Posted by “Insecure WFH setup can lead to data leaks considering the intentional financial motives in the given economic situation,” says GajShield’s Sonit Jain.
The WFH (work from home) culture is certainly witnessing an unprecedented rise, acceptance and adoption across many sectors amid the on-going COVID-19 crisis globally. Today, the WFH step has almost become the quintessential need for most enterprises and businesses today as part of their BCP (business continuity planning).
But they still face security risks and challenges of data leaks and breaches operating with a large remote workforce in an insecure WFH setup environment. And that’s where providing secured connectivity becomes the top priority and concern for CIOs and CISOs in most organisations. The use of firewall and VPN tools can help reduce many of the security risks and challenges linked with insecure WFH setup and remote workforce.
In this in-depth interview, GajShield Infotech CEO Sonit Jain talks to TechHerald.in on new security risks and challenges that organisations are facing with insecure WFH setup amid the pandemic, the security concerns of CIOs and CISOs and the changing face and approach of Firewalls and VPN tools with the evolving threat landscape.
He also discusses GajShield’s overall business in India and overseas plans, his company’s well-accepted flagship product GajShield Firewall and approach towards innovation and much more.
Edited excerpts…
Q1. What sort of new security risks and challenges Indian organisations and businesses are facing today that didn’t exist or were minimal in the pre-COVID-19 scenario?
Sonit Jain: Enterprises were always concerned about their security for critical data. This concern had kept them away from encouraging work from home (WFH).
But the COVID-19 pandemic has pushed the adoption of WFH setup for business continuity, increasing the need for securing these remote users. Such unmonitored and uncontrolled or insecure WFH setup can lead to data leak at a major scale, considering the intentional financial motives in the given economic situation.
Further to intentional leaks, the chance of unintentional data leaks is also at peak with a change in internal data handling. With the increasing risk of data leaks by these remote/WFH users, cyber attackers have also identified loopholes in this setup and have marked them as vulnerable users in the current setup and are exploiting them, opening an entry point to the enterprise’s network for an attack at a much larger scale.
This is to be controlled by bringing these users under the enterprise’s head office firewall and enforcing enterprise’s security policies for preventing data exploitation and protecting from threats.
Q2. In your interactions with CIOs, CISOs as well as business heads, which are their key security concerns amid this new rising work culture of WFH, collaboration platforms, online meeting tools and virtual conferences?
Sonit Jain: There has been a shift in the way enterprise operate today. Enterprise today have become data and application-driven and dependent. These applications both cloud and local, help enterprises to maintain their operations for business continuity. The key concern for CIOs and CISOs today is secured connectivity to enterprise application. They need the remote users to connect to these applications without creating any vulnerable entry points.
Moreover, when working remotely, these users blind the enterprises on their activities over the internet and cannot control them majorly because of the lack of the ability to enforce the security policies on them, creating misuse of collaborative business application for personal use and resulting in possible data exploitation.
These heads need visibility and control on these users with the ability to enforce enterprise’s security policies, restricting them from accessing malicious and vulnerable applications and websites while protecting from external threats, ensuring data security at all times.
Q3. Do you agree that the role of Firewall and VPN has become very crucial for the overall security in the WHF scenario? And are you observing key changes in these security tools in terms of functionalities with the cloud and mobile technologies becoming the new IT frontiers?
Sonit Jain: The threat landscape has changed with the adoption of modern work culture as cybercriminals find vulnerabilities and loopholes in this modern environment. But firewall has always been at the forefront of combating these threats, being the first line of cyber defence for enterprises.
Yes, we are observing a change in the way the need for both Firewall and VPN tool has to evolve with enterprises expecting it to be more than just a security solution with limited binary security capabilities for firewall and VPN as more than just a tool for creating security tunnel between the users and enterprises itself.
Data is the most critical asset for enterprises today and ensuring its safety is their priority. The traditional firewall is blinded by the new working normal. Firewalls have to not only evolve but have to go through a complete overhaul, considering the newer cloud adoption and the new normal mobile working culture.
It must gain complete visibility and control on each and every piece of information leaving the network. They have to adopt a newer data security approach that keeps data at the centre of all security measures to prevent data exploitation.
The firewalls have to help enterprises to step up from traditional allow/block binary security approach to modern “Allow But Monitor” approach, considering the sudden increase in work from home setup using collaborative business, cloud and SaaS applications, possible only if they have deeper data context visibility to ensure smoother and controlled operations, preventing data exploitation.
Q4. How has GajShield as an Indian security brand with its flagship product GajShield Firewalls managed to establish itself and survive in India’s security software market, highly dominated by global brands and MNC players?
