SME September Issue 2017 by SME Channels

PLUS

Dell launches Premium Support Plus with predictive issue detection /14 www.smechannels.com

india’s leading IT magazine for channel business VOLUME 08 | ISSUE 7 | PAGES 44 | SEPTEMBER 2017 | RS. 20/-

SME BIZ /19

GUEST TALK /22

SECURITY /38

SAP: SAP launches partner packaging factory to fast-track Digitization

Skybox: CVEs Abound, But Not Enough to Secure the Enterprise

PRIME INFOSERV LLP : Building Security Framework for Enterprise

MANAGED

SECURITY SERVICES

IN A PARALLEL RACE WITH

CYBER INTRUSIONS

With India gearing up for digital transformation owing to ambitious initiatives like Digital India Programme,.... /24

IBM: Driving Partners towards Cloud & Cognitive Journey /30 As the modern days businesses are changing with faster connect and faster decision making, IBM is pursuing its business partners to embrace its cloud and cognitive technologies to make the change happen.

VISWANATH RAMASWAMYM, EXECUTIVE DIRECTOR - SYSTEMS FOR CLOUD & COGNITIVE (INDIA/ SOUTH ASIA), IBM INDIA PVT. LTD.

MUKUL MATHUR, VP GLOBAL BUSINESS PARTNERS AND CSI, IBM INDIA/SOUTH ASIA.

PLUS

Numeric introduces new KEOR Series of UPS, Keor HP,Keor HPE /08 www.smechannels.com

india’s leading IT magazine for channel business CASE STUDY

SME CHAT

/29

MATRIX: Matrix Reveals

Six Reasons Why Unified Communication Server is Tailored for the Defense Sector

/34

SONICWALL: SecureFirst Partner Program, more partners have signed up in India

SME CHAT

/37

NETGEAR: Netgear Home Routers can Enrich User Eperience

MY EXPERIENCE EDITORIAL

ONE NATION AND ONE TAX – THE GST WAY. SANJAY MOHAPATRA

sanjay@smechannels.com

Even though GST has been a good step towards tax rationalization, yet there are challenges faced by the partner community. There is a lot of confusion about per cent of taxation and tax refunds. Organizations are seeking advice of their chartered accountants more than often because there are various provisions of GST are still ambiguous. Categorisation of goods and services in various cases is still unclear. Therefore in the industry – especially among the partners there is a slight disgruntlement. Partners are of opinion that it will take slightly more time to resolve the issues and they are facing clear imbalance in their cash flow. Second thing is that, movement in some sectors are so slow that it is slowing down the entire economy. As per a report, India’s GDP will be 5 – 6 % this year, which was 7%+ last year. So till the GSTN becomes fully understood by the organizations and compliant, there will be uncertainty in the market. There is a huge information gap between the department and the partners in the smaller cities and towns. This need to be bridged. The organizations need to address their Working Capital, Cash Flow, and Fund Flow needs. On the other hand the GSTN needs a huge task of managing the data flow securely where IT is the biggest enabler. Security is the biggest issues. With recent security attacks and data leaks in India, it is a tough task to keep all the financial transaction going online. At the same time, there has to be threadbare skilling of the finance staff of the organizations so that they independently take the decision. At the same time there are many small business who are ready yet for the compliance because their resources are not ready. Even they may not have computer. Of course the government knows about it and offers a good period but Many small businesses are not tech-savvy and do not have the resources for fully computerized compliance. Even as the rest of the nation gets ready to go digital, businesses in small cities across India face a huge technology problem in the days ahead. So overall, in order to make the one tax regime in place, government needs at least some time. And government has to be careful from the security point of view so that every finance dealings are secured.

NETGEAR R6120 Home router THE NETGEAR AC1200 DUAL BAND WIFI Router delivering AC WiFi speed 3x faster than older standards. This router offers improved performance and wireless coverage for your entire home. Get the speed you need for smooth HD streaming and online gaming throughout your home, through a secure and reliable connection to the Internet. Compatible with next generation WiFi devices, this router is also backward compatible with 802.11 a/b/g/n devices. Advanced features include ReadySHARE USB access for wirelessly accessing and sharing USB storage. With NETGEAR genie home network manager get easy installation and home network management.

SPECIFICATION: It is backward compatible with 802.11 a/b/g/n devices. FINAL WORDING: With the price point of INR 3200, this router is value for money. OVERALL RATING

SME CHANNELS SEPTEMBER 2017

contents

2017

SEP VOLUME 08 ISSUE 07

ER COV RY STO

Trusted Advisor of Channel Business

Publisher: Sanjib Mohapatra Editor: Sanjay Mohapatra Asst. Editor: Satinder Kaur Executive Editor: Smruti Chaudhury Sub Editor: Chitresh Sehgal Designer: Ajay Arya Web Designer: Vijay Bakshi Technical Writer: Manas Ranjan Satya Sagar Sinha Lead Visualizer: DPR Choudhary MARKETING Marketing Executive: Kajal Sharma Circulation and Printing: Panchanan Bhoi SALES CONTACTS Delhi 6/102, Kaushalya Park, Hauz Khas New Delhi-110016 Phone: 91-11-41055458 / 8587835685 sanjeev@smechannels.com Bangalore #28/1, 3rd Floor, Sri Lakshmi Krupa, Near Shamanna Park, Model House Street, Basavanagudi, Bangalore - 560004 Ph. No. +91 88618 21044 Mumbai Tahmeed Ansari 2, Ground Floor, Park Paradise, Kay-Bees CHS. Ltd.,Opp. Green Park, Oshiwara, Andheri (west), Mumbai - 400 053. Ph. +91 22 26338546, Fax +91 22 26395581 Mobile: +91 9967 232424 E-mail: Info@smechannels.com Kolkata S Subhendu BC-286, Laxmi Apartment, Kestopur Kolkata-700101

Managed Security Services- In A Parallel Race With Cyber Intrusions /24

Phone: 9674804389

Delhi-110016, Phone: 91-11-41657670 /

EDITORIAL OFFICE Delhi: 6/103, (GF) Kaushalya Park, New 46151993 editor@smechannels.com Bangalore Bindiya Jadhav #28/1, 3rd Floor, Sri Lakshmi Krupa, Near Shamanna Park, Model House Street, Basavanagudi, Bangalore - 560004 Ph. No. +91 88618 21044 E-Mail bindiya@ accentinfomedia.com Skype ID: b1diyajadhav

SME BIZ

SECURITY SAP / 19

“SAP launches partner packaging factory to fast-track Digitization”

PRIME INFOSERV LLP / 38 “Building Security Framework for Enterprise”

Printed, Published and Owned by Sanjib Mohapatra Place of Publication: 6/101-102, Kaushalya Park, Hauz Khas New Delhi-110016

CASE STUDY

Phone: 91-11-46151993 / 41055458

MATRIX / 29 “Matrix Reveals Six Reasons Why Unified Communication Server is Tailored for the Defense Sector”

SECURITY

floor, Okhla Industrial Area, Phase-2, New

more inside Editorial~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 04

CompTIA India / 33 “Global Cyber Attack”

Printed at Karan Printers, F-29/2, 1st

SME CHANNELS SEPTEMBER 2017

Snippets~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 08 Products~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~41

Delhi 110020, India. All rights reserved. No part of this publication can be reproduced without the prior written permission from the publisher. Subscription: Rs.200 (12 issues) All payments favouring: Accent Info Media Pvt. Ltd.

SNIPPETS PRODUCT | CHANNEL | CONSULTING | SERVICES

for more log on to smechannels.com

Indian IT Leaders converge at Enterprise IT World CIO200 Tech Summit and Awards 2017 The historic event, unprecedented in scale, gathered over CIOs and ITDMs from across geographies and verticals to deliberate on the theme of Digital Transformation of the organization. Over 200 CIOs were recognized for their recent

contribution to their organizations digitization at the inaugural ChangeAgents Awards. For the first time in the history of Indian IT, an unparalleled gathering of over 300 CIO, CTOs, IT Heads and other key stakeholders from

across the country were awarded for their significant contributions in the year 2016-17 in the Digital Transformation of their respective organizations. The event was organized by Enterprise IT World, India’s leading CXO Magazine in

association with key IT Vendors in the country. The two day event witnessed knowledge sharing on the theme through multiple Keynote speeches, presentations, panel discussions and roundtables. The event also witnessed the presence of IT innovators and IIT academicians. The ChangeAgents Awards, a never before congregation of 200 of the most influential CIOs and CTOs from across the biggest enterprises in India were the highlight of the evening. The CIO Community represented key verticals like BFSI, Manufacturing, Healthcare & Pharma, IT/ ITES, Electronics, FMCG, Government Organizations, Real Estate & Infrastructure, Aviation and Retail among others. The Awardee CIOs were shortlisted through a 6 months long process where an exhaustive analysis of their performance and strategic decisions was undertaken. These were then profiled highlighting their contributions which helped bolstered their organization’s productivity. The two day event closed with a CtrlS DC Visit for the CIOs.

Numeric introduces new KEOR Series of UPS, Keor HP,Keor HPE Numeric has announced easy to deploy, compact new KEOR Series of Three Phase UPS – Keor HP and Keor HPE. With flexible operating modes for large facilities, datacenters and business-critical applications, the new range allows users flexibility of extending its range from 60 kVA to 4.8 MVA.

SME CHANNELS SEPTEMBER 2017

These intend to satisfy both user and installers by providing ease of maintenance and safety; capital preservation and reducing operating expenses. It has a 3-level IGBT inverter design that helps to improve the inverter efficiency and overall efficiency thus reducing the operational expenses. High input

power factor & Low THDi reduces the cost of electrical infrastructure. Multi DSP controller in the products helps the UPS to respond faster. The uniqueness of the UPS’s lies in its flexibility to offer with or without an inbuilt transformer thereby giving full flexibility to the customer to design his solutions.

Thereby, making it suitable for both IT and Industrial application. Palash Nandy, CCO, Numeric said, “Building on Numeric’s longstanding history and industry expertise, we are pleased to announce the launch of KEOR Three Phase UPS, Keor HP and Keor HPE”.

SNIPPETS

Dassault Systèmes launches 3DEXPERIENCE road-show for SMEs in Chennai Dassault Systèmes extended its focus on digitalization of the Indian manufacturing sector and announced the launch of its upcountry road-show- 3DEXPERIENCE on WHEELS. The 3DEXPERIENCE on WHEELS, a mobile lounge with 3DEXPERIENCE platform demonstrations will tour the states of Tamil Nadu, Karnataka and Maharashtra connecting the manufacturing hubs. The campaign was flagged off in Chennai by Samson Khaou, Managing Director, India, Dassault Systèmes and Prasanta Kr Das, Vice President, Value Solutions, Dassault Systèmes, India. Over a span of 90 days, the 3DEXPERIENCE on WHEELS will cover 10+ Districts in Tamil Nadu, Karnataka and Maharashtra which are key hubs of automotive, aerospace, defense, etc.

Ipswitch partners with RAH Infotech Ipswitch announced a partnership with RAH Infotech. RAH Infotech is one of India’s fastest growing IT VAD companies, introducing cutting-edge technologies to the market since its inception in 2005. Through this agreement, RAH Infotech will distribute Ipswitch file transfer and network management software throughout India. “India is an important market that has significant growth potential for Ipswitch,” said Alessandro Porro, Senior Vice President, International Sales APAC at Ipswitch. “We are excited about our partnership with Ipswitch which boasts of range of solutions that address delivery of 24/7 performance and security across cloud, virtual and network environments,” said Mr. Ashok Kumar, MD & CEO, RAH Infotech.

Matrix Bluetooth based Access Control Feature

Mobile phones are not only used for swift communication, it is tremendously used for payment of bills, e-commerce shopping, health monitoring, GPS navigation, so on and so forth. Matrix “Your Mobile is Your Identity” offers Bluetooth technology based identification of users. This technology allows users to open doors by simply pairing their mobile’s Bluetooth with the inherent Bluetooth of the door controller. The users will be required to pair their device only once after which, they will be able to gain access by merely twisting their mobile phones in the vicinity of the entry/exit point

10 SME CHANNELS SEPTEMBER 2017

MY POINT

“The breach at Equifax is another reminder that information that isn’t properly protected will be stolen.” SUNIL SHARMA, MANAGING DIRECTOR – SALES FOR INDIA & SAARC, SOPHOS.

Fenda Audio (F&D) Unleashes Trolly Speaker “T2” With the festive season round the corner, India’s leading audio solutions brand, Fenda Audio has launched its new flagship Trolly Speaker “T2” with an exhilarating output power of 3000 PMPO. Fenda Audio expands its product portfolio with T2 Trolly Speakers with cutting-edge technology to generate high-end performance. The latest product offers integrated amplification and Bluetooth connectivity with compatible devices including smartphones, tablets and computers along with Karaoke features. The Trolly Speaker, “T2” brings together a unique metal grill design that gives the speaker a classic and high-end look packed with a 12v inbuilt rechargeable battery. It also has an in-built sturdy handle push bar to drag the speaker system.

Fujitsu mainframe innovation strengthens Digital Backbone Fujitsu achieves industry first by supporting live migration on /390 enterprise servers; makes available new operating system software for Fujitsu BS2000 Infrastructures to focus on key functionalities required for digitalization, including interoperability with open environments Fujitsu continues to invest in mission-critical mainframes with the introduction of its latest operating system, designed to underline the longterm relevance of mainframes as the backbone of the digital world with more advanced, high availability, interoperability, security and maintenance features. Fujitsu Software BS2000 OSD/BC V11.0, the new edition of OS software for Fujitsu BS2000 SE Server series, represents a comprehensive upgrade of Fujitsu’s mainframe operating system. The latest edition places an emphasis on key features necessary for innovative and secure digital co-creation, such as operating system openness, enhanced performance and usability. The new operating system sets an industry milestone by delivering the prerequisites for the first-time support of live migration between /390 servers. This real-time capability provides powerful and flexible new options for planned downtime and maintenance.

