The Customer:
Being a top HR consulting firm, our customer specializes in various domains including employee lifecycle management, payroll management, and income tax and finance. The company uses the Software-as-a-Service (SAAS) platform to make these services available to their customers. They were the first company in India to facilitate e-filings of Income Tax returns back in the year 2002; and they were instrumental in providing online, semi-online and offline services to companies and individuals for IT and finance related matters.
The Challenge:
With a growing number of businesses tapping into the online space, numerous IT service providers who focus on cloud-based services have come up. These services are highly beneficial to corporate and other industries, as they enable employees to get access to efficient software systems to optimize their tasks, at affordable costs.
Our HR consulting customer has been a pioneer of sorts in this domain. They offer cloud-based solutions for many a critical tasks that demand a foolproof security in the network. Our client was wary of the security of their cloud, and was looking out for ways to enhance it. The customer knew that clouds are vulnerable to malicious attacks like malware, thereby resulting in data loss, injection, buffer overflow, denial of service and session hijacking. Therefore, the client wanted us to secure their system and implement state-of-the-art practices to ensure maximum security over the cloud.
The Solution:
We devised an Information Security Program and led the customer towards following the best practices in IT, that could ensure safety for them and their customers. As a first and a most essential step, we examined their system and blotted the areas where the cloud was the easiest to attack and intrude into. We performed a gamut of penetration tests based on the OWASP Top 10 criteria, to check the ease with which the cloud could be penetrated. This was later followed by the resolution on existing issues, after which, we repeated all our tests to remove any possible loopholes.
To successfully accomplish the project, we went the extra mile by assigning dedicated Information Security Officers to the customer. Our trained software professionals worked closely with the client and formulated a calendar of essential activities. The project came to a successful completion with our team implementing IT best practices that were in sync, not just with the client, but also with their the end customers.
The Results:
We devised an Information Security Program and led the customer towards following the best practices in IT, that could ensure safety for them and their customers. As a first and a most essential step, we examined their system and blotted the areas where the cloud was the easiest to attack and intrude into. We performed a gamut of penetration tests based on the OWASP Top 10 criteria, to check the ease with which the cloud could be penetrated. This was later followed by the resolution on existing issues, after which, we repeated all our tests to remove any possible loopholes.
To successfully accomplish the project, we went the extra mile by assigning dedicated Information Security Officers to the customer. Our trained software professionals worked closely with the client and formulated a calendar of essential activities. The project came to a successful completion with our team implementing IT best practices that were in sync, not just with the client, but also with their the end customers.