Sonit Jain: GajShield as an Indian brand has always been accepted with arms wide open in both national and international market, majorly because of the product capabilities itself. Our “keep innovating” attitude has helped us keep our products updated with technologies and solutions that address the current need while being future-ready. We see that data today is a very important aspect of enterprises’ security measures. Experts agree that data leak prevention is the top priority for enterprises.
GajShield Firewalls have an integrated context-based network data leak prevention that helps organisations to secure data and prevent both intentional and unintentional data leak covering, various web, cloud and SaaS applications. This solution combined with our remote working solution, enterprise cloud can allow organisations to ensure data security even with the remote and roaming users.
Further to this, we give better visibility and control on the threat surface, helping enterprises to keep threats away. Our firewall stands up like a platform for enterprises to implement solution for email security, cloud security, secured branch connectivity with inbuilt SD-WAN capabilities and more to make us stand out from the crowded firewall space.
Moreover, being an Indian brand, we understand the Indian market very well. We have launched a multi-language 24X7 support for our customers who are comfortable to speak in their regional language for better customer experience.
Q5. Will the Indian government’s move to ban Chinese mobile apps, technology and products help Indian brands and companies particularly in the technology space? What’s your opinion and how much this will boost the Indian government’s “self-reliant” mission?
Sonit Jain: The ban for these apps, technology and products and the recent call on “Vocal for Local” will surely boost Indian brands and bring back the pride in accepting Indian products. While this is going to boost Indian brands and Vocal For Local platform acting as a launchpad for many Indian brands, the competition is going to be high and only technology fit companies will survive in the coming times.
As Indian brands use this opportunity to boast “Made In India” product, this power brings greater responsibilities on us. Brands have to ensure that the products we produce here in India are not just a replica of the ones we had been importing till now but an innovative and better stable quality product.
While we produce products for us here in India, we have to ensure that these products are created with an intention to match international standards and grab this opportunity to put Indian brands in the international market, manufacturing products and solutions that are “Made In India, built for the world.”
Q6. Can you talk about the customer base and the segments you are severing in India? And also what’s your take on Indian customers’ “price-sensitive” attitude and “conservative” approach in context to invest in security products and tools?
Sonit Jain: We have a customers base of over 10,000 customers across various segments including but not limited to Government, BFSI, Information technologies, F&B, Manufacturing, Education, Healthcare, Hospitality and more to name a few.
Indian enterprises by looking at the threats landscape that has drastically evolved today have understood the need for security and are open to implementing security to secure not only their network but also the now WFH users with a priority on ensuring data security.
One cannot put a cost to security when they experience an attack and they would want to protect from it at all cost. While we understand price is a sensitive component, we very well understand this and have been considering it in our pricing strategy.
Q7. How has been GajShiled’s security business in 1H2020 amid the pandemic and lockdown, in terms of demands of security solutions and products?
Sonit Jain: The demand for security products have grown multi-folds due to the recent COVID-19 pandemic. Enterprises have adopted the new work from home normal, creating a gap in security. This adoption has further implications with data security in particular.
For enterprises to keep their operation smooth and running will adopt a multi-cloud setup and it is predicted that almost 83% of enterprise workload will now move to the cloud, further complicating their security. A recent study suggested that over 34% of data breached involve internal actors with financial and non-financial motives, increasing the risk of data leak by these remote users up to 60%.
GajShield’s Enterprise Cloud solution is a small and lite agent that is deployed on the remote users’ computer. This deployment brings the remote users under the head office firewall and enforces all their traffic through it. It implements the enterprise’s security policies on these users with gaining visibility on their activities and controls how collaborative applications and business-critical data is being used, preventing from both intentional and unintentional threats.
Q8. Besides India, GajShield operates in overseas markets as well. So how has been the company’s overseas operations and business growth? What are your plans to further expand and enhance the overseas business in next one year?
Sonit Jain: Our presence in the overseas market is only growing stronger day by day. GajShield is present in the Middle East, Africa, Europe, South East Asia and many other countries through its partner ecosystem. We operate with our close partners in those regions who help us with understanding the market and the competitive landscape.
Our aim is to further expand our presence in these regions, reaching corners and creating a stronger presence with our strategic partners. We are further looking to expand our partner network in the overseas to help us achieve our goals. We aim to appoint twice as much as partners we have now in the coming 6-8 months creating a stronghold.
Q9. What is GajShiled’s approach towards product innovation and enhancing its firewall solutions?
Sonit Jain: We believe in our “keep innovating” mantra. We very well know the fact that it is the only technology that is key to fight cybercrimes and that customers eventually need protection. And we have dedicated teams constantly working on innovating and updating our product capabilities.
Currently, we are working on enhancing our user behaviour analysis to understand users’ actions based on data and security policies criticality. Further, we are also working on adding more functionalities to our data security line of solutions to give more protection against data exploitation. These developments need a team of talent with various capabilities across various functions and we invest in these functions around the year.