SNIPPETS

MSI Introduces

Microchip unleashes next-gen in-circuit debugger

GT75VR Titan, GE63VR/73VR Raider MSI has Introduced GT75VR Titan, GE63VR/73VR Raider to India! Gamers’ top choice and the leading gaming brand MSI, will be offering two weapons of choice for India gamers. GT75VR and GE63VR/73VR Raider will be packing some serious tech-leading upgrades. Find out more information on Flipkart and prepare yourself for an unprecedented thrill ride. MSI latest unique design of Rapid Mechanical Keyboard is a kind of evolution of the GT keyboards, surreal tactile feedback, and radiant RGB backlit under every key that creates infinite illumination possibilities. Besides having a greater visual, the typing and force feedback are the signature traits of a “Mechanical Keyboard”; MSI implement special design in cooperation with Steelseries and keyboard maker, created a Rapid trigger switch with stronger feedback, higher durability, and solid platform for this new design of MSI top level laptops. The GT75VR Titan comes with 3 options: GeForce GTX1080, GTX1070 SLI, or GTX1070.

Microchip Technology has announced the MPLAB ICD 4, an in-circuit programming and debugging development tool for Microchip’s PIC microcontroller and dsPIC digital signal controller portfolios. The MPLAB ICD 4 includes all the features of the popular MPLAB ICD 3 debugger while adding increased speed through a faster processor and increased RAM. The MPLAB ICD 4’s significant improvement in speed is accomplished through a 32-bit MCU running at 300 MHz. The faster processing, along with an increased buffer memory of 2 MB, results in a product that is up to twice as fast as its predecessor. The puck-shaped MPLAB ICD 4 is housed in a durable, black case with a brushed aluminum top and is accented with an LED light strip to indicate debugging status. The tool features the following: l A wider target voltage range, from 1.20 to 5.5 V l An optional 1 Amp of power (using an external power supply) l Selectable pull-up/pull-down option to the target interface l Configurable interface speed for optimised programming and debugging l Intelligent, robust interface with fault detection and immunity l JTAG debugging capability Microchip’s MPLAB ICD 4 is easy to use and supports all PIC microcontrollers and dsPIC digital signal controllers in Microchip’s portfolio through the MPLAB X Integrated Development Environment (IDE). This simplifies the design process for customers when they choose to migrate from one PIC MCU to another to meet the needs of their application. “Speed and flexibility are the most important factors when selecting a debugging tool,” said Rodger Richey, Microchip’s director of Development Tools.

EXECUTIVE MOVEMENT

WORLDWIDE SERVER SHIPMENTS GREW 2.4 PERCENT IN Q2 -2017

Chris Nicoll Joins ACG Research as Analyst for Wireless and Mobile Practice Sophos Appoints Adel Eid as Channel Sales Director for APJ

Worldwide: Server Vendor Revenue Estimates, 2Q17 (U.S. Dollars) Company

HPE

2Q17 Revenue 3,204,569,547

2Q17 Market Share (%) 23.0

2Q16 Revenue 3,536,530,453

2Q16 Market Share (%) 26.1

FireEye Appoints Vasu Jakkal as Chief Marketing Officer

2Q17-2Q16 Growth (%) -9.4

Dell EMC

2,776,347,626

19.9

2,594,180,873

19.1

7.0

IBM

963,279,264

6.9

1,226,947,968

9.1

-21.5

Cisco

866,450,000

6.2

858,924,000

6.3

0.9

Huawei

845,543,611

6.1

535,946,936

4.0

57.8

Others

5,281,754,345

37.9

4,801,420,134

35.4

10.0

Total

13,937,944,394

100.0

13,553,950,355

100.0

2.8

Source: Gartner (September 2017)

12 SME CHANNELS SEPTEMBER 2017

Quick Heal appoints industry veterans Deepak Mishra and Surender Bishnoi as Head of Retail Sales and Head of Unified Threat Management (UTM) Sales respectively. FireEye has appointed Shrikant Shitole Senior Director and Country Head for India

SNIPPETS

Kaspersky presents next versions of consumer security Kaspersky Lab has made announcement regarding its latest range of products. Alongside their power-packed features that give one the best security across all devices, it comes with a oncein-a-lifetime opportunity to win an exclusive trip to Maranello, Italy, to the outstanding Ferrari factory! This offer comes with Kaspersky Lab’s latest versions of flagship security solutions Kaspersky Anti-Virus, Kaspersky Internet Security and Kaspersky Total Security. After entering the contest, 6 lucky winners will be chosen from Asia Pacific (APAC) region throughout the contest. They get an opportunity to visit Ferrari’s state-ofthe-art factory in Maranello, Italy, the carmaker’s hometown. Even if Lady Luck doesn’t smile for the big prize, one still stands a chance to win the Ferrari Fan Kit, which is the best keepsake for fans. Original Ferrari accessories such as a miniature car, keychain, cap and a fashionable bag would be theirs to keep!

Tableau acquires Cleargraph Tableau Software has announced it has acquired ClearGraph, a cutting edge Palo Alto startup that enables smart data discovery and data analysis through natural language query technology. Tableau plans to integrate ClearGraph’s technology into Tableau’s products, making it even easier for more people to interact with their data by using natural language to ask questions and search for insights. “We are thrilled to bring the ClearGraph team to Tableau to enable people to ask questions of their data using natural language,” said Francois Ajenstat, Chief Product Officer at Tableau. “Natural language queries will make it easier for more people to interact with Tableau, whether you’re an executive who needs an answer quickly, or on a mobile phone and want an answer from your data on the move. We’re excited about this acquisition as the ClearGraph team shares our mission and is aligned with our innovation perspectives on conversational analytics.” ClearGraph makes it easy to analyze data using natural language. It brings a consumer-like experience to users by connecting disparate data sources and making them accessible and intelligible through simple conversational style search. ClearGraph’s unique natural language query technology stores semantic data in knowledge graphs that can expand and learn over time. Accessing and analyzing data using ClearGraph requires no technical training, as the system can infer users’ intent through natural language. For example, people could ask questions such as, “Total sales by customers who purchased staples in New York,” then filter to, “orders in the last 30 days,” then group by, “project owner’s department.” “We founded ClearGraph because we saw a need to bridge the gap between humans and computers through natural language, especially when it comes to exploring data,” said Andrew Vigneault, CEO of ClearGraph.

Kodak Alaris Expands IN2 Ecosystem at Info Mgmt Partnership Yatra 2017 Kodak Alaris has kicked off the 2017 edition of its Information Management Partnership Yatra, across Chennai, Delhi and Mumbai on the 7th, 9th and 11th of August, respectively. This initiative is tailored to empower its partner base to meet the evolving demands of digital transformation for businesses and governments in the region, and boost their go-to-market capabilities. As partners are a strategic component of the Alaris IN2 Ecosystem, this initiative provides the company and its partners with an ideal platform to explore the possibilities that are currently available in the market, and outline strategies for success in the years ahead. As the country embarks on a wider movement toward digitalization, in line with the Government’s Digital India mandate, Kodak Alaris Information Management has revamped its solutions to meet new market dynamics. With the launch of the Alaris IN2 Ecosystem earlier this year, the company has refined its portfolio to deliver on the promise of digital transformation and offer new ways to take the complexity out of information capture.

IBM and VMware Partnership Speeds Cloud Adoption At VMworld Europe 2017, IBM and VMware announced that more than 1,400 enterprises in nearly every industry around the world are extending their VMware environments to the IBM Cloud. Through the partnership, clients such as Honeywell International and Vodafone are using IBM Cloud’s global reach and cloud-native services, and the infrastructure and operational consistency of VMware Cloud Infrastructure, to create new business opportunities. As part of today’s news, IBM and VMware are announcing new solutions to further the partnership and IBM is launching network control and visibility solutions from F5 Networks and Fortinet so that enterprises can continue to extend their VMware environments, as they are, to the public cloud. In 2016, IBM and VMware set out to tackle a pressing industry challenge: extending existing VMware workloads from on-premises environments to the cloud without having to retool operations, re-architect applications and re-design security policies.

14 SME CHANNELS SEPTEMBER 2017

Integrated Dell EMC and VMware NFV Solution Accelerates Production Deployment Dell EMC and VMware have pre-integrated and pre-validated Dell EMC cloud infrastructure hardware and the OpenStack-ready VMware vCloud NFV platform to accelerate time to deployment and help reduce the overall cost of production network functions virtualization (NFV) for communications service providers. NFV can help communications service providers (CSPs) and mobile operators take advantage of new market opportunities more quickly, flexibly, and efficiently while cutting costs and preparing for the 5G future. The Dell EMC NFV Ready Bundle for VMware will help make it easier for CSPs to build their own operational readiness clusters and design their initial offerings for end user customers. The pre-validated solution minimizes adoption time and significantly reduces time to service. This solution is built upon the need for virtualized infrastructure while delivering a turnkey offering that, if necessary, can be fully customized to meet specific deployment requirements.

SNIPPETS

AXILSPOT reinforces brand presence in India

ACER opens first exclusive store in Agartala

AXILSPOT will increase the volume of its product stock, comprising of cutting edge high end WLAN solutions in India after August 15, 2017. The company’s product line-up also boasts of its high-end technology which furnishes ultra high-speed, stable and high capacity Wi-Fi access. The multi-beam smart-selection antenna array system has been developed after years of exhaustive research by the top-notch RF team of leading scientists in microwave and Wi-Fi industry. Following this month, the company also plans to set up new offices in the country and rope in more partners to bolster its presence in the highly potential WLAN solutions market in India. “Our solutions have proven to be a landmark in India’s Wi-Fi segment owing to their trend setting technology and high capacity performance. With the country’s hunger for bandwidth growing many fold each year, AXILSPOT’s solutions will play a pivotal role in aiding the digital transformation of the country”, said Pinaki Chatterjee, Regional Director, India & SAARC, AXILSPOT.

Wipro Recognised with Citrix Partner of the Year - India Award - partner news

ACER, the leading laptop and PC player in India, announced the expansion of its retail presence, with the inauguration of its exclusive retail store in the name of “OM SAI INFOTECH”, in Agartala (Tripura). The new store is located at Madhyapara lane, Agartala, Tripura, 799001. Acer has made remarkable progress in terms of enhancing its retail presence across the country to serve the varied computing needs of its customers. Resembling all the other outlets, this outlet will also feature the company’s entire gamut of Laptops, Gaming products, Desktops, Monitors and projectors. Addressing the launch, Mr. Chandrahas Panigrahi, CMO and Consumer Business Head, Acer India says, “Acer has a strong hold over the metros, but our focus is now to augment our retail presence in Tier II and Tier III regions. Eastern India is no doubt a fast growing market in terms of technology and we are glad to venture into Tripura, which is one of the smallest states in the country and provide the crowd with the required amount of assistance and access that will open up a new market scope for us.” The exclusive store launch in this region is a part of the company’s constant efforts to provide its customers with an interactive and informative buying experience by investing in the gamut of training sales personnel, in-store merchandising, ranging of new high end models, sales enablement and attractive offers for its products. As retail continues to be a key driver for Acer’s future growth, the company is looking at opening more of such exclusive experience outlet this year to have a better penetration in the Indian market. The company has also developed robust plans focusing on marketing strategies, attractive pricing and a great shopping experience with an aim to enhance excitement, engagement and experiential purchase for the customer.

Wipro has bagged the Citrix Partner of the Year – India, award. The award is in recognition of Wipro’s efforts in delivering best-in-class work-place digitalization solutions, in line with customers’ evolving needs during the calendar year 2016. The award recognizes the top performing Citrix partner in India, based on their contribution to revenue, year-on-year growth, strategic wins, sales engagement and technical certifications. Wipro’s global experience in delivering end-to-end IT solutions complements the Citrix technology portfolio. Wipro and Citrix are working together to deliver an end-to-end, standardized and integrated portfolio of work-place digitalization services such as Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions to enterprises.

Portronics Announces

“Harmonics Klip II” Retractable Bluetooth Earphones

Huawei OpenLab, Industrial Internet Consortium join hands to establish Ecosystem Lab

Portronics has launched Harmonics Klip II, a lightweight Bluetooth 4.1 headset with clip for dual-purpose music and calling. It is a retractable Bluetooth earphone with great sound quality, CVC noise cancellation technology and long standby time to let you enjoy the freedom of Bluetooth with clarity of calls and superior quality music. Harmonics Klip II with its stylish fine leatherite finish, will suit your formal as well as casual attire. This Bluetooth earphone has a high tech CSR chip on it that allows voice prompting the caller’s phone number and cleans up noise from the phone calls while on the move.

At Huawei Connect 2017, Huawei and the Industrial Internet Consortium (IIC) unveiled the ‘IIC-Huawei Ecosystem OpenLab’, announcing that through deep cooperation, both parties will promote the development of an industrial Internet ecosystem. IIC is a world-leading industrial Internet organization that is dedicated to helping achieve digital transformation through the promotion of an industrial Internet. IIC’s testbed program is one effective method to construct an industrial ecosystem. Huawei and IIC have common targets and interest points in the industrial Internet domain.

SME CHANNELS 15 SEPTEMBER 2017

SNIPPETS

Netmagic Powers its Cloud offerings with NetApp SolidFire - storage Netmagic has deployed NetApp’s SolidFireallflash scale-out storage system at five of its datacenters in India, to support its Cloud offerings with automated and scalable guaranteed application performance. NetApp’s SolidFire, a next-generation storage architecture that provides enterprise IT businesses an access to agile, scalable, on-demand storage infrastructure that delivers predictable, cost-effective performance in the cloud. NetApp SolidFire is the next-generation storage architecture that enables businesses’ IT infrastructure quickly and seamlessly at scale, while enhancing developer

productivity and improving time-to-market of new applications through simplified storage operations at the same time. “We are delighted to partner with NetApp that enables our customers to leverage our Cloud infrastructure with their high-performance andscalable storage infrastructure.This significantly adds to our value proposition in the market when organizations are demanding IT transformation without operational overheads and silo Storage Capacity management,” said Sharad Sanghi, Managing Director & CEO, Netmagic (An NTT Communications Company).

Thales completes the acquisition of Guavus, a pioneer of real-time big data analytics Thales is all set to close the acquisition of US company Guavus, a pioneer in real-time Big Data analytics. Headquartered in San Mateo, California, in the Silicon valley, Guavus employs 250 people, of which 140 are based in Gurgaon (India), 60 in California and 50 in Montreal (Canada). Guavus is perfectly suited to help Thales address the growing needs of an increasingly connected global ecosystem. The company has built a recognised industrial “big data” platform particularly adapted to real-time analytics and designed to be easily implemented across any number of new markets.

