Cybersecurity-related incidents are becoming the norm- not an exception.
With a rise in attacks, cybersecurity is becoming complex for companies, who are battling their own business challenges with the onset of the COVID-19 pandemic.
“Solutions are a lot complex and we cannot be doing this on our own. We need to keep working with a lot of partners,” according to Jose Thomas, National Sales Manager, Axis India, SAARC, Axis Communications. He was speaking at W.Media’s ‘South Asia & Data centre Award Summit’.
The reason for the partnership is that the customer really knows his projects, which include a lot of devices as well. “So it is important to know what components are really getting involved into this and how do they include these components and how will they look at managing these components,” opined Thomas.
In today’s time, one cannot live in a world like an island because everything is interconnected, interoperable. Soft elements such as a partners’ confidence when it comes to cybersecurity approach also is key. “It also goes in terms of what policies the customer has and how they want to allow or not allow certain implementations. Since we have a lot of devices we cannot be verifying this at a single point,” stated Thomas.
He further added that there are a lot of devices and everyone talks about the good features of what it can offer. Everything has a vulnerability and building a response mechanism to these and being transparent and sharing the knowledge with customers is important.
“We follow a zero-trust policy for our devices because we clearly know that we are on the network and with the offering of video for which we are known in the market. We have also been connecting things around audio, access control and we understand the vulnerabilities that come in here.
It is about creating tools that will create clarity for the customer. It is also communicating the behaviour of the customers. We have a flexible policy to support customers and implement their policies. When it comes to software, we go a step further by not only delivering the devices but also take the moral responsibility of design and that is done with the help of the transfer of knowledge done by various partnerships.
When it comes to data and privacy, following compliances such as GDPR, NDA compliance, or following a standard that talks about GB/T 28181 (a Chinese Video Standard) not being there are needed.
“If these are not there it exposes the customers to backdoor attacks,” said Thomas. When it comes to crafting tools that can roll out thousands of cameras using the same access device management services and how do we create long term support for our customers. All of this comes as a package when we talk about a lot of things around compliance and governance.
India being a competitive landscape it goes without saying how an international brand addressing various customer needs can fit into the commercial environment here. Which is challenging but we do that effectively. Building the trust element with our partner is important,” added Thomas.
For effective data centre security, it is important that all the systems talk to each other and lay information and ensure that they don’t work as individual compartments.
“We are looking at integrated platforms where all these different security elements should plugin in a protocol-agnostic software. This should be able to pick up data from various security elements and at the front end, a process that data using AI and analytics and other tools that come as an individual software patch laid over the base software and provide the security team with situation awareness,” said Ashwin Ijantkar, Principal Consultant, Epsilon Design Consultancy Pvt Ltd.
It plays a major role in the design of data centres in today’s time to ensure that you have to have an integrated platform. I would always put it that way because security in a data centre comprises two elements, one is automated electronic security and physical security and these two have to be in sync. Only then it will be possible to use situation awareness platforms, added Ijantkar.
Thomas further pointed out that MeitY is yet to launch certain things with regards to personal privacy (Personal Data Protection Bill is yet to be a law). The final Law is yet to be in place.