ACPL Systems convinces NIIT to benefit from DLP

Channelworld.in >>
Case Study >>
ACPL Systems convinces NIIT to benefit from DLP

By Yogesh Gupta on Oct 15, 2010

Executive Summary

An existing client for Websense for web security filtering in a small module, NIIT Technologies started evaluating various DLP solutions in the technology market. “Even though NIIT was not our existing customer, we had proposed Websense to NIIT while trying to sell them DLP last year,” says Sukhpal Singh Sandhu, Head - Information Assurance, ACPL Systems. Websense and ACPL seemed a right combination for a complex technology like DLP. The vendor knew we were fast threading the learning curve than other solution providers in the field, feels Vishal Bindra, CEO, ACPL Systems. Finally in 2010, ACPL Systems got its first client in software development line, thanks to its perseverance over past seven years, a firm footing in DLP technology, and a bit of help from the vendor, Websense.

In early 2010, an enquiry for complex DLP solution from NIIT Technologies was a pleasant surprise and a daunting task for ACPL systems. The Delhi-based end to end security solution provider is a prominent name for securing the IT infrastructure of enterprise customers across India. “We were pursuing the customer with various products and solutions like anti-virus, firewall, and others since 2003, as we do with other prospective customers. But, unfortunately, never managed to win a single deal out of that customer,” recalls Vishal Bindra, CEO, ACPL Systems.

Finally in 2010, it bagged a deal from the same customer for a complex DLP installation. The perseverance paid off but it was a tough challenge ahead because ACPL Systems had not done a DLP implementation for a software development company of the size of NIIT Technologies.

Knocking Down Doors

NIIT Technologies is a global IT solutions company targeting BFSI, logisitics, transport and other verticals. The company also provides cloud services and managed services to an industry which is very heavily regulated by compliance, says Kaushal Chaudhary, CISO, NIIT Technologies. The key need was to adhere to intellectual property rights and protection of confidential customer data and avoid any data leakage.

An existing client for Websense for web security filtering in a small module, NIIT started evaluating various DLP solutions in the technology market. After short listing Websense, they contacted the security vendor. Websense in turn introduced NIIT to ACPL Systems as an implementation partner, informs Chaudhary. “Even though NIIT was not our existing customer, we had proposed Websense to NIIT while trying to sell them DLP last year. As NIIT is a software development house we were in touch with them to look at DLP solution to enhance their security posture,” says Sukhpal Singh Sandhu, Head - Information Assurance, ACPL Systems.

ACPL have done largest deployments of DLP in Asia for Websense including large enterprises in the telecom, manufacturing and automobile industries. “Websense and ACPL Systems seemed a right combination for a complex technology like DLP. The vendor knew we were fast threading the learning curve than other solution providers in the field,” feels Bindra. Also the experience of already having done large enterprise deployments tilted the deal in our favor.

Hence, ACPL Systems got its first client in software development line, thanks to its perseverance over past seven years, a firm footing in DLP technology, and with a little bit of help from the vendor, Websense.

THE BIG WIN

There were other top vendors and their SI partners in the competition. “Websense enjoyed a leadership in various surveys by leading research companies. Also this solution meant less number of devices, less management, less trouble which meant low TCO. The alerts in solution matched with our requirements and pricing was better than other DLP solutions in the market,” says Chaudhary.

The main drivers for NIIT to deploy a DLP solution were risk reduction, cost savings, compliance support, policy enforcement, data security and threat management as per Sandhu. They were looking for some solution for protecting their confidential information as they were suspecting some kind of mischief.

After couple of meetings, ACPL suggested a small POC to demonstrate and put DLP solution into their network. “After one and half weeks, we assured the customer to see security alerts such as if information is going out, what kind of information is going out and related issues,” says Sandhu. DLP has the capabilities of tracking all possible channels for security breach including email, browsing, data on pen drive, print this info, copy on network, share on IM, p2p, etc. “We got this order purely on the basis of superiority and completeness of the solution which was demonstrated to the customer during the POC,” says Sandhu.

Exceeding Customer Expectations

Since the lead was generated through Websense, ACPL Systems, as a reliable DLP partner, had to succeed and keep the principal trust alive. NIIT’s expectation was to ensure that company confidential data shouldn’t leak or go to unauthorized persons though any data flow channel like email, web, printing, external storage devices, etc, which was successfully achieved during the POC. ACPL Systems put DLP solution in place at the NIIT datacenter in Noida. “In monitoring mode, DLP solution does not interrupt anything, but monitors the entire network. The POC did highlight few security breaches and NIIT was confident that the solution was powerful,” informs Sandhu.

ACPL Systems had the core group meeting to discuss the customer expectations, what all resources would be required, what kind of documentation requirements would be there and other aspects. “We had a customer who is very aware and highly sophisticated in its need, we had to ensure we can deliver our best to them,” he adds.