Accenture Ranks in Winners Circle for HfS Emerging Market Guide for IBM Watson Services – big data Accenture has been positioned in the “Winner’s Circle” in the inaugural HfS Market Guide for IBM Watson Services, reflecting its leadership in innovation and excellence in execution with Watson. The HfS Research report analyzes 10 service providers, including IBM, drawing on user and client interviews and briefings to determine where IBM Watson service providers stand today and their future potential. It commends Accenture’s Artificial Intelligence Strategic Growth Initiative for driving the integration of Watson’s capabilities across its Digital, Technology and Operations businesses and cites the company’s robust investment in artificial intelligence (AI) thought leadership as a major strength.

Dell launches Premium Support Plus with predictive issue detection in India Dell in India today, announced augmented service offerings for its consumers in India, with the launch of Premium Support Plus. Recently launched at IFA, the service is available on Alienware 15 & Alienware 17, XPS and Inspiron devices, dramatically improving customer experience through simplified and hassle-free support. With this launch, Dell has widened its service capability for consumers, giving them the option to choose from OnSite support, Premium Support and the new Premium Support Plus, based on their requirement. Premium Support Plus provides 24x7 anytime, anywhere phone access to expert technicians, personalized assistance for complex software issues and the first and only proactive automated support for consumer PCs.

16 SME CHANNELS SEPTEMBER 2017

DIGEST CANON INDIA FLAGS OFF ‘SPARKLE’, A PAN INDIA ROADSHOW Celebrating 20 successful years of operations in India, Canon India has commenced a 50 city roadshow, themed ‘SPARKLE’. This showcase is conceptualized for and dedicated to the resellers supporting the Consumer System Products outreach in the country. Complementing its theme ‘SPARKLE’, this initiative is focused towards making every moment a sparkling celebration for its partners and customers. Consumer System Products division, under its Inkjet and Laser portfolios, offers a range of solutions, designed to address the requirements Home, SOHO, SME’s, Enterprise and Govt.

RELIANCE GROUP’S UNLIMIT AND IBM IOT COLLABORATE UNLIMIT, a business venture of Reliance Group and IBM today announced a strategic collaboration that brings together UNLIMIT’s leading industry specific Internet of Things (IoT) solutions with IBM IoT capabilities to unlock new value for businesses in India. IBM and UNLIMIT will co-create IoT solutions for specific industry verticals including automotive, insurance, utilities, and industrial automation. For example, insurance companies will be able to reduce cost of damage to goods from tampering through real-time tracking of cargo via an ‘asset tracking solution.’

SCHNEIDER ELECTRIC RUNS AWARENESS CAMPAIGN TO ADDRESS INDIA’S ENERGY NEEDS Emphasizes the need for each one of us to do their bit to combat climate change and address the emerging energy needs of the country Schneider Electric has launched an awareness campaign titled ‘Be a Responsible Indian’, on the need for optimizing energy usage in our everyday lives. The engaging and informative campaign aims to instill a sense of responsibility by highlighting the importance of saving energy in nation building. Schneider Electric aims to inspire all the citizens of India to reduce energy wastage by optimizing its usage in cities so that electricity could be made available to areas that are still dark or have intermittent access to power, especially under-developed areas that are far from the grid.

FORCEPOINT ACQUIRES REDOWL Forcepoint acquired RedOwl, a provider of human centric security analytics solution provider. Forcepoint’s human point strategy views people – rather than technology infrastructure – as the focal point for cybersecurity. Cloud, mobility and ever-changing infrastructure makes the traditional perimeter a fallacy; by focusing on how, when, where and why people interact with critical data and IP, organizations can more effectively identify and address risk. “The world has fundamentally changed and the way we think about security must change, as well. If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” said Matthew P. Moynahan, COO of Forcepoint.

SNIPPETS

ASUS India leads fan share in Best Hardware Manufacturers Poll In an independent online polling campaign run by IGN India, for the ‘Best Gaming Hardware manufacturers’ during the month of August 2017, ASUS and ASUS ROG won the polling in three listed categories; Motherboards, Graphics cards and Monitors in the results declared today on their official Facebook page. The campaign which started 24th August was a simple campaign which gave users in India to select their favorite brand with four options. The voting closed on 5th September. This information is coming just behind the recently concluded ASUS ROG Masters, ASUS ROG is considered the Number 1 and most preferred PC gaming brand globally.

Barco Hosts a Multicity Roadshow to showcase OpSpace Barco is organizing roadshows in Chennai and Hyderabad. The initiative is aimed at giving Barco partners and end-users a first-hand demonstration of OpSpace, Barco’s revolutionary patent-pending operator-focused solution, and how it enhances operator efficiency in mission-critical control rooms for better business outcomes. Attendees will also have an opportunity to interact with 3D data in an immersive virtual reality environment, powered by Barco’s award-winning F50 projection solution. The 3D interaction will be supported by a solution from TechViz, Barco’s technology partner, which generates the stereo 3xD data from native CAD applications without any data conversion. The first leg of the OpSpace roadshow was conducted in Chennai on September 8 and was attended by more than 50 Barco partners and end-users. Barco will organize the second leg in Hyderabad on October 6, 2017. The event will be hosted at Radisson Blu, Banjara Hills.Barco Hosts a Multicity Roadshow to showcase OpSpace

Paytm Mall to sell Lenovo laptops across online and offline channels Lenovo products can be purchased by scanning QR Code placed at Paytm Mall partner outlets Paytm Mall, owned by Paytm E-commerce Pvt. Ltd, has partnered with Lenovo and Intel India to sell Lenovo laptops by bringing the brand’s authorized stores online on its platform. In this arrangement, Paytm Mall will offer a platform for customers to buy Lenovo products and receive faster deliveries from the brand’s local authorized sellers. The company has onboarded more than 50 Lenovo exclusive stores across 20 Indian cities to sell their catalogue on its platform. Additionally, customers can buy Lenovo laptops by scanning the Paytm Mall QR Code placed at Paytm Mall partner outlets and drive immediate discovery and purchases. This will allow Lenovo to expand its reach while enabling customers to buy from their trusted neighborhood stores. As a part of this initiative, the Lenovo Ideapad 110 will be available for Rs. 23,990 with offers worth the same amount. The laptop has been recognized in the industry as a laptop with flawless processing power for superfast speed, great memory, lots of storage, an attractive display.

HPE and PwC Expand Partnership to Power Future Cities Hewlett Packard Enterprise announced a new project with long-time strategic partner, PwC, to jointly create a Center of Excellence (CoE) in Kolkata, India, to advance development for future cities. Recognizing the need for effective connection and exchange of information across a diverse range of devices and applications, PwC will leverage the HPE Universal IoT (UIoT) Platform in its CoE to support development, testing and management initiatives around future cities. The HPE UIoT Platform will allow PwC to start small and scale the business as demand increases. The CoE will utilize UIoT platform features, including lightweight machine to machine (M2M) support, expanded device management and increased Long Range (LoRa) support. Together, HPE and PwC will enable IoT applications to provide advanced analytics and machine learning innovations. “HPE and PwC are working together to offer enhanced services, greater security and improved civic engagement to municipalities around the world, intended to deliver best in class experience to common citizens.” said Som Satsangi, VP & GM, Enterprise Group and MD India, HPE.

F-Secure Helps Organizations Predict the Actual Cost of a Breach What’s the cost of a data breach? Depending on who you ask, anywhere from $200,000 to $3.6 million* and higher. Such averages, while useful in tracking trends, are meaningless when it comes to predicting actual breach impact to a specific company. To help companies predict and manage their risk, F-Secure has introduced Cyber Breach Impact Quantification (CBIQ), a new service that quantifies the cost of cyber breach impact to an organization. Client data from F-Secure risk management assessments suggests most large organizations are ill-prepared to handle breaches: While 50% have a crisis management team that’s prepared for physical disasters or business disruptions, only 20% have a crisis management team capable of effectively leading a cyber crisis. 65% of companies have never run a crisis management exercise to rehearse a cyber incident. Quantifying the cost of a potential breach can help spur organizations to take action to become more prepared and resilient. “Companies think it’s too difficult to quantify cyber risks so they invest millions in all sorts of controls, just to be on the safe side,” says Marko Buuri, Principal Risk Management Consultant at F-Secure.

SME CHANNELS 17 SEPTEMBER 2017

SNIPPETS

MICRO FOCUS COMPLETES MERGER WITH HPE SOFTWARE BUSINESS Micro Focus announced the completion of its merger with Hewlett Packard Enterprise’s (HPE) software business to create the seventh largest pure-play enterprise software company in the world.1 This merger brings together two leaders in the software industry to form a new, combined company uniquely positioned to help customers maximize existing software investments and embrace innovation in a world of Hybrid IT. Upon close, Chris Hsu, formerly COO of HPE and Executive Vice President and General Manager of HPE Software, was appointed CEO of Micro Focus. “Today marks a significant milestone for Micro Focus, and I am honored to be leading this team,” said Chris Hsu, Chief Executive Officer of Micro Focus.

NETGEAR INTRODUCES TWO INCREDIBLY FAST, DUAL BAND WI-FI ROUTERS NETGEAR introduced R6080 & R6120, two incredibly fast Dual Band AC1000 & AC1200 Wi-Fi routers that deliver Wi-Fi speeds up to 700mbps and 900mbps, respectively. Providing Wi-Fi access that is 3x faster than routers using 802.11n technology, the state of art routers deliver the speed and reliability needed by users for HD streaming and online gaming through a secure and reliable connection to the Internet. NETGEAR genie app, available on both routers, enables users to easily setup, monitor, share & stream music or videos, diagnose & repair network issues and set up parental controls on the home network from any iPhone, iPad or any Android device. “To take advantage of higher broadband bandwidth being offered by telecom service providers and to support newer generation AC devices, home users must upgrade their Wi-Fi routers to dual band technology without burning a hole in their pocket,” said Marthesh Nagendra, Country Manager, India and SAARC, NETGEAR, “The brand new R6080 & R6120 routers from NETGEAR pack a 3-in-1 bonanza for home users, combining performance, price and value in one attractive solution,” he added.

DIGISOL rolls out “Bangkok Calling” scheme for Connect Partners DIGISOL announced its channel reward program “Bangkok Calling”. The program is designed for DIGISOL Connect Partners and will run from 1st July to 30th September, 2017. This scheme is available through authorized DIGISOL Regional Distributor’s only. This time the reward scheme is based on sales target. Mandar Joshi, Head – Channel Business, DIGISOL Systems Ltd. said, “The launch of this scheme is a step towards motivating and involving our partners. We are confident that the scheme will receive an outstanding response and act as a catalyst to DIGISOL’s business in Q2 2017. Schemes have been a regular feature of DIGISOL’s sales strategy to recognize and reward, top performing partners and their teams. We plan to come out with more such exciting schemes for our partners in near future.”

Schneider Electric runs awareness campaign to address India’s energy needs Emphasizes the need for each one of us to do their bit to combat climate change and address the emerging energy needs of the country Schneider Electric has launched an awareness campaign titled ‘Be a Responsible Indian’, on the need for optimizing energy usage in our everyday lives. The engaging and informative campaign aims to instill a sense of responsibility by highlighting the importance of saving energy in nation building. Schneider Electric aims to inspire all the citizens of India to reduce energy wastage by optimizing its usage in cities so that electricity could be made available to areas that are still dark or have intermittent access to power, especially under-developed areas that are far from the grid. Talking about the campaign, Bidisha Nagaraj, Chief Marketing Officer, Schneider Electric India, said, “At Schneider Electric, we believe that access to energy is a basic human right and the present way of managing energy is unsustainable. There is an urgent need to balance this energy dilemma, and we can all make a difference by doing our bit. “

18 SME CHANNELS SEPTEMBER 2017

Matrix unveils enhanced portfolio of Hospitality Solutions Matrix is participating in The Hotel Show Dubai organized from18th-20th September at Dubai World Trade Center. The Hotel Show Dubai is one of the largest events for the hospitality sector. Matrix will launch SPARSH VP710 – the Smart IP Desk Phone, at the event. Innovative hospitality solutions such as Unified Communication Servers, VOIP and GSM Gateways and Converged PBX will also be showcased at the event. SPARSH VP710, engineered mainly for the business class professionals, offers functionalities such as Video Conferencing and Business Media Applications with the touch of an Android experience. Seven Inch Adjustable Screen for Easy Navigation and Calling Activities, Integrated Wi-Fi for Internet Connectivity, Bluetooth Connectivity, Built-in Web Browser, Calendar and Integration with Third Party Software are some of the additional features that help hoteliers create a sophisticated atmosphere for the guests.

SME BIZ

SAP LAUNCHES PARTNER PACKAGING FACTORY TO FAST-TRACK DIGITIZATION SAP SE has reiterated its commitment towards customers and partner ecosystem by pledging to help ramp up workforce in the country to take forward the digital transformation agenda. DEB DEEP SENGUPTA, PRESIDENT AND MANAGING DIRECTOR, SAP INDIAN SUBCONTINENT.

