Data Security is about managing risks and about coping with evolving needs, strategizing effectively for optimal efficiency. The recent coronavirus pandemic resulted in massive changes in how people worked, and to ensure business continuity, there was a need to embed security considerations while ensuring digital resilience to maintain the pace of innovation and for the decentralized nature of working.
Navitas Life Sciences leveraged its vast investment in the right technology and expertise to put together cybersecurity and digitization initiatives to strengthen its operations, during the pandemic and beyond.
We had an in-depth discussion with Mr. S. Maharajan, Associate Vice President - IT Infrastructure, Navitas Life Sciences, who helmed the digital transformation at Navitas Life Sciences, ensuring cybersecurity and business continuity, even during uncertain times. Here is an excerpt of the interview that highlights the strategic initiatives that were undertaken.
Tell us about your professional background?
I am a pragmatic IT Professional with over 25 years of experience in IT Infrastructure Operation, Information Security Management, Service Delivery Management & Application life cycle management in SAP, MS Dynamics CRM, ERP, Primavera, Oracle HFM, SAS & O365 Apps.
I have handled a medium-sized functional & technical team, and have a well-earned reputation for strong work ethics, approachability, and consistent commitment to team leadership and innovation.
The past 2 years have seen a lot of changes in how people worked across the world. There was a lot of strategizing that you had to do to ensure that employees worked seamlessly. Can you tell us some of the challenges that you faced and how you overcame those?
In a business environment, threats or uncertainties are obstacles that require new solutions to meet customer demands. During the past 2 years, multiple organizations went through a lot of changes & business disruption due to unprepared business continuity.
Mr. S. Maharajan
Associate Vice President - IT Infrastructure
Navitas Life Sciences
At Navitas Life Sciences, we were well prepared and the efforts that we put in are still fresh in my mind. It was on 16th March 2020, we had a regular BCP preparedness session with some of our leadership team at noon. During the discussion, one of the leaders shared that they had an increase in workload due to lockdowns in China. At that moment, we immediately assessed the readiness of BCP, in preparedness for any lockdowns in India. We moved rapidly to acquire additional Laptops, Internet dongles and decentralized our team to support global activity. Exactly one week later, India announced lockdowns, and our Managing Director and Vice Chairman, Mr. Srinivasan H.R. addressed all employees on 26th March 2020 at 3:00 pm IST apprising everyone about the unprecedented pandemic situation. Our proactive efforts aided in being optimally prepared when the situation warranted it.
Since most of our workloads were already moved to cloud and SaaS based operations & around 60% of users were already equipped to work remotely anytime, while the rest of them were provided with Laptops and Internet dongles before lockdown mediated restrictions were put into place.
There was a quick turnaround from employees as they shifted to working remotely.
There was great appreciation from client partners regarding our deliverables
There were a few challenges that we had to overcome during this period by mobilizing the assets, ensuring data security in home-based Internet, and dealing with laptop power issues, low internet bandwidth, and lower Audio/ Video quality during virtual conference calls.
What is it that you and your team are most proud of having accomplished during the pandemic?
I am very proud of my team and how they rose up and adapted to the new support model. They understood the users’ requirements and facilitated a smooth transition to new employee onboarding from their place.
Due to work from home as a new normal, our team has successfully implemented 6 tools to address information security measures in users’ devices and in Global network. This is the highest number of global tools implementation in a single calendar year (6).
This is a great achievement and the best part is, the same team was involved in regular IT support and global tools implementation.
What type of work culture do you think will continue? Work from the office, work from home, or hybrid?
After the mass exodus to home offices during the COVID-19 pandemic, the current situation presents us with an opportunity to redefine the future of work whether it is full work from home or Hybrid office option. However, it is a challenge to predict one at this moment because an organization’s work culture requires both happiness and continued productivity of employees. Going with policies by other companies as well, we have considered 2 phases, short term(2 years) would be the hybrid office model and the long term would be based on how Business leaders drive the hybrid office by increasing productivity and employee happiness and satisfaction.
How and what type of change in work culture have you advocated at Navitas Life Sciences?
In Navitas Life Sciences, we should create a positive work culture that is suited for a hybrid work model. I am sure technology will continue to play a critical role in transitioning to a hybrid work model
What are the systems in place for data security and data integrity?
Our platform flavors are predominately into Microsoft Office 365 and Amazon Cloud computing. Data security and Data integrity are an integral part of our flavors, we implemented DLP (Data leak prevention System), ATP (Advanced Threat Protection System for E-mail and Endpoint) and CASB (Cloud Access security broker for data integrity), and MFA (multi-factor Authentication for Endpoint and Office 365 Apps) and Real-time Vulnerability assessment on Public hosted servers & Apps. Microsoft provided the tool to assess our security postures and rated them at 89% from their security scorecard.
What training sessions are provided for new recruits?
We covered the basic training on Information Security Management system ( ISMS), IT Policy & IT Helpdesk Support process along with we have informed new joiners to visit “Navigator - All staff sites” to leverage the self-learning portal on O365 Apps and Information Security.
What are the measures in place to avoid ransomware and phishing?
We conduct the Information security awareness week (ISAW) on the 3rd week of Aug every year. We run campaigns on Anti-Phishing Email communication, Simulation Phishing email test, and Do’s and Don’t to all users globally.
We Implemented the Crowdstrike Falcon platform to all end-user devices and server environments. This platform has been purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks — including malware and Ransomware.
We provided a couple of Cybersecurity Awareness sessions to business users to understand the different types of Ransomware attacks and share the importance of the users' behavior on Phishing and Unsolicited Emails.
What makes Navitas Life Sciences a ‘secure’ workplace, in terms of cybersecurity?
Awareness… Awareness…. More Awareness…! Today’s sophisticated attackers are going “beyond malware” to breach organisations, increasingly relying on exploits, zero days, and hard-to-detect methods such as credential theft and tools that are already part of the victim’s environment or operating system, such as PowerShell.
At Navitas Life Sciences, we take proactive steps to ensure cybersecurity.
You recently won an award, can you tell us more about it?
I won the IDC Industry Innovation Award ( IDCIIA) 2021 from IDC ( International Data corporation- subsidiary of International Data Group (IDG)) in the category of “Innovation in Operation” for the implementation of “automation in end to end IT operation by using O365 platform ( power automate, power-bi & SharePoint Online,) integration with open source tools ( Navitas Asset tracking system, E-Signature and Wazhu SIEM tool).
You spoke recently at the 7th International CIO Awards and Symposium 2022. Can you tell us more about the experience?
The topics that I covered in this symposium are “ From Secure to