The datacenter was an integrated common mail server and common internal gateway. The entire traffic in NIIT domain was monitored including attachments and capturing of incidents. Websense Data Security Suite - Data Loss Prevention Solution comprises of lot of default templates including compliances like SOX, ISO for different departments like HR, sales, finance and others. The templates were enabled with discussion and as per customer needs.

NOT EASY BY ANY MEANS

Integration was done with the email system and web proxy system, which was already in place in NIIT’s infrastructure. The main challenge was mapping of the business processes to polices, identification of broken business processes, data classification and incident management process, says Sandhu.

“NIIT's advanced understanding of IT and IT processes required us to be extra vigilant to ensure there are no hick ups,” says Sandhu. On the other hand it did not cause problems in data classification as they had understanding where the data belonged and how much important it was. Only thing which was difficult in case of NIIT was the software code policies for which some special signatures had to be written. “Rest all the business process was same as that of other companies where we had done the deployment,” says Sandhu.

Bindra at ACPL Systems adds, “The main problem is to secure the various source code of customer used for software applications as it is an ongoing process. Classification of data (important and non-important) is a time consuming factor but that is a typical DLP solution. ACPL Systems had to develop newer templates in accordance with Websense as per customer requirements.”

The Fine Tuning

Though there were no challenges business wise, implementation wise, there was lot of fine tuning needed with respect to alerts of senior employees and their attributes, says Chaudhary at NIIT Technologies. “Understanding domain of clients was a major issue for the ACPL team. If a project of our client gets closed, then client domain still has to be live for any other project in future,” he points out.

Every vertical has its set of confidential data. Each department has their own restrictions of certain information to be viewed or attached by certain set of people including keywords, attachments. All these crucial business information was mapped onto the technology side of DLP solution. Workflow is the key in DLP which alerts the incident manager whether it is genuine need or not. To make each process owner understand the entire DLP cycle of monitor, alert, restrict, protect took some time says Sandhu.

“As database of alerts become huge, it will be difficult to manage this huge number. Classification and monitoring of datalogs need to be reviewed regularly with respect to aspects like what duration, in accordance with regulations,” says Chaudhary.

NIIT Technologies is implementing the DLP solution phase wise. Chaudhary reasons, “Such solutions have resistance to change from employees as there are lot of alerts in place and related security checks. But, the solution is seeping well into our system.” “Though Websense gave us a deadline of 3 months (which is over), we are taking it slow and steady to ensure proper acceptance of DLP in our system,” he adds. The project should be completed by year end. “ACPL team is responding well in past three months for the project and we are seeing benefits of the project,” says Chaudhary.

ACPL Systems put their 2 senior most people in DLP for this project looking at complexity of project. “There was never a moment when we felt that the project would fail as all the aspects of implementation and integration were well documented before the project initiation and during the POC,” says Sandhu.

THE ROAD AHEAD

The benefits of DLP are multifold for NIIT as Chaudhary says, “Productivity is enhanced as the surveillance keeps employees more on the office job. Blocking restricted sties has helped the software development company to save bandwidth. DLP gives regulatory benefit as banning of restricted sites means there is no violation of IT Act. Restricting uploads to unwanted sites and stealing data gives alerts are other key advantages.”

The cost reduction associated with data protection and process improvement will free operating capital for investment in the company’s growth opportunities. Once sensitive data leaves the company, its value can be decimated—along with the competitive advantage it offered, says Sandhu. ROI of DLP is purely based on incidents and not necessarily monetary benefits like other IT deployments, he adds.

When our customers conduct audit, endpoints are protected with DLP apart from gateway protection at NIIT, it gives them assurance that their service provider has a robust security department in place, adds Chaudhary. Secure networks do instill more confidence in our customer database, he admits.

Page 1 : ACPL Systems convinces NIIT to benefit from DLP
Page 2 : Exceeding Customer Expectations
Page 3 : The Fine Tuning

Other Case Studies

Digital Track Implements Wireless Solution for Hetero Drugs

How Digital Track Solutions won a deal to implement a wireless solution for Hyderabad-based Hetero Drugs in the face of certain defeat.
New Wave Computing Implements VMware VDI for Span Infotech

How New Wave Computing beat back the competition and successfully rolled out a robust VDI solution for an old customer.
Crystal Solutions Helps WalPlast Migrate To An ‘Open Source’ Platform

Mumbai-based Crystal Solutions helps Walplast save a ton on cost with a scalable open source implementation.
Nakoda Migrates to IBM Solutions through Innovative Telecom

For Gujarat-based Nakoda, aggressive expansion would not have been possible without the backing of a reliable and robust IT infrastructure. Its existing infrastructure clearly could not meet the growing business requirements.