BY STAFF WRITER info@smechannels.com

n the wake of GST roll-out and Digital India initiative, the 51+ million SMEs in the country will eventually have to onboard or scale their technology infrastructure. It will therefore give rise to an industry wide requirement of digital experts who will have the capability to enable enterprises transition to a digital platform. SAP understands the urgency to fulfil this necessity. SAP India commits to skill, reskill and upskill 1.5 million SAP consultants to plug this digital gap within the next three years. “Our partner ecosystem is the “lifeline” that connects us and our customers,” said Deb Deep Sengupta, President and Managing Director, SAP Indian Subcontinent. “Currently, an estimated 2 lakh SAP consultants thrive within our partner ecosystem which contributes approximately USD 8 billion in revenues. SAP in India has a defined and a clear partner strategy that propels our objective of growing together.” To fulfil this significant digital gap, SAP India has started various initiatives and launched new programs through the partner ecosystem: l Accelerating ‘Bharat ERP’ program training via technology centers of M/o MSME l Expansion of SAP Authorized Training Centres in tier 2 and 3 cities l Providing ‘Digital Learning Kits’ with focus of up-skilling and re-skilling l Integrating new-age technology curriculum across universities and education institutions

In addition, several innovative initiatives are in the pipeline: l ‘Center of Excellence’ in select education institutions in collaboration with partner ecosystem l Training Demand Aggregation using cloudbased SAP application Currently, 320+ Indian universities and education institutes are members of SAP university alliance program having introduced SAP technologies to more than 3 million students. At the annual Partner Summit 2017, SAP India announced the launch of Partner Packaging Factory, an industry-first online initiative that aggregates end-to-end SAP packages developed by partners. These packages are built to include SAP software, services, maintenance in addition to hardware. SAP Partner Packaging Factories includes solutions forl SAP S/4HANA l SAP Cloud l SAP BusinessObjects Business Intelligence (coming soon) l SAP Analytics Cloud (coming soon) Partner packaging factory has 45 templatized solutions for SAP S/4HANA and SAP Cloud as of now. This initiative will create unique opportunities for partners to reinvent business models, drive volumes and enhance revenues. “SAP Partner Packaging Factory opens up an exciting new customer engagement opportunity for our partners,” said Anthony McMahon, Senior

“CURRENTLY, AN ESTIMATED 2 LAKH SAP CONSULTANTS THRIVE WITHIN OUR PARTNER ECOSYSTEM WHICH CONTRIBUTES APPROXIMATELY USD 8 BILLION IN REVENUES. SAP IN INDIA HAS A DEFINED AND A CLEAR PARTNER STRATEGY THAT PROPELS OUR OBJECTIVE OF GROWING TOGETHER.”

Vice President, General Business (SME) & Channels, SAP Asia Pacific Japan. “It is a one stop shop for SMEs to evaluate SAP solutions and fast-track their digital transformation journey.” SAP’s technologies and platforms augments the capabilities of its partner ecosystem to co-innovate. This synergistic collaboration by SAP and partners result in new offerings and solutions for the digital era that enhance customer success.

SME CHANNELS 19 SEPTEMBER 2017

ROUND ABOUT

INDIAN IT LEADERS CONVERGE AT ENTERPRISE IT WORLD CIO200 TECH SUMMIT AND AWARDS 2017 The historic event, unprecedented in scale, gathered over CIOs and ITDMs from across geographies and verticals to deliberate on the theme of Digital Transformation of the organization. Over 200 CIOs were recognized for their recent contribution to their organizations digitization at the inaugural ChangeAgents Awards.

or the first time in the history of Indian IT, an unparalleled gathering of over 300 CIO, CTOs, IT Heads and other key stakeholders from across the country were awarded for their significant contributions in the year 2016-17 in the Digital Transformation

20 SME CHANNELS SEPTEMBER 2017

of their respective organizations. The event was organized by Enterprise IT World, Indiaâ&#x20AC;&#x2122;s leading CXO Magazine in association with key IT Vendors in the country. The two day event witnessed knowledge sharing on the theme through multiple Keynote speeches, presentations, panel discussions and roundtables.

The event also witnessed the presence of IT innovators and IIT academicians. The ChangeAgents Awards, a never before congregation of 200 of the most influential CIOs and CTOs from across the biggest enterprises in India were the highlight of the evening. The CIO Community represented key verticals like BFSI,

ROUND ABOUT

Manufacturing, Healthcare & Pharma, IT/ ITES, Electronics, FMCG, Government Organizations, Real Estate & Infrastructure, Aviation and Retail among others. The Awardee CIOs were shortlisted through a 6 months long process where an exhaustive analysis of their performance and strategic decisions was undertaken. These were then profiled highlighting their contributions which helped bolstered their organization’s productivity. The two day event closed curtains with a DC Visit for the CIOs to the CtrlS Tier IV Data Center in Noida on the 9th where they were given a tour of the entire premises and brushed up on the latest data center technologies and how they can be leveraged. The mega Awards Ceremony also witnessed the apex IT decision makers brainstorming on the emerging trends in the country’s enterprise IT landscape further aiding and supporting ambitious government projects and initiatives like Digital India Programme and Smart Cities of

union government. The event featured informative keynote addresses and knowledge presentations on industry topics by IT industry head honchos including Sridhar Pinnapureddy, Founder & CEO, CtrlS, K Bhaskar, Senior Vice President, Canon India, Sandeep Majumdar, Chief of Operations – North, Sify Technologies, Manish Gokhale, Director, Business Development, Schneider Electric, Nilay Shrivastava, Business Manager, IBM Cloud, Vivek Naidu, Vice President, Information Management, Kodak Alaris India, Shaheen Meeran, COO (Co-location), CtrlS Datacenters and Ashish Srivastava, National Head – BTL Marketing, Tata Docomo Business Services. The knowledge sharing discussions revolved around topics such as ‘Innovation at the Entry level’, ‘Deploying BI and Analytics for better decision making’; ‘Empowering Digitization with Cloud; Future of Digital Transformation of Large Enterprises’ and ‘Digital Transformation in Indian

Manufacturing Industry.’ Speaking at the event Sanjay Mohapatra, Chief Editor, Enterprise IT World said, “CIOs are playing and will continue to play a pivotal role in transforming India’s digital topography with their potential to harness IT as an enhancer than an enabler. We are honoured to organize CIO200 awards to felicitate the best IT skilled brains of our country.” Amitabh Mishra, Chief Digital Officer, Vedanta Resources exclaimed, “It is a privilege to attend the CIO200 event. The scale of the event was unprecedented, bringing together some of the top IT leaders and service providers of India under one roof.” Manish Sinha, Head IT, Vectus Industries said, “My sincere thanks to all people who were involved. Its a great initiative and gesture of Enterprise IT. It means as a media house you value a person’s work done and its contribution towards his or her organizational success.”

SME CHANNELS 21 SEPTEMBER 2017

GUEST TALK

CVES ABOUND, BUT NOT ENOUGH TO SECURE THE ENTERPRISE While MITRE improves catalog methods, it still falls short to improve vulnerability management programs and prioritization to tackle today’s threats.

MARINA KIDRON

PROFILE Marina Kidron manages the Skybox Research Lab, a dedicated team of vulnerability researchers who aggregate and analyze vulnerability data from more than 20 public and private vulnerability data sources. Kidron has more than 10 years of experience in business and statistical data analysis, data modeling and algorithms development for information technology, mobile and internet companies and financial services companies. Kidron earned a Masters degree in Political marketing, and a Bachelor degree in Computer Science and Mathematics

A recent article by Taylor Armerding ofCSO Online explores the current state of the Common Vulnerabilities and Exposures (CVE) program managed by MITRE (read about the origins of CVE and MITRE here). He expands on the creeping belief that the CVE, the old–guard vulnerability “dictionary,” is falling behind and leaving security teams and technologies that rely on it open to risk. And althoughMITRE taking measures to close the gap — including dedicating more resources to vetting and assigning CVE identifiers to vulnerabilities — the response among some experts is that these will not be enough to rectifythe outdated model. MITRE has certainly made strides to bolster the system, logging 6,592 new vulnerabilities with CVE IDs in the first half of 2017 alone — compare that to 6,431 CVE IDs logged in all of 2016. From January to June of this year, MITRE has published on average 1,133 new CVE IDs each month. That’s a 210 percent increase over the 536 new CVE IDs per month average of 2016! While increasing the number of vulnerabilities catalogued by the CVE system is generally good

(many technologies useCVE IDs and some baseline vulnerability management programs rely on them almost entirely), it still doesn’t solve the issue of prioritization. Enterprises already have hundreds of thousands — even millions — of vulnerabilities in their organization. Assigning more CVE-IDsdoesn’t directly lead to better security or even signify that more vulnerabilities exist today than in the past — it means more efforts are being dedicated to discovering, analyzing and cataloging vulnerabilities. Combined with a technology environment in a state of constant proliferation, this inevitably means more CVEs and vulnerabilities in general. Currently, organizations are overwhelmed with toomany vulnerability alerts to manage proficiently, so many of them are looking to advanced vulnerability management programs to help them better prioritize. In a recent report on vulnerability prioritization, Gartner analyst Craig Lawson points out that, “the lofty goal of ‘patch everything, all the time, everywhere’ is not only rarely fulfilled, it’s causing friction between IT security and IT operations.”

Focusing on the Right Vulnerabilities

Source: MITRE and Skybox Research Lab

22 SME CHANNELS SEPTEMBER 2017

Vulnerability teams, however, don’t need to patch everything all the time. The same report states that “only a small number of vulnerabilities go on to be xploited in real–world attacks.” This means vulnerability management programs should be structured to help teams zero in on the vulnerabilities most likely to be used in an attack — a much smaller portion than all CVEs. Exploited vulnerabilities only make up a single digit of CVE-IDed vulnerabilities published each month. (The spike in March 2017 in the chart below represents the vulnerabilities leveraged in the EternalBlue exploit, famously used in WannaCry and NotPetya.) Vulnerabilities with a pub-

GUEST TALK

lished proof–of–concept exploit (but inactive) represent a slightly larger portion, but still total less than 100 vulnerabilities published per month. With this information, security teams can: 1. Focus resources on the vulnerabilities that are actually exploited in the wild first, as those are the ones that pose and imminent threat to the organization 2. Employ mitigating controls (e.g., intrusionprevention systems, network segmentation, application controls, privileges management) to prevent lower–priority vulnerabilities from being exploited when those vulnerabilities can’t be patched in a reasonable period of time or when there is no patch available. To help classify vulnerability risks even further, the Common Vulnerability Scoring System (CVSS) was developed over ten years ago to help organizations prioritize vulnerability remediation. A reasonable approach to vulnerability remediation in theory; however, implementation was never fully realized because of lack of vendor resources. So, only base CVSS scores have been used and have proved insufficient for prioritizing vulnerability remediation. Unfortunately, this is the method many vulnerability management programs rely on, for all of its shortcomings: CVSS scoresdon’t consider the organization’s unique environment, the current threat landscape and other situational factors. For example, a vulnerability with a “high” CVSS score may not be exploitable in a particular network if the surrounding architecture and security policies provide sufficient defense. Similarly, a CVSS high–severity vulnerability on a low–value asset is less of a priority to fix than a CVSS medium– severity vulnerability on a business–critical asset. Cyberattackers frequently leverage vulnerabilities carrying a medium severityCVSS score, perhaps becausethey know many vulnerability management programs are only capable of fixing CVSS critical vulnerabilities, never making it to the lower–ranking items on their to–do list. The 2016 Verizon Data Breach Investigations Report also points out that successful exploits from the previous year targeted a large number of vulnerabilities with CVEs assigned more than five years ago — presumably, that organizations never got around to fixing.

How Skybox is Improving Vulnerability Prioritization At the Skybox Research Lab, ourteam of analysts daily scour more than 30 security data sources and investigates more than 700,000 sites, including in the dark web. With this research, the Lab providesinsight to active and available exploits,

Source: Adopted from IBM X-Force/Analysis by Gartner Research (September 2016)

Source: 2016 Verizon Data Breach Investigations Report

vulnerabilities being packaged in ransomware, exploit kits and other tools in used by various attackers. The Research Lab has its own vulnerability catalog, which includes CVE vulnerabilities. But roughly 10 percent of this catalog also covers vulnerabilities with no CVE ID, including many on technologies in the IoT domain. This gives Skybox users a more complete scope of the vulnerabilities that could threaten their security. With the added intelligence of how vulnerabilities are being targeted in the wild, the Research Lab provides much needed context to improve prioritization in terms that put vulnerabilities posing an imminent threat at the top of your to–do list. By focusing on vulnerabilities with active or known exploits as well as vulnerabilities that are exposed in your network(no mitigating controls in place), organizations can more effectively use

existing resources to minimize the risk of a breach. However, this should be augmented with gradual risk reduction over time of the other vulnerabilities in the network, i.e. through mitigation or patching, which could turn into threats over time. While both CVE and CVSS provide relevant information to vulnerability management programs and technology, they fall far short in terms of context that’s vital to understanding which vulnerabilities pose the most risk to you. It’s time to start seeing CVE and CVSS data as pieces of a much larger puzzle, one that requires advanced intelligence, analysis and automation to put together to help secure the enterprise.

Resources Learn more about the Skybox threat–centric approach to vulnerability management. For More info visit Skybox or Whitepaper.

SME CHANNELS 23 SEPTEMBER 2017

COVER STORY

MANAGED

SECURITY SERVICES

IN A PARALLEL RACE WITH

CYBER

INTRUSIONS

24 SME CHANNELS SEPTEMBER 2017

COVER STORY

BY SANJAY MOHAPATRA sanjay@smechannels.com

he recent surge in volumes of targeted attacks, malwares and cyber security breaches has come as nightmare for organizations across the globe particularly with mission critical operations. And while the loses owing to these attacks number in billions, on the flipside they have also bolstered the growth of cyber security segment across the globe with an increasing number of enterprises now placing the security aspect on their priority list. ‘’According to Nasscom, the Indian IT industry is projected at a $350-400 billion by 2025. This growth will be driven primarily by the increasing digitization wave and smartphone penetration. With the recent ransomware attacks and other potential cyber threats, cyber security is one of the most demanding spaces in the IT,’’ says Kartik Shahani, Integrated Security Leader, IBM India & South Asia. IBM’s growth claim is reinforced by other industry voices like fortinet and InstaSafe which believe that a combination of complex enterprise networks and increased intensity of attacks is fueling the growth of managed cyber security services. ‘’Digital transformation from the IoT edge to the cloud is increasing the complexity of enterprise network, and expanding the potential attack surface, as the traditional perimeter further disappears in the next wave of distributed network segmentation and virtualization.Given this scenario organizations will look towards security services providers to meet the insatiable demand for cybersecurity,’’ opines Jitendra Ghughal, Director Channels, India & SAARC, Fortinet. On a similar note, Sandip Panda, CEO, Instasafe, opines,’’As with most other IT functions, companies in India are trying to outsource a whole gamut of IT services, as they see it as more cost-effective and efficient to use resources available with service providers rather than build these competencies in-house. Hence the opportunities for managed security services providers.’’

