VMwareCIOCrowdChat

VMware India CIO CrowdChat
Join India's top technology leaders at the VMware CIO CrowdChat for an engaging discussion on "Enterprise Resiliency Roadmap to Driving Business Continuity Remotely."
VMware India
On to the third question:


https://www.crowdchat.net/s/15z6w

(edited)

https://www.crowdchat.net/s/15z6w

Ashish Khanna
(1/2) Cloud is going to play a very large aspect of IT design considerations. Organizations that were using cloud-based offerings had to struggle least to provision, scale, and provide access during the current CoVID situation.
Ashish Khanna
(2/2) On-premise data centers have had their own piece of challenges, especially around management and replenishments in the current scenarios.
Rishi Rajpal
Cloud providers will see a huge spike in their consumption from India and all over the world, especially in Cloud Workstations, cloud-native Security Apps (EDR) & Cloud Servers - this will further grow as large cloud providers have built an eco-system that cannot be ignored
Sanjay Chandiramani
(1/3) Cloud adoption for IT Core infrastructure End-user services and Collaboration tools have seen a significant jump in usage with #remoteworking becoming the “new normal".
Sanjay Chandiramani
(2/3) Announcement of lockdowns & seized boundaries across various geographies gave little control to IT resources for accessing On-Premise Data centers physically or make arrangements for additional physical hardware from OEM.
Sanjay Chandiramani
(3/3) There was a sudden paradigm shift to Cloud services as these were easily accessible and available on demand.
Mohit Arora
(1/3) Current global events have proved beyond a doubt that enterprises must work with a robust and comprehensive digital business continuity plan to ensure productivity and seamless business functioning even in times of disruption.
R Srinivas, CISM, CGEIT
With #remoteworking becoming new normal, cloud adoption is going to increase as far as security is concerned. #Cloud will play an important role in security in enabling secure access to the DC as well as cloud platforms e.g. #ZeroTrust network and MFAs.
Surendra S
(1/3) We put cloud first and 95% of our applications are on cloud and supported by platform economy.
Mohit Arora
(2/3) And to be truly effective, any such business continuity platform must place hybrid clouds at their very center. Hybrid clouds offer unmatched scalability and elasticity that can accommodate sudden uptick in usage, or requirement to extend the business continuity platform.
Nityanand Phatarphod
Cloud is the way to go & it is a good model of adopting new technology. But everyone does not have the same definition of cloud.
Surendra S
(2/3) Cloud enables organisations to be completely browser based to make a difference and deliver an effective response. .
Surendra S
(3/3) The emphasis on cloud has enabled easy scalability and connect people to support a work-from-home policy.
Mohit Arora
(3/3)With hybrid clouds, organizations can rapidly scale up their infrastructure supply chain to handle urgent demands in a matter of a few hours across multiple regions.
Nityanand Phatarphod
We start with the on-prem cloud in which we virtualize the environment across an organization & make it convenient for end-users to access the resources.
Nityanand Phatarphod
In the current lockdown period, getting physical access to a Data Centre is difficult. Most of the Data Centres have inbuilt redundancy, where the failures can be sustained.
Nityanand Phatarphod
Every Data Centre has a Building Management System, which can also be monitored from the remote site. But still, you can’t do 100% without manpower - any unforeseen incident may require human intervention.
Nityanand Phatarphod
When it comes to Public cloud - where you are deploying everything on the third-party infrastructure & there is very little impact on the supply chain on new hardware, the most important aspect is the connectivity
Nityanand Phatarphod
System Security, in my opinion, is one of the major concerns when it comes to public cloud since it is a shared security model
Mohit Arora
Enterprises are deploying the new work from home solutions directly on AWS and Azure
Mohit Arora
VMware’s hybrid cloud solution is unique. We have partnered with multiple cloud vendors such as Microsoft, Oracle, AWS, Google, Alibaba, etc and can therefore offer greater choice and flexibility to our customers
Amarinder Singh
Yes Sanjay Chandiramani; announcement of lockdowns & seized boundaries had a direct bearing on new hardware availability, accessing On-prem data centers physically. Going forward organization will factor Remote Work and Remote Access to almost everything; as a new normal.
VMware India
Moving on to the seventh question:


