Data security with regard to IT companies is not just restricted to office premises but also outside, what with travel becoming a regular feature and working from home being encouraged in a major way.
Especially because this means that there is likely to be a greater use of gizmos like laptops and personal digital assistants that can carry office information and facilitate work on the move as well.
B Ashok, senior vice-president (IT services), Cisco Systems - India and SAARC, says, "People who work from home on their laptops or computer systems have a greater threat with regard to security breaches because they work in a public network. Therefore installing virtual private network to ensure data security is indispensable," he adds.
A VPN is a network where all data paths are kept open only to a limited group of people like employees of a company.
According to him, companies are spending more on data security and prevention today. "But people are getting smarter and although you can reduce the threat through the use of data security measures, you cannot mitigate the risk totally," he adds.
He, however, says there is no major issue with regard to the use of mobile phones due to the restricted display size that it has. "You may be able to access your mails over the phone but using worksheets is still not possible. So at present there is no major threat with regard to the use of mobile phones," he adds.
Cisco is a major player in Firewalls, VPNs, intrusion prevention and detection systems but does not have any data security technology for mobile phones at present. Ashok, however, says that in future if the need arises, they will start working on it, "as phones are likely to replace laptops in future."
Says C R Nagaraj, senior vice-president - quality at Satyam Computer Services Limited, "From the beginning, Satyam has been doing risk assessment at asset level. This means, ensuring the vulnerability of each system, router, phones, etc is assessed and then the control mechanisms are implemented accordingly."
"We also restrict the use of floppies and CDs in the premises so that the employees are unable to take sensitive data outside. Besides, there are mail-box restrictions too, which means that there is a limit to the size of mails that can be sent from a system," he adds. This means, that ultimately people using smart phones, can only access office mails via the phones, which may not be a threat to the company. However, Nagaraj, however, adds that, "nothing can be taken for granted."
Satyam is BS7799 certified and is looking at getting its sites in Vienna, Cleveland, Melbourne, Shanghai and Singapore, certified for security standards as well.
According to Chetan Mallik, communication service analyst (Knowledge Management Services) at Deloitte Consulting India Private Limited, the company implements data security internally, through various measures including ID cards and restricting the use of personal laptops in office.
"We place digital stickers on the laptops at the time of entry and check it at the time of exit so that people who are otherwise not allowed to get their laptops in, do not do so," he adds.
However, he adds that security breaches cannot be avoided because of rapid changes in technology. "We, therefore, have an Ethics and Compliance Programme wherein all employees are preached on the importance of maintaining ethical standards in the organisation," he adds.