, however, it became necessary and relevant with the onset of the pandemic. The key to the hybrid work model is digitalization and for a strong digitalization process, networking is of utmost importance. For a strong hybrid work environment the network products and services should be updated and state-of-the-art, hence making the work model successful with reduced risk factors.