How Channel Partners Can Leverage This Opportunity

With India gearing up for digital transformation owing to ambitious initiatives like Digital India Programme, a parallel growth in the number of targeted attacks and vulnerabilities is inevitable which if not addressed can derail the country’s digital journey. The increasing cyber intrusions however are also fuelling the growth of manages security services, creating new revenue opportunities

The paradigm shift in the cyber security segment has concluded in a pool of both opportunities and challenges knocking the doors of channel partners. As networks get more complex and intrusions more sophisticated, meticulous trainings, retaining good talent coupled with the utilization of robust tools will prove to be shot in the arm for the partner industry in this space. ‘’Partners have a few challenges related to the dynamic shift and speed of change. They also need to make the right choice in terms of their business model and OEM’s. The go to market needs to be very carefully planned as the initial upfront investment in resources is a very high burn,’’says Sahani. Adding to the opinion of Mr Sahani, Jitendra Ghughal claims that high scalability and functionality standards will play pivotal role in increasing the business for channel partners. ‘’Today’s MSSPs need tools that are highly scalable, support multi-tenant environments, and provide robust, single-pane-of-glass management and orchestration. With hundreds of thousands of customer nodes under management, and billions of dollars of assets under their protection, the world’s top MSSPs hold their firewalls to extremely high standards for reliability, functionality, and flexibility,’’ said Ghughal. Also while implementation of comprehensive and regular training programs coupled with next generation tools will majorly contribute in the success of channel Partners, they also need to make the right choice in terms of their business model

SME CHANNELS 25 SEPTEMBER 2017

COVER STORY

‘’PARTNERS HAVE A FEW CHALLENGES RELATED TO THE DYNAMIC SHIFT AND SPEED OF CHANGE.” KARTIK SHAHANI, INTEGRATED SECURITY LEADER, IBM INDIA & SOUTH ASIA

and OEM’s. The go to market strategy needs to be carefully crafted as the initial upfront investment in resources is a very high burn. ‘’Time is changing. The customers are switching from hardware heavy solutions to zero hardware solutions. In that regard, by embracing the cloud, channel partners are able to get more profit, recurring revenue, less overhead cost and quicker delivery model,’’ adds Panda.

Services A Threat To Products? While there have been significant conversations about managed security services replacing the product market in near future many in the industry still believe that products and services will continue to co-exist in times to come. ‘’There is place for both products and services. Customers would like to own the product and manage/outsource the management of product. Owning the product allows a greater deal of customization to the requirements of an organiza-

26 SME CHANNELS SEPTEMBER 2017

tion,’’ adds Sahani. On the service front, businesses will increasingly eye for providers who furnish end to end solutions to their end to end demands of monitoring their ever-expanding networks and ecosystems that span traditional data centers, private clouds, public clouds, and hybrid environments. ‘’I expect that many product companies will deliver their technologies as a service. You saw companies like Microsoft and Google offer office productivity software as a service, for which they charge a subscription. The same model is now being offered and is seeing widespread adoption in security. Many companies including InstaSafe are offering security as a service,’’ says Panda.

Major Challenges Upfront Lack of awareness and qualified manpower continue to top the list of challenges upfront the cyber security space in India followed by highly customized demands as per industry veterans. ‘’Large enterprises and government agencies typical require dedicated analytics platforms to

‘’DIGITAL TRANSFORMATION FROM THE IOT EDGE TO THE CLOUD IS INCREASING THE COMPLEXITY OF ENTERPRISE NETWORK, AND EXPANDING THE POTENTIAL ATTACK.” JITENDRA GHUGHAL, DIRECTOR CHANNELS, INDIA & SAARC, FORTINET

process the huge volumes of data required to detect advanced threats, such as customized malware and insider threats.Mid-market companies, on the other hand, are primarily concerned with compliance and security against opportunistic attacks, along with a range of known and advanced threats that can be addressed via simple to intermediate controls,’’ says Ghughal. As one of the major hubs in terms of IT and business process outsourcing, it is essential for India to be seen as a reliable destination for globe’s data. It is the need of the hour for the country to tackle these growing challenges in the cyber security market. Adding another challenge to the list, InstaSafe states that a sheer difference between the Indian market as compared to rest of the globe is a major hurdle. ‘’One of the biggest challenges in the Indian market is that the requirements of the user are not the same as abroad. In India we are going through a simpler transition from laptops and desktops to mobile devices, unlike companies abroad that are making the shift through more complicated steps that included mainframes and multiple operating systems. So many of the foreign security products

COVER STORY

‘’LARGE ENTERPRISES ARE CAPABLE OF ADDRESSING THE SECURITY CONCERNS BECAUSE OF LARGE POOL OF RESOURCES AVAILABLE TO THEM, WHILE SMES ARE MOST PRONE TO CYBER INTRUSIONS” FAISAL KAUSA, GM, RESEARCH AND CONSULTING CYBERMEDIA RESEARCH

are an over-kill for our market,’’ adds Panda.

SMEs Most Vulnerable-Experts With digitization spreading its wings across the country, vulnerabilities to security breaches are at an all time high. While large corporates and businesses have adequate budget allotments and resources dedicated to tackle cyber threats, small and medium businesses owing to their lack of awareness and budget are on the radar of attackers.

‘’Large enterprises are capable of addressing the security concerns because of large pool of resources available to them, while SMEs are most prone to cyber intrusions,’’says Faisal Kausa, GM, Research and Consulting CyberMedia Research. Experts however also believe that with increased risks the demand for managed security services is poised to grow in India. ‘’With IT proliferating into everything the demand for a third party who ensures cyber safety of an organization is bound to surge,’’ adds Kausa.

‘’AS WITH MOST OTHER IT FUNCTIONS, COMPANIES IN INDIA ARE TRYING TO OUTSOURCE A WHOLE GAMUT OF IT SERVICES.’’ SANDIP PANDA, CEO, INSTASAFE, OPINES,

RDP ThinBook

India’s first

Intel 1.92 GHz Quad Core Processor

ultraslim laptop ₹

10.5 Hours Battery Backup

9,999/-

11.6” HD Display Screen

FREE

GST Ready

GST Software

Software

Billing and Accounting

also available in 14.1 inch

₹

12,999/-

available @

sales & support: 040 4816 1111 Amazon

FlipKart

Paytm

more details visit: www.rdp.in

1. The Base Frequency is 1.44 GHz and Burst Frequency is upto 1.92Ghz. 2. Taxes and handling charges are extra. Intel, Intel Atom, the Intel logo and the Intel Inside logo are trademarks of Intel Corporation in the U.S. and/or other countries. Windows is a registered trademark of Microsoft Corporation in the United States and other countries.

SME CHANNELS 27 SEPTEMBER 2017

SECURITY

HACKER’S CHOICE MANUFACTURERS Cyber attacks on manufacturing companies on the rise as attackers attempt to steal valuable intellectual property and information.

he manufacturing sector is now one of the most frequently hacked industries, second only to healthcare, a new report says. Healthcare, which has a wealth of exploitable information within electronic records, moved into the top spot in the rankings, replacing financial services, which dropped to third place in IBM X-Force Research’s new 2016 Cyber Security Intelligence Index. Manufacturing rose from third place in last year’s report, which offers a high-level overview of the major threats to IBM’s clients’ businesses worldwide over the past year. Manufacturing includes automotive, electronics, textile, and pharmaceutical companies. Automotive manufacturers were the top targeted manufacturing sub-industry, accounting for almost 30% of the total attacks against the manufacturing industry in 2015. Chemical manufacturers were the second-most targeted sub-industry in 2015, according to IBM. Many manufacturing companies are behind the curve in security because they have not been held to compliance standards like financial services has, with the Payment Card Industry Data Security Standards and The Gramm-Leach-Bliley Act, or in the case of the healthcare industry, with the Health Insurance Portability and Accountability Act, Lutgen says. “Because of that, they [manufacturers] tend to be a little laxer with security in terms of some other industry verticals.” As a result, there is a lack of adoption of key information security practices that have become standardized procedures across most industry verticals, Lutgen says. For example, only 33% of survey respondents indicated that their organizations were performing annual penetration testing within their IT groups. Manufacturers have unique security issues to deal with as they move toward increased automation. “[the topic of network security] is becoming

28 SME CHANNELS SEPTEMBER 2017

increasingly relevant in industrial plants. Factor in emerging trends in the business [such as bringyour-own-device (BYOD) and the Internet of Things (IoT)] and the touch points for potential security threats are increasing at exponential rates.” Aberdeen, “Ensuring the Security of Industrial Networks in an Insecure World” One of the better-known attacks to affect the industrial manufacturing sector in recent years was the Stuxnet computer worm, which was discovered in 2010. Stuxnet was designed to attack industrial programmable logic controllers, which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines. By exploiting zero-day vulnerabilities, the program aims at machines using the Microsoft Windows operating system and networks. The emerging IoT is drawing lots of attention these days, and it certainly presents potential security risks for manufacturers. With the IoT, an enormous number of corporate assets and end products will be linked via networks to provide a steady flow of data about where the objects are located and how they are being used, among other things. Many manufacturers are already creating IoT strategies or implementing related technologies, for applications such as remote asset tracking, fleet management, energy data management and heavy equipment performance monitoring. With IoT, manufacturers will not only be making and selling products, they will be offering lots of new services to provide customers with information about those products and how they’re being used. Companies will need to address challenges such as ensuring data privacy and security, to safeguard customer information as well as meet regulatory compliance requirements. That includes security networks as well as sensors and other

RAJEEV VERMA, CHIEF MANAGER - INFORMATION SECURITY, SRF LIMITED technologies used to track and monitor products and machines. “So there is a lot of work to do in the manufacturing industry to shore up their defenses for industrial control systems and corporate networks. - Brian Kuhn”

Defensive Strategies There is no better strategy than paying attention to information security. This might be seen as expenses rather than investment but we should understand there is a requirement to keep the data secure for a smooth and worry-free production. If we understand that we can correlate investing in information Security as a profitable deal. Sikich’s report clubbed with personal thoughts offers manufacturers some advice about how to mitigate threats: l Have a dedicated information Security Team lead by an information security leader. l Give space to information security team rather than more alignment towards production driven decisions. l Conduct an annual IT risk assessment to properly understand where threats are originating from. l Perform annual penetration tests to simulate the threat of someone trying to break into your organization’s network. l Conduct ongoing vulnerability scanning throughout the year to help the organization stay up-to-date with new threats. References: IBM, DarkReading.

MATRIX

CASE STUDY

MATRIX REVEALS SIX REASONS WHY UNIFIED COMMUNICATION SERVER IS TAILORED FOR THE DEFENSE SECTOR

atrix, an eminent manufacturer of Telecom and Security solutions, has a wide portfolio of solutions catering to the specific needs of different industries. Matrix’s latest offering Unified Communication Server finds its applications in the defense sector, banking, hospitals, hotels, retail chains, manufacturing units and more. In critical military operations, quick connectivity and enhanced collaboration are important. On fields, communication is not limited to voice and data but also involves a complex set of applications and tools required for efficient and convenient communications over a secured network. Matrix Unified Communication Server addresses many such concerns of defense professionals and offers benefits like:

l Improved Manageability: The IP at core architecture makes Unified Communication server a resilient and a scalable platform that can be configured or reconfigured easily from any device as required. New services can be added or removed easily without major efforts from the administration or the IT team. However, web based management ensures that communication continuity can be judged from the base itself and the need of deploying multiple support troops on field can be eliminated. l Enhanced Productivity: With multiple connectivity options such as Radios, Magneto Phones, Digital Key Phones, IP Extensions and Unified Clients for Android/iOS based smartphones and PC/Laptop, the solution

SAGARGOSALIA, SR. VP SALES AND MARKETING. offers flexibility to use any of the terminals for quick communications. The connectivity options are often used for different applications such as Chat, Instant Messaging, Presence Sharing and more to improve collaboration between the deployed forces. l Flexibility: Availing benefits of accessing multiple networks from the same platform allow field professionals to reach each other instantly during emergency situations. Connectivity of multiple networks from a single chassis offers benefits of compact footprints and improved reachability. l Scalability: In field forces, there are plenty of recruitments. Installing a new system for accommodating the professionals leads to increased investments. Matrix Unified Communication Servers are tailored for bridging communication gaps between 3,000 users. The users can be added or removed through an intuitive web based management server. l Continuous Communication: Matrix Unified Communication Servers are backed by two CPU and Power Supply cards to ensure break-free communication even when one of the managing units go down during field deployments. l Secured Communications: The communication platforms are designed using the latest TLS/SRTP security protocols. Support for Magneto telephones ensures that information

“WE ARE CONSTANTLY FUNCTIONAL IN DEVISING SOLUTIONS AND PRODUCTS THAT FIT THE COMMUNICATION NEEDS OF DIFFERENT INDUSTRIES. WITH MORE THAN 40% MANPOWER FOCUSED ON DESIGNING AND DELIVERING INDUSTRY SPECIFIC SOLUTIONS, MATRIX AIMS TO COME UP WITH MANY SUCH SOLUTIONS IMPROVING COMMUNICATION INFRASTRUCTURE AT DIFFERENT SECTORS,”

exchanged over the IP-PBX system is secured, which is one of the critical requirements of defense and paramilitary forces.

