What are some of the security challenges that Nucleus Software faced, being a multi-location business? Do these differ from location to location, for example does the India office have different IT challenges from the ones in the European office?
Nucleus is a product company; it’s the CIO’s prime responsibility to protect company’s IPR.
• Because of business reasons, pre-sales and developers have to carry IPR related confidential information in their laptops. There was no mechanism to check or control the information flow within or outside organisation.
• Internet access mechanism was not intelligent enough. There was always a risk of information leakage via Internet.
Challenges in Indian offices were more in comparison to overseas offices as they are development centres; most of the people have direct access to sensitive information. Overseas offices are mostly sales offices; they do not have access to product binaries. So yes from that perspective, the India offices needed many more levels of security.
How do you manage to keep Internet security threats at bay, especially in an information-sensitive business such as yours. Is restricted Internet access the only solution, or is there a middle path?
Internet access is not restricted in Nucleus; it is more refined and intelligent now after implementing Websense. The new solution has helped in keeping the information security related risks at bay. The dynamic URL categorisation feature of Websense automatically isolates the sites which are infected with malicious codes or if their authenticity is not established.
Beside this we have anti spam running on our gateways to filter out infectious mails. Antivirus works in combination with proxy to ensure that viruses, malwares etc. are blocked right at the network perimeter.
We have stateful firewall with built-in IPS/IDS functionality to ensure that destructive attempts are identified at a very early stage and proactive steps are taken before actually such attempts become devastating.
How has Websense impacted your offices across the globe?
Most of our remote offices are already benefiting from the Websense implementation. A remote filtering agent and DSS end point is installed on their laptop, which basically ensures that they remain under websense surveillance and are forced to follow the corporate policy whenever they are on Internet. Offices that have direct connectivity with us, uses our Websense proxy for surfing Internet.
After deploying Websense Data Security Suite and Websense Security Gateway, Nucleus Software has been able to monitor and prevent leakage of sensitive data significantly. The implementation of this solution has further created awareness about IPRs within the organisation. In all, the sensitive data leakage incidents monitored came down by almost 95% within two months of solution implementation. All the employees were given Internet access, which boosted productivity and helped in employee retention while ensuring security threat free environment. The solution resulted in immediate direct savings of over INR 10 lacs, and bandwidth usage of 52%. The ROI on the solution was achieved within two months of its deployment.