https://www.crowdchat.net/s/65zc5
https://www.crowdchat.net/s/65zc5

Ashish Khanna
(1/2) Yes, more and more applications are available off the #cloud. While it has brought in a lot of efficiency and agility; it has also created more challenges for enterprise security.
Ashish Khanna
(2/2) Topping the chart is Data security piece as employee can consume these apps on any non-managed devices and ensuring data security is the biggest nightmare in such scenario.
Rishi Rajpal
(1/2) One of the major reasons to move to #Cloud is scalability. As there were issues of hardware delivery across the world, scaling on-prem was just not possible. Security needs to move with data. If data is on the cloud, security should move seamlessly.
Rishi Rajpal
(2/2) Large cloud providers offer security features out of the box and third-party integrations, so it is an a la carte menu. We need to choose the right fit for the organization based on the risk appetite.
Sanjay Chandiramani
(1/3) To give Business users more flexibility in selecting various applications, devices, etc. the security challenges for these Hybrid services have to be looked at an enterprise level.
Nityanand Phatarphod
In my opinion not much of an impact currently. Once you have taken a decision to go on a hybrid model it is important that you understand the security aspects first and then implement the hybrid model. A prior thorough evaluation is a must.@VMwareIN
Sanjay Chandiramani
(2/3) The global business delivery model handling complex mix of Hybrid deployments needs significant re-design/re-structuring addressing origination/input of Data spread across hybrid environments to secured Output/Business outcome.
Surendra S
Cloud has now become mainstream and most of the enterprises have almost embraced multi-cloud strategy to be agile. Security across platforms is top priority for all enterprises.
Sanjay Chandiramani
(3/3) Ease of technology availability and adoption in hybrid environments, needs to be aligned with Enterprise ease of Security controls, known risks and ring-fenced business processes.
R Srinivas, CISM, CGEIT
Some #security strategies’ challenges in hybrid model are:
1. Application Visibility & control
2. Prevent known & unknown threats
3. Extend security to remote users & devices
4. Centrally manage for policy consistency
5. Automate deployment & policy updates
Mohit Arora
A large portion of the workforce accessing enterprise applications remotely from multitude of devices is a cyber criminal’s dream come true. Older “bolted on” security measures are incapable of mapping an evolving threat landscape or even adequately protecting endpoints
Devadatta Chandgadkar
(1/4) If organizations have solutions on SaaS as well as on-prem model, there will be duplication of efforts.
Devadatta Chandgadkar
(2/4) In the case of small banks, where we are providing our services, while banks have core Banking solutions on SaaS basis, other non-critical applications are on-prem models such as HR module and Email Solution.
Devadatta Chandgadkar
(3/4) If these On-prem solutions are shifted to the Data Centre, there will not be duplication of security resources. Moreover, small banks will not be equipped to monitor the logs of the firewall.
Nityanand Phatarphod
There are multiple consultants that provide consultancy & support. But the answer is don’t deploy what they say, deploy what you want.
Devadatta Chandgadkar
(4/4) Hybrid model by large banks is followed by having Core Banking from the Cloud Data Centre and non-critical applications from on-premises with adequate skilled resources to take care of monitoring of security solutions and or firewall, etc.
Mohit Arora
Remote working platforms must ensure cloud native endpoint security measures that can secure work from all devices. The security measures must be accessible anywhere by security operations teams and must guarantee greater visibility into endpoint security even in case its remote
Amarinder Singh
Thanks Srinivas for sharing the checklist for #security strategies in hybrid model.
Amarinder Singh
Loving this point from Mr. Nityanand Phatarphod. Don’t deploy what they say; rather deploy what you want.
Amarinder Singh
Thanks Mr. Devadatta Chandgadkar for giving us a good view on adoption of relevant technologies within India Banks; touching upon Data Centers, Cloud and Security.
VMware India
Next up - the fifth question:


https://www.crowdchat.net/s/25zae

(edited)

https://www.crowdchat.net/s/25zae

Ashish Khanna
(1/2) A large number of organizations are still not ready to manage the endpoint oriented #cybercrimes. This gap can not only be plugged by tools itself, but a combination of people, process, and technology as the weakest link can cripple the whole setup.
Daman Sood
clear answers in 'no'.
Ashish Khanna
(2/2) There is a major shift in awareness in the last 2 years and organizations have started taking #cybersecurity threats very seriously and in many cases part of a board room subject.
Rishi Rajpal
(1/3) Endpoints are the biggest risk to an organization as a single infected workstation today has the capability to bring down the entire network. There are technologies available to detect & prevent attacks arising out of vulnerable endpoints.
Rishi Rajpal
(2/3) Visibility, visibility, visibility. Can’t stress enough on this topic. If you can’t see - you can’t manage.
Rishi Rajpal
(3/3) So, it's really important to have complete visibility of your network so that even if you are attacked you can stop lateral movement & kill the chain.
Sanjay Chandiramani
(1/4) Containing and protecting organizational and client data has been prime importance for all CIO/CISO’s and ever-changing business demands keep security controls and tools evolving too.
Sanjay Chandiramani
(2/4) With WFH/Remote working enabled for all users, risks due to cyber-crime has increased with movement of people from Controlled on Premise facilities to Open Unsecured internets at home.
R Srinivas, CISM, CGEIT
Yes, most organizations have some tools to manage vulnerable endpoints, the challenges are is it monitored on a continuous basis, evaluating, and managing the risks and being updated to the latest trends.
Sanjay Chandiramani
(3/4) All aspects of security - Endpoint Security Services & Tools, Alerts & Monitoring had to be re-aligned with additional policies to monitor and control. Most of the organizations could work this around with little tweaks in the tools deployed.
Daman Sood
and we the people are the weakest link in the chain.
Sanjay Chandiramani
(4/4) However, significant changes in a working environment from people, processes, technology deployment have to be looked at.
Daman Sood
and we have less control on people when they are working from home.
Surendra S
We must deploy stringent end point controls such as Hard disk encryption, Patch updates, latest Antivirus updates, PC Firewall, Protection against access to untrusted sites, workstation privilege management, Multi factor authentication for access, etc
Nityanand Phatarphod
Yes, I don’t have any doubt as this is the requirement of the day for protection and compliance.
Mohit Arora
Security can not be an after thought.. It has to be a part of any architecture that we build
Nityanand Phatarphod
Your policy and preparation are not limited to tackling an attack. It is equally important how soon you get back to normal, up & running. Let the attack not spread and let the downtime outage be minimize.
R Srinivas, CISM, CGEIT
(1/3) CISOs will transition in people's minds to enablers, key consultants in mandating the security elements.
Devadatta Chandgadkar
(1/2) For banks of large size where branches are connected to the owned Data Centres of these banks, adequate measures are in place. For Banks that are using cloud data centres, the responsibility is with the Cloud Providers.
Devadatta Chandgadkar
(2/2) In our company, we have been providing Core Banking solutions to small coop banks on SaaS basis. For this, we have kept our servers on the premises of CtrlS- fourth generation data Centre having redundancy in every aspect.