SME CHANNELS 29 SEPTEMBER 2017

COVER FEATURE

IBM: DRIVING PARTNERS TOWARDS

CLOUD & COGNITIVE JOURNEY

As the modern days businesses are changing with faster connect and faster decision making, IBM is pursuing its business partners to embrace its cloud and cognitive technologies to make the change happen. BY SANJAY MOHAPATRA sanjay@smechannels.com

oday, the entire industry is undergoing transformation. Time to take decision and closing deals are becoming faster. AI, Analytics, IOT and cloud computing are becoming core components of any organizational growth. Therefore organizations – small or big are moving from on - prem compute and storage to hybrid and public cloud platform. Therefore the need of the hour is that the technology leaders transform within and adapt to the change and enable their partners to change too. So IBM is undergoing transformation – pivoting from a hardware and software services company to a cognitive solutions and cloud platform company. With this transformation, the company has also changed the way it works with its business partners. Mukul Added, “IBM is working closely with start-ups, SMEs as well as business partners and helping them scale, innovate and come up with products which cater to different set of customer requirements. There has been a significant change in the channel landscape of IBM from being pure resellers of products to business partners and they are now taking different solution components and combining them together with services and expertise to provide end-to-end solution. We have 300 partners who work with us on SaaS solutions, onethird of were on boarded in the last six months and we have 300+ Silver, Gold and Platinum partners”

30 SME CHANNELS SEPTEMBER 2017

“IBM’s core set of partners who have been working for IBM have joined in the transformation journey that it has embarked upon. IBM launched The PartnerWorld University (PWU) which is a one-stop shop for skill development for IBM Business for solution areas including Cloud, Analytics, Cognitive Solutions, Mobile, Social, Security, Commerce, Watson, Think Academy, IT Infrastructure – Systems, Services, Financing, Watson Health, Watson Internet of Things (IoT), etc.,” maintained Mukul. Srikumar Kumar, Founder & CEO at Alpharithm Technologies, said, “What I like most about IBM is that it is a very partner friendly company. We are also working with competition platform for many years, but with IBM, our experience is much better. There are a lot of systems put in place which are matured as well and makes the life of the partners easy.” “Right from registering opportunities and nurturing those opportunities to helping in comarketing campaigns, and then once you close the deals, providing all sorts of incentives and rewards too – everything is in place. There is a good compensation scheme too and it is only being improving as there is a lot of focus from IBM for the partners,” he added. “In fact we have been assigned a dedicated partner manager for any support we need from the point of view of sales, technical and marketing point of view, who is always available.” Mamta Diwan, Vice-President, Sales and

Marketing, Trident, said, “We are Premier Level Partner of IBM with competencies in the area of deployment and optimization of IBM Watson IOT, DevOps, ALM, Testing, WebSphere, Security and Business Analytics. IBM is providing us latest technology and well tested solutions which in turn is helping our clients to meet their organizational and technical goals.” “40% of our business is into cloud, security and cognitive technology reselling and integration. We are expecting 50% growth in our IBM Business as we are doing a lot of value add on the IBM Products with the help of our experienced and dedicated team. This is helping our customers to get the best implementation and utilization of solutions,” he added. Ratnakar Kanchan, Co-Founder and Managing Director, Lauren said, “We have been associated with IBM since 1994. Over the years, we have transformed our go-to-market strategy and aligned it with the changing trends in information technology. IBM has been at the forefront of driving these innovations, be it analytics, digital experience, cloud or mobility. We are working together to bring innovative infrastructure and software solutions to end customers. They have played a huge role in driving digital transformation.” “We are a platinum level partner for IBM, specifically in the following segments - systems, analytics, collaboration solutions and digital experience suite. We are expecting at-least 15% growth

COVER FEATURE

MUKUL MATHUR, VP GLOBAL BUSINESS PARTNERS AND CSI, IBM INDIA/SOUTH ASIA.

VISWANATH RAMASWAMYM EXECUTIVE DIRECTOR - SYSTEMS FOR CLOUD & COGNITIVE (INDIA/ SOUTH ASIA), IBM INDIA PVT. LTD.

“IBM IS WORKING CLOSELY WITH START-UPS, SMES AS WELL AS BUSINESS PARTNERS AND HELPING THEM SCALE, INNOVATE AND COME UP WITH PRODUCTS WHICH CATER TO DIFFERENT SET OF CUSTOMERS.”

“IT IS NOT THE TRADITIONAL PARTNERS BUT THE ENTIRE ECOSYSTEM WILL BE WINING BUSINESS IN THE MARKET PLACE WITH THE INNOVATION FROM IBM.”

in IBM business,” she added. Viswanath Ramaswamym Executive Director - Systems for Cloud & Cognitive (India/South Asia), IBM India Pvt. Ltd., added, “What we have really done is that we have skilled the partners in the new areas of workloads – be it SAP HANA, AI, Analytics, Cognitive, etc.” So the result is that in addition to the boxes that they used to carry, they do have a different conversation now because of the additional skills that they are going through. Added Viswanath. “Plus, we are giving them a lot of rebate around newer technologies, new sales plays, new logos and new differentiated offerings. It is a mixed bag of all these, where we are helping the partners to enable and grow further.” Khalid Shaikh, AVP Sales, Element Blue, added, “For 15 years as an IBM Premier Software partner, Element Blue has helped create groundbreaking customer experience platforms and the analytics to support online business transformation. IBM’s support is very critical in our relationship for Enablement on new solutions through webinar, events, Lead generation and Brand marketing and Support during PreSales activity.” “We are expecting a 30% growth through our

focused engagement on smarter cities with Indian state government, Hybrid Cloud and Security solutions,” he added. From Systems to the cloud and cognitive technologies, IBM story is completely different now. The company is adapting to the changing workload of the new age business. Therefore, its partnerships are also getting evolved. When IBM looks at different areas that it is working on, there are different types of partners who will participate. At IBM, it has built a diverse ecosystem of business partners, including ISVs, System Integrators, and developers/start-ups. The System Integrators will be actually building the solutions, then there will be ISVs building domain specific applications which will leverage APIs, and start-ups or developers are actually looking at completely disruptive practices in the industry. IBM is working with all these set of partners across its ecosystem. Last but not the least, many of its traditional partners are building skills around cloud and getting into areas that surround the infrastructure such as security, which is creating a huge opportunity in the market today. IBM’s business partners are working across all the areas – be it data platform, cloud platform, cognitive, and security domains.

SRIKUMAR KUMAR, FOUNDER & CEO AT ALPHARITHM TECHNOLOGIES, SAID,

“WHAT I LIKE MOST ABOUT IBM IS THAT IT IS A VERY PARTNER FRIENDLY COMPANY. WE ARE ALSO WORKING WITH COMPETITION PLATFORM FOR MANY YEARS, BUT WITH IBM OUR EXPERIENCE IS MUCH BETTER.”

IBM is driving the digital transformation through a three-pronged strategy – 3E’s

Enriching– IBM traditionally had a very strong portfolio on the enterprise side which comprises of the systems business, the storage business, the transactional software business; to this IBM added many new solutions and capabilities on the Watson platform. For instance the Bluemix Cloud infrastructure gives its partners the option to look at software solutions either on the on-premise or the SaaS model. The company has several technology offerings that partners can use, like it announced blockchain technology or the security offerings that it has in its portfolio - so this is all about how it is continuing to enrich its offerings that partners can now take. Depending on the partners and their expertise, they combine these products as building blocks in their own unique fashion to offer value to their clients

Enablement – The partner community of IBM is very diverse. Some of the partners who came from traditional platforms are trying to transform into new solutions. IBM has these structured business transformational workshops SME CHANNELS 31 SEPTEMBER 2017

COVER FEATURE

KHALID SHAIKH, AVP SALES, ELEMENT BLUE

MAMTA DIWAN, VICE-PRESIDENT, SALES AND MARKETING, TRIDENT

RATNAKAR KANCHAN, COFOUNDER AND MANAGING DIRECTOR, LAUREN

“IBM’S SUPPORT IS VERY CRITICAL IN OUR RELATIONSHIP FOR ENABLEMENT ON NEW SOLUTIONS THROUGH WEBINAR, EVENTS, LEAD GENERATION AND BRAND MARKETING.”

“WE ARE EXPECTING 50% GROWTH IN OUR IBM BUSINESS AS WE ARE DOING A LOT OF VALUE ADD ON THE IBM PRODUCTS WITH THE HELP OF OUR EXPERIENCED AND DEDICATED TEAM.”

“IBM HAS BEEN AT THE FOREFRONT OF DRIVING THE INNOVATIONS - BE IT ANALYTICS, DIGITAL EXPERIENCE, CLOUD OR MOBILITY.”

that help partners look at different technology areas and co-work with them. In a matter of 1 month IBM has added 80+ partners on its SaaS portfolio. It has worked with close to 1000 – 1200 start-ups in India. Also, this year it has launched a completely new Partner World Program.

As per Mukul, even A lot of partners are helping IBM to reach us to the SMEs, which some of the bigger partners are unable to reach. India has a special positioning because of the developer and startup community. IBM is cognizant about it and has got a lot of programs for these communities. For example IBM offers free credits to the developers so that they can start developing in Bluemix. Of course they need to buy credits in case they are going for prototyping and POCs. Similarly, for the ISVs, the company is offering Sandbox platforms so that they can play around, plus, the company has a lot of technical support for them. From the products’ perspective, the portfolio has gone through a strong evolution too. Viswanath said, “Basically, There has been a transformation in last couple of years. We have got server line which are cloud ready right now. So the clients can unleash the Power Systems strength to build cloud on their on-premise. We have brought in a lot of new technology within the servers - specially to cater to the high-performance computing, data analytics, which are GPU - based servers, specially to cater to open source, big data analytics – be it Hadoop cluster, machine learning, artificial intelligence, etc. They run much better on these serv-

ers than on the commodity servers. There is of course, SAP Hana everywhere. So in terms of clients moving from SAP ECC to Hana is faster. So we have evolved and innovated within our technologies.” Similarly, on the software defined storage space, IBM has already set the pace. In addition to that IBM has a line of storage on all flash technology – right from low end model till the enterprise all flash arrays. And, therefore IBM is able to offer the clients the option of whether to go for flash storage or non-flash storage. Viswanath maintains, “It is not the traditional partners but the entire ecosystem will be wining business in the market place with the innovation from IBM.”

Engagement – There is a big thrust at IBM to help partners take its solutions to its customers. There are many modes and media through which it helps its partners go to the market. One very common medium is the digital. IBM helps partners run digital campaigns by using IBM assets. Globally, it has a marketplace where partners can put their solutions and organizes industry specific forums like Healthcare, financial services or Manufacturing where IBM invites its partners to present their solutions that they are developing and even our customers would be present. So there are a number of ways through which IBM is engaging and still exploring to find out what other ways can it expand this engagement module. With a lot of solutions in IBM portfolio today, the Big Blue is significantly expanding and reaching out to far many partners today – online as well as physical. But the difference is that the company is expanding to more solution oriented partners. 32 SME CHANNELS SEPTEMBER 2017

Finally… Mukul concludes, “So, we are looking at all the way from infrastructure to the business models to the management and security elements to the cognitive and delivering business outcomes pieces across. That is what the big change in IBM is. If you hear IBM’s CEO Ginni Romety, she talks about the future of IBM as the cognitive business solutions coming in and delivered over cloud and surrounded by security.”

SECURITY

GLOBAL CYBER ATTACK

In an increasingly digitized world, we are all becoming extremely vulnerable to misuse of personal, professional and even national security data and what needs to be done.

t is alarming yet not a surprise to see another mass scale ransomware attack just weeks after the havoc created by the Wannacry ransomware. To start with, the genesis of both these attacks appear similar. Both of them uses the Microsoft vulnerability called EternalBlue for which Microsoft had issued a patch. In both cases, they attacked institutional computer networks, which we unsecured – the NHS in UK and now the Ukrainian Government. However, there is a slight but important difference. Usually in case of ransomware attacks, the demand is made from users and the email for communication is unique to each user. In this case it is observed that there is a single email ID that had been provided to all the affected users for communication. This email ID was since suspended by provider. This alludes to the fact that either the hackers were amateurs or more dangerously this attack is not a ransomware and was not unleashed with the intention of merely extracting money, but to destruct important data. These new mutations of malware are increasingly getting more and more capable and complex in terms of the speed and reach. We are observing that the malwares are spreading automatically across interconnected networks more freely and with minimal or no human intervention. This, also is different from ransomware of earlier versions, which we more topical and pointed – say an individual hospital system. The free lowing nature of the current ransomware is particularly

MR. PRADIPTO CHAKRABARTY, REGIONAL DIRECTOR, COMPTIA INDIA scary since we have limited control or predictive mechanism to guess which networks will be affected next. As of now, the effects in India has been observed at the Jawaharlal Nehru Port Trust. This can be explained as one of the largest private enterprises to get effected is Maersk, the leading shipping and container corporation whose systems in all likely hood is interconnected with the networks of the JNPT. Having said that it is impossible to predict the next network where the “worm” will sneak in. Also, the Petya ransomware is more fluid than Wannacry as the latter was linear and had one way to move from network to network. Petya has the capability to evaluate multiple options and can use another option of attacking if one fails. It is indeed quite petrifying to imagine a situation is it infects the national service such as the Defense, Police, Financial Institutions and UIDAI. Considering this, it is clear that prevention is the best form of attack. It should be the responsibility of all computer and internet users – institutional as well as individuals to be aware of the threat and also be prepared for a future attack. Through CERT-IN (Computer Emergency Response Team of India) the Government must issue a “what to do” advisory on prevention tactics to enterprises and individuals. We observe that most of ransomware attacks use “end users” as entry point. The end user might be an individual or a user in an institutional environment. In most cases there is nothing that user can do as these types of ransomware are

“THESE NEW MUTATIONS OF MALWARE ARE INCREASINGLY GETTING MORE AND MORE CAPABLE AND COMPLEX IN TERMS OF THE SPEED AND REACH..” typically executed through “drive-by downloads” in which legitimate website and browsers are infected. Some of the key action points that can be followed are through basic IT housekeeping such as keeping antivirus software updated and having URL CHECKERS. Also it is recommended that individuals keep only those plug-in’s and add-on’s that are absolutely necessary and used regularly. Finally, it is high time that system administrators within enterprises and government agencies should have updated defensive security skills. Institutions and governments need strong cyber security and cyber-defense strategies. Cyberdefense capabilities, particularly, is an important mandate as hacking becomes extremely easy and pervasive and IT administrators should know how to “defend” their systems.

SME CHANNELS 33 SEPTEMBER 2017

SME CHAT

SCOTT MCCRADY, VICE PRESIDENT OF SALES, ASIA-PACIFIC AND JAPAN REGION, FOR SONICWALL

SECURE FIRST PARTNER PROGRAM, MORE PARTNERS HAVE SIGNED UP IN INDIA With rapid growth in the digitization, there is a growth in the adoption of cloud computing, which leads to the security challenges. SME Channels wanted to know from SonicWall strategy from Scott McCrady, Vice President of Sales, Asia-Pacific and Japan Region, for SonicWall. Excerpts

How do you differentiate SonicWall from other competitors? SonicWall has been fighting the cyber-criminal industry for over 25 years defending small, medium-size businesses and enterprises worldwide. SonicWall stands apart in the industry as an independent company focused 100 percent on cybersecurity and 100 percent on channels. Furthermore, our legacy of award-winning breach detection and prevention solutions coupled with the threat intelligence from SonicWall Capture Labs is unmatched by other cybersecurity vendors. Finally, we continually hear from the channel that our partner enablement offerings set us apart in our industry, including the SecureFirst Partner Program and SonicWall University, which we will talk more about shortly. What are the major trends that drive security concerns amongst organizations? Can you elaborate on the change in security perspective with these new trends? At SonicWall, we are continuously leveraging our cybersecurity intelligence to keep our partners well-informed on the rapidly evolving cyber arms race. One such effort is the SonicWall Annual Threat Report. Our report, which is a compilation of insight from more than one million sensors across the world, offers an in-depth look at the cybersecurity trends we’ve seen emerge throughout the year. This year, major trends included the explosive 167x growth of ransomware; the rise of email as a main delivery vector for ransomware,

34 SME CHANNELS SEPTEMBER 2017

either in the form of attachments or malicious embedded URLs; and the growing risks associated with SSL/TLS encryption. While the increased adoption of SSL/TLS encryption certainly makes strides in securing web traffic, it can also hide malware from detection by company firewalls.

gram provides predictable and stackable upfront discounts, as well as rich rebates based on each partner’s commitment and growth. This successful ‘reward for value’ approach drives predictability, productivity and profitability for our partner around the globe.

How is SonicWall geared up for business in India after spinning out from Dell Software Group? Since we launched our SecureFirst Partner Program, more partners have signed up in India than in any other region in APAC to date. Within one month of formally rolling out SecureFirst in Mumbai, New Delhi, Bengaluru and Chennai, hundreds of partners in India rushed to register for the program. We have also seen strong partner uptake and completion of accredited courses through SonicWall University, demonstrating the level of engagement and commitment elicited from our value-added program.

Give us some information on how the SonicWall portfolio is divided between SMBs and large enterprises? While the small to mid-market is a sweet spot for SonicWall, a number of enterprise customers leverage our network security solutions across branch and campus environments as well.

What are your unique initiatives for channel nourishment? How do you ensure partners’ profitability along with revenue growth? A key driver of channel nourishment centers around SonicWall University. As an online partner enablement platform, SonicWall University helps our SecureFirst channel partners stay ahead of cybersecurity risks by offering over 150 free training courses designed to quickly ramp partners to revenue. To drive profitability and growth for our partners, our SecureFirst Partner Pro-

Any plans of shoring up the channel partners? SonicWall enjoys unparalleled relationships and support from the global partner community who serve as trusted advisors to customers. In the face of constantly evolving threat vectors, such as the recent WannaCry and NotPetya attacks, SonicWall will continue to deliver on innovations to the partner community to strengthen those relationships. The SecureFirst Partner Program, which we launched for channel partners of all types, including resellers, integrators, managed security service providers and security consultants, has attracted more than 16,000 channel partners to date across more than 150 countries – and more than 4,300 of those partners are new to SonicWall. As an extension of the SecureFirst Partner Program, SonicWall University’s real-time online and role-based

SME CHAT

and more. Partners and customers have embraced the newly independent SonicWall, and our focus is on continuing to deliver. In the area of partner enablement, we remain committed to deliver education to partners that is based on the insights from our SonicWall Capture Labs research team. We’ve also made tremendous progress in terms of support. Since November 2016, SonicWall has reduced the average queue wait time by 80 percent and shortened the longest queue wait time by 60 percent. We remain committed to continuing to deliver quality support in 2017 and beyond. Delivering ongoing innovations in our portfolio is key as well. Backed by threat intelligence from SonicWall Capture Labs, we will continue investing in our real-time breach detection and prevention solutions to deliver the technology that organizations need to operate more effectively and fear less about security threats.

“TO DRIVE PROFITABILITY AND GROWTH FOR OUR PARTNERS, OUR SECUREFIRST PARTNER PROGRAM PROVIDES PREDICTABLE AND STACKABLE UPFRONT DISCOUNTS, AS WELL AS RICH REBATES BASED ON EACH PARTNER’S COMMITMENT AND GROWTH. “

curricula has provided more than 17,000 hours of training and administered more than 33,000 successful exams. The active engagement of our partners in our SecureFirst Partner Program and SonicWall University have exceeded our greatest expectations, and so we remain focused on continuing to move at a blistering place to deliver cutting-edge support and education to our partners. What are the focus areas for SonicWall in the year 2017 and beyond?

SonicWall has already exceeded the ambitious financial and operational metrics established for the business when we became an independent company in November 2016. We are seeing strong growth, thanks to the right leadership, the right channel partners, the right technology, and the right services so businesses can run more effectively and fear less. We are confident this is only the first chapter of SonicWall’s success story. The next chapter for SonicWall is all about execution. We are committed to executing on our partner enablement, executing on portfolio innovation, executing on support for customers,

Internet of Things devices were compromised on a massive scale due to poorly designed security features, opening the door for distributed denial-of-service attacks recently. What is your take on this? Internet of Things (IoT) devices are becoming more integrated into both our business and personal lives, making them an enticing attack vector for cyber criminals. SonicWall is tracking multiple factors driving IoT attacks. As IoT becomes increasingly widespread, IoT developers and manufacturers are rushing their IoT devices to market, often without fully baked security features in place. With security taking a backseat, cybercriminals can easily identify weaknesses in a device’s firmware and exploit it, as the manufacturer rarely has a team dedicated to updating and patching those issues or informing users they’ve been compromised. SonicWall Capture Labs observed vulnerabilities in all categories of IoT devices in 2016, including smart cameras, smart wearables, smart home, smart vehicle, smart entertainment and smart terminals. These security gaps in IoT devices enabled cyber thieves to launch the largest DDoS attacks in history during 2016. Attackers leveraged hundreds of thousands of IoT devices with weak telnet passwords to launch DDoS attacks using the Mirai botnet management framework. To prevent IoT devices from falling victim to a DDoS attack, it’s critical that they are behind a next-generation firewall which scans for IoTspecific malware like Mirai. It is also critical to segregate all IoT devices on a separate zone from the rest of the network in case the device becomes compromised.

SME CHANNELS 35 SEPTEMBER 2017

GUEST TALK

BRIDGING THE DIGITAL DIVIDE FOR ENTERPRISES Today, the large enterprises are seen to be the torch beaearer of digital transformation, therefore they are the early beneficiaries. But in order to achieve the larger objective of inclusive growth, the millions of SMEs to be influenced to do the same so that the growth of the country becomes faster.

lobally, as the businesses are evolving with changing consumer needs, digital technologies have brought in a paradigm shift in the way companies now operate. In the last decade or so, digital disruption has renewed competition, placed innovation at the center of all business strategy, and opened-up newer markets for businesses to tap into. Besides mobile, cloud and Big Data, a gamut of new-age digital tools such as M2M, Internet of Things (IOT), Artificial Intelligence (AI) and Analytics are set to be the next set of agility drivers for businesses. These will help in collaborative innovation, continual governance, consolidate data systems and upgrade billing and charging. As the largest emerging economy, India has embraced the digital revolution admirably. While large-scale businesses and conglomerates across sectors have been the bellwether of digital transformation in the country, the SMEs (small and medium enterprises) which are an important contributor to the GDP are now aggressively pivoting towards digital adoption. The fact that SMEs in India show a 14 percent year-on-year rise in Information and Communication Technology (ICT) expenditures underscores their seriousness toward digitization as they have realized that being digitally enabled helps them in increasing their efficieny , adding value to their customers requirements and also leads to overall exponential growth in business . SMEs are now going digital to bridge the gap with large corporations and operate with them on a level-playing field. Today, IT companies are helping SMEs to transform digitally, thereby aiding their path to achieving double digit profits. Some of the traditional homegrown businesses for example, in Kerala, some of the biggest jewellery

36 SME CHANNELS SEPTEMBER 2017

business houses, most of which began as small businesses have effectively deployed ICT solutions that have helped them expand their presence, and tap into the vast customer-base across the country. A unique example of digital transformation enabling growth of a Small enterprise is that of the Shimla-based BPO firm 31 Parallel, which deployed end-to-end ICT requirement to expand operations. With products such as - Internet Leased Line (ILL) for unhindered and dedicated internet connectivity; Primary Rate Interface (PRI) lines for voice service; Toll Free Services; and Voice over Internet Protocol (VoIP) services, they are seeing a tremendous growth and now are poised to compete with bigger players in their sector. Not just business firms even sectors like Education is now transforming itself on the brink of digital technology Schools are adopting and adapting to tools like LBS (Location Based Tracking ) which provides a safety feature for their students. For instance, Delhi Public School (DPS) Karnal employed the LBS technology to locate school buses in real-time, and an intuitive portal to improve safety, accountability, and system eﬃciency of their mobile ﬂeet. Monitoring the school bus position while in transit, it comprises a feature called ‘Parent Alert’ that helps Parents to track the location of the bus, and informs them as to when it is reaching their respective pick-up or drop points.

Barriers to ICT adoption Though SMEs are open to the idea of going digital, their usage and access to quality and latest technology solutions is limited. As per a recent KPMG Report, a staggering 63 percent of them still function offline, using traditional methods

MR. VISHAL BHAT, HEAD - SME OPERATIONS- NORTH, TATA DOCOMO BUSINESS SERVICES

and legacy tools. Several barriers force them to put their digital transformation plans on hold. Major hurdles include financial access leading to budgetary constraints and inadequate personnel. SMEs run on small budgets compared to large organisations, thereby making it difficult for them to invest money in digitisation. Moreover, this also makes it difficult for them to hire employees with good IT acumen or those who can help in system maintenance or failure. Adopting ICT solutions in such a scenario becomes a risky task.

Overcoming challenges These barriers, however, can be addressed with smart and perceptive decisions. SMEs must look at deploying highly scalable and reliable connectivity solutions. Generally, the degree and complexity of the ICT requirement for each of SME differs depending on the nature of their business. So, make sure to adopt only those end-to-end ICT solutions which will help achieve operational efficiency, reduce cost, provide seamless connectivity, improve productivity, and improve customer experience. This way the business will be able to compete with any large organisation and would have the capabilities to offer quality services to its customers. Clearly then, access to ICT solutions will have a significant impact both at home and on the global turf. SMEs should buckle up and embrace the digital renaissance for a promising performance and a positive future that will ensure their viability in the coming times.

NETGEAR

SME CHAT

MARTHESH NAGENDRA, COUNTRY MANAGER, NETGEAR, INDIA & SAARC

NETGEAR HOME ROUTERS CAN ENRICH USER EPERIENCE With the growth in the Wi-Fi devices at home and people moving into the work from home culture, there is a huge need of quality routing solution and Netgear’s newly launched wireless routers R6080 and R6120 are surely going to enhance the experience. Here is what Marthesh Nagendra, Country Manager, NETGEAR, India & SAARC speaks about these two products. Excerpts.

What is the opportunity in the home market for wireless device? Internet penetration is being powered by Tier 2 and Tier 3 cities, where the connection speeds are also limited. We see a huge potential in these markets and would be targeting the 1st time internet user with the newly released models R6080 and R6120. How do you see the Indian IT Channel business shaping up in 2017? From the channel stand point, we are seeing a tremendous amount of fragmentation of channel. The same client is being serviced by very boutique and niche customers. This is primarily going up because of the outcome based conversations that the enterprises are seeking nowadays. Enterprises are willing to take on the multiplicity of partners, provided the outcome that each of these partners are offering are differentiated. In an enterprise which was primarily serviced 70% by a single partner, we now see a definite shift. Multiple partner types are getting involved with the same client. We find different consumption models as well. Sometimes its capex, sometimes

opex, sometimes it is cloud. So we are witnessing the consumption model shift as well. When you see growth in the Wi-Fi routers, 4G routers offer equal opportunity too? so are these routers ready with 4 G routing also? No, these routers are meant for Broadband connections and they do not have sim slots. What are the best features of these new dual band routers? And, how are these better than the ones available in the market from the competition? The best features are that these routers support Netgear Genie which makes getting the most out of your home network fun & easy. NETGEAR genie allows you to easily monitor, connect & control your home network from an iPhone®, iPad® or Android® devices. With NETGEAR genie you can share & stream music or videos, diagnose & repair network issues, set up parental controls & more. These routers deliver simplicity and reliability. The new products are launched keeping these values in mind.

“WE EXPECT THESE ROUTERS TO DRIVE THE NEW INTERNET USERS MARKET, COMING IN FROM T2 AND T3 CITIES.”

Why do you think it can be of maximum use of the home users? Like I said, we expect these routers to drive the new internet users market, coming in from T2 and T3 cities. These routers are created to work effectively at homes, with 6-8 devices that connect to the internet. It’s a perfect combination of what you need is what you get. From when these products would be available and space of availability in the market? These products will be available with our partner Amazon.in, before Diwali. How are these priced and what is the warranty? The price points are INR 2700 for R6080 and INR 3200 for R6120. The warranty will be 2 years.

SME CHANNELS 37 SEPTEMBER 2017

SECURITY

BUILDING SECURITY FRAMEWORK FOR ENTERPRISE Major Milestones of Building a Security Framework for any Enterprise is Risk Assessment, Risk Analysis, Risk Treatment & Compliance.

he initial baseline assessment is an abbreviated version of a more fullblown “Risk or security assessment/ analysis.” The assessment is only as good as the honesty and knowledge of the people who answer the questions and the experience and knowledge of the persons interpreting the answers. For example, just because an Organization has policies, does not mean that the policies are being followed or even enforced. It is still necessary to assess at a more detailed level by testing a policy to see if people are in compliance with it. After the report is complete, an Organization must deal with the number one issue to a successful security program: Management commitment .Each organization will find the level of Management commitment very different. It may be easy to get the needed buy-in because of an incident causing financial loss, or it may be difficult because Management does not understand all the risks, as the baseline report points out. Presenting them in a Business context will help management understand. In either case, be prepared by understanding management’s business expectations and use the sample questions as indicated in Annexure 1 to educate management to the security concerns. Until security matters as much to management as the bottom line, the users will not make security policies, guidelines and procedures a priority. As the security program grows, it will be equally important to have management’s buy-in throughout all levels of the organization – from executives to line managers. Annexure 1: Baseline assessment of company security status. 1.Are company policies defined to address busi-

38 SME CHANNELS SEPTEMBER 2017

ness use of company resources, covering such things as explicit and appropriate e-mail privacy or Internet usage policy? Are they enforced consistently, if at all? 2. Are the company’s operating systems up-to-date with the most current security patches to prevent exposure to known hacking vulnerabilities? Do you know which vulnerabilities can be exploited to access your system? 3. Is your company able to detect a computer crime, and can you gather evidence that can prove to the court, media, or stockholders how the crime was perpetrated and who committed the crime? 4. Does your company allow remote access from home or wireless? Are employees working only from the corporate office? What methods do employees use to access the network? Have they created any methods you are not aware of, such as remote control or modems on a desktop? 5. What is sent across the company network? Do the transmissions include vital or confidential information? 6. Is there a definition of “incident”? Has an incident response plan been created to handle critical incidents? Does management want to have ability to criminally prosecute on incidents, making it necessary for evidence to stand up in the legal system? 7. Are all users authenticated and authorized to use the company network? 8. Are all of the entry points into the company known and documented? Does that include the ones that exist because of technology, such as modems, personal Internet connections, extranet connectivity, and any others? Security will be cast in the same light as insurance. Security,like insurance, minimizes what one has at risk. A company spends money to have security, because it is not willing to accept the risk

associated with all of the vulnerabilities that put the business at risk. Security does not increase business profitability unless a company can show that its security provides an advantage over its competition. For most companies, security does not generate revenue. It is a cost of doing business. Security will be viewed as an expense , but must be seen as necessary cost of doing business. With the huge dependency today on data, it is no longer an issue of whether a company can afford to provide security measures, but whether the company can afford not to. Next step is budget to back the efforts of the security program, which includes appropriate salaries to hire security professionals or the necessary security consultants who can assist in continuing management education, technology evaluation, procuring tools , forming policies & procedures and can help to complete the building of the security infrastructure. The budget should be provided for a team that will coordinate & implement a successful Security project. The team will build the corporate security framework or plan and present it to management for continued commitment and potential additional budget needs. A security awareness program begins to take shape at this point, simply to keep management informed of security architecture and funding needs. This communication could be formal or informal. Making it more formal will make the process of keeping management informed , consistent and timely. The security awareness program is key milestone for building a robust Security Framework & is required through out the security programs lifecycle, regardless of whether the process is made formal or not. The security aware-

SECURITY

tion development, servers, or the network. The simple assessment can help identify basic best practices that are missing but, as a matter of due diligence, should be followed. This gives the plan a place to start without needing the more complex formal or enterprise wide assessment first. In such a situation, the more formal complete enterprise wide risk assessment can be prioritized for a later date.

LAW AND ORDER: POLICIES, PROCEDURES, STANDARDS, AND GUIDELINES

SUDIPTA BISWAS, VICE PRESIDENT & CISO, PRIME INFOSERV LLP

ness program may find it necessary to illustrate examples to management of recent incidents and legislation or regulations to help understand the importance and justify continued budgetary and administrative support for security. The plan should include prioritization of activities to build the perfect security Programme. Depending on the organization, it may be necessary to use formal assessment to help prioritize actions, build support (management commitment using the security awareness program), or to identify additions or changes to the framework. Enterprise wide risk assessments can be very labor intensive. It is very important to set expectations and a goal for the assessment. This can be difficult, especially if no other assessments have ever been done. However it is extremely essential to strike a balance between Risk Assessment and business need for Risk treatment / mitigation. It may so happen that Management may like to accept some of the risks considering its impact on their Business. There is a common saying in Security Parlance “ How much is too much “. Assessments come in many forms: from the formal enterprise wide assessment that covers the entire corporation and its processing environ-

ment to smaller targeted assessments of selected platforms. For example, penetration tests or vulnerability scans can be performed against the company’s external access points to find exposures to unauthorized entry. Another example might be an analysis of host operating systems to determine their status and whether they are missing security patches or are improperly configured. A formal corporate risk assessment could arguably be identified as the Number one requirement to build a security program. How can a company identify what needs to be done, where the framework is incomplete, what to prioritize, what is missing from policy, essentially what to tell management, without one? It is true that each element in the infrastructure and the risks that pertain to them will affect other elements, and each risk will in turn affect how the complete framework should be managed. However, many companies do not have the luxury of time, money, or commitment to get into an enterprise wide risk assessment. Smaller targeted assessments with a specific goal in mind can be pursued first to get a security process off the ground. Smaller, less formal assessments can identify gaps in basic security components such as applica-

Every world needs some form of law and order. Corporate security policy provides the backbone, the roadmap or recipe for this Security Framework. It defines where a company is and where it wants to go. It establishes baselines to which business processing must adhere to. The baselines are the prescribed security controls specified for each component (hardware/software) in the data processing environment in order to achieve a reasonable and consistent level of security throughout the organization. Guidelines are documented in such places as the Common Criteria, Policy and procedures are living documents that change constantly as technology evolves or as business needs change. There are differing layers of policy. The higherlevel policy should be reasonably generic and cover such items as “It is the policy of Company X that all computer systems will maintain virus scanning tools with up-to-date virus signatures.” This is a management statement of direction. At a lower level are more technical statements or standards that spell out the specific virus scanning software on which the company has standardized. This is the company virus scanning standard. Procedures are the step-by-step actions to support policy and will identify the specifics of how to maintain the virus signatures or use the standard virus tool. These lower-level policies must be maintained and must evolve, always having the support of management and company commitment for consistent enforcement. Higher-level policy is less likely to change but, nonetheless, must be regularly reviewed and even tested to see if it is still applicable to the organization’s business model. Policy, just like program code, should have version control, with old versions archived for future reference, management review, and authorizations (sign-off) for implementation. These are the essential components of basic change management. Compliance : Compliance play a Vital Role in maintaining security framework. Availabilty of robust Security Policies ,Procedures & Guidelines does not ensure they are being followed to prevent any security pit fall. Even

SME CHANNELS 39 SEPTEMBER 2017

SECURITY

THE PERFECT SECURITY WORLD:

ments should be ensured to avoid breaches of any criminal and civil law, statutory, regulatory or contractual obligations and of any security requirements. Hence the design, operation, use and management of information systems may be subject to statutory, regulatory and contractual security requirements. Critical success factors Experience shows that the following factors are often critical to the successful implementation of information security within an organization: 1) Security policy, objectives and activities that reflect business objectives; 2) Visible support and commitment from Management; 3) A good understanding of the security requirements, risk assessment and risk management; 4) Distribution of guidance on information security policy , procedure and standards to all employees and contractors; 5) Providing appropriate Training and Education 6) A comprehensive and balanced system of measurement to evaluate performance in information security management and feedback suggestions for improvement.

SUMMARY Learn from the mistakes of others. You will not live long enough to make all of them yourself. One needs to learn from past mistakes. Not patching or performing maintenance on hardware and software leaves them vulnerable to the same unauthorized access. Known vulnerabilities are a primary cause of unauthorized access and jeopardize the stability of the processing environment. There are eight layers of vulnerability. These layers fit neatly into physical, technical, and administrative layers. Detail vulnerabilities can be found in each layers of the OSI Reference Model: physical, data link,network, transport, session, presentation, and application, plus the toughest to control layer of vulnerability, the user, who is probably the greatest exposure. Creating a perfect security environment requires attention to all of the layers that make up a business-processing model. Each layer can introduce unique vulnerabilities. The complete solution is not just about technology. Administration, Management, Policies and process are all important parts of the security solution. Understanding the overall security process can help build a comprehensive security framework. It will have managementâ&#x20AC;&#x2122;s commitment, an adequate budget, and a roadmap called policy with a security awareness program that educates, communicates, and ties everything together by providing feedback to the User as well as management to keep the cycle of security flowing.

availability of best of the breed Security Tools & solutions does not mean that they have been configured properly , patched and maintained at regular interval. Hence Information systems should be regularly checked for compliance with security implementation standards. Technical compliance checking involves the examination of operational systems to ensure that hardware and software controls have been correctly implemented. This type of compliance

40 SME CHANNELS SEPTEMBER 2017

checking requires specialist technical personnel & should be performed manually supported by appropriate software tools, if necessary. Compliance checking , for example, Penetration testing which should be carried out by independent experts specifically trained for this purpose. This can be useful in detecting vulnerabilities in the system and for checking how effective the controls are in preventing unauthorized access due to these vulnerabilities. Compliance with legal require-

REVIEW

PRODUCT

MATRIX 2MP IP BULLET CAMERA

DIGISOL GEPON ONU ROUTER, SUPPORTING 1.25GBPS SPEED

Matrix 2MP IP Bullet camera is specially designed to give superior image quality even at lower illumination. Matrix 2MP Camera has back illuminated sensors which provide excellent image quality even when there is negligible light in the background. It has true

BY MANAS RANJAN info@smechannels.com

WDR, which gives consistent image without any glare at variable exposure levels.

DIGISOL GEPON ONU ROUTER WITH 1 PON and 1 Giga Port is designed for fulfilling FTTH ultrabroadband access required of home and SOHO users. It supports NAT/firewall and so on functions. It is based on the stable and mature GEPON technology, which has high performance/price ratio, and the technology of Layer 3 Ethernet switch as well. It is highly reliable and easy to maintain, with guaranteed QoS and fully compliant to IEEE 802.3ah EPON standards. With increasing network services such as HDTV, IPTV, Voice-over-IP (VoIP) and multimedia broadband applications, the demand of broadband communication has grown quickly, Passive optical Network (PON) is the most promising NGN (Next Generation Networking) technology to meet the needs. As compared to other broadband access technologies such as xDSL and cable modem. Passive Optical Network (PON) technology offers competitive advantages including a long-term life expectancy of the fiber infrastructure, lower operating costs through the reduction of active components, support of up to 20km long distance between equipment nodes and most importantly offer of much greater bandwith.

FEATURES

It supports SD Card storage up to 128GB. It

n SC single-mode/single fiber,

offers Superior Image Quality with EXMOR

symmetric 1.25 Gbps

Technology. This is a SONYâ&#x20AC;&#x2122;s patent technol-

n Plug and play

ogy with back illuminated sensor, which

n Features auto-detecting

reproduces colored image at light as low as

n Auto-configuration

0.08lux. With True WDR feature, the camera

n Auto firmware upgrade n Integrated OAM remote configu-

ration and maintenance function. n Support rich QinQ VLAN func-

tions and IGMP Snooping multi-cast features.

will capture two sample images and smartly varies its exposure time, thus, rectifying the overexposed and underexposed areas in the scene giving more informative and clear image. Consequently, True WDR gives consistent image without any glare at variable

PRICE

exposure levels.

Rs. 2700/-,

The camera uses Latest Video Compression

WARRANTY 1 Year

CONTACT DIGISOL Systems Ltd. Smartlink House, Plot No. 5, Bandra Kurla Complex Road, Santa Cruz (E)

Technique for low bandwidth and storage. With Adaptive Streaming, the camera records at a low bitrate, hence, makes the bandwidth consumption very low.

n Price: On Request, Warranty: : On Request, Contact: http://www.matrixcomsec.com/contact-us.html

SME CHANNELS 41 SEPTEMBER 2017

PRODUCT

ZYXEL

WD GOLD

WD 12TB WD GOLD HARD DRIVES WD GOLD HARD DRIVE INCLUDES A 12TB capacity model is designed to address demanding Big Data workloads. The new high-capacity hard drives provide for increased storage density in a range of enterprise and cloud storage applications. Whether data comes in the form of confidential consumer data, healthcare records or business intelligence, WD Gold hard drives provide a no-compromise storage solution that modern day IT managers need. The WD Gold hard drives are designed to store users’ most precious data. Designed for heavy-workload, high-vibration server environments, the new drives have a reliability rating (2.5 million hours MTBF) that is among the highest in WD’s hard drive portfolio. The drives utilize Western Digital’s 4th generation HelioSeal technology, which seals helium in the drive to help provide exceptional capacity, reliability and power efficiency. n Price: On Request, Warranty: On Request, Contact: https:// www.wdc.com

ZYXEL EASY-TO-USE CLOUD STORAGE SOLUTION ZYXEL’S EASY-TO- ZYXEL PERSONAL CLOUD STORAGE SOLUTION is capable of up to 32TB of data storage accessible from anywhere with mobile gadgets. Zyxel’s solution is also the industry first to allow personal cloud space powered by one device to be shared with multiple users. Mobile gadget users today are no stranger to low-storage alerts. They often pop up at inopportune times, right in the middle of snapping a photo or recording a video. Zyxel Personal Cloud is a new storage solution integrated with the myZyxelcloud platform and the Zyxel Drive mobile App. It is designed to succeed physical hard drives and further equip users with the mobility and convenience to access and utilize data. The solution is powered by a connected storage system, known as Network Attached Storage (NAS), which houses hard drives and connects them to the Internet. The NAS digital warehouse can be accessed directly from mobile devices with the Zyxel Drive App. Registering an account on the myZyxelcloud portal will pave the way between the NAS and the App and enable users to manage, edit and share the data directly through their phones and tablets. . n Price: On Request, Warranty: On Request, Contact: http:// www.zyxel.com/in/en/homepage.shtml

LENOVO

LENOVO YOGA 720 WITH UP TO 7TH GEN INTEL® CORE™ I7 PROCESSOR, THE LENOVO YOGA 720 PACKS STYLE, performance and convenience for multi-taskers who seek high productivity and lightning-fast responsiveness. With a sleek finish and aluminum design and weighing only 1.25kgs at 0.75” (19 mm), the Yoga 720 is a perfect companion for a dynamic lifestyle. The Lenovo Yoga 520 is another stylish addition to the Yoga line-up with up to 128G PCIe SSD + 1TB SATA HDD hybrid storage. This convertible one comes with cutting-edge NVIDIA graphics, FHD screen and a fingerprint reader. It comes with an immersive audio experience with JBL Speakers and Dolby Audio Premium. The optional Lenovo Active Pen provides a natural, intuitive pen experience with pin-point accuracy, palm-rejection technology and pressure sensitivity. Consumers can now get creative with the Windows Inking feature to either sketch portraits, write notes or share on-the-go.

42 SME CHANNELS SEPTEMBER 2017

n Price: INR 74,500/-, Warranty: On request, Contact: Lenovo Exclusive store at http://buyalenovo.com or shop online at https://www.shoplenovo.co.in/

RNI NO: DEL ENG/ 2010/ 31962 Postal Reg. No.: DL-SW-1/4145/16-18 Licensed to Post without pre-payment U(SW)/19/2017-18

Date of Publication: 13 of Every Month Date of Posting: 15 & 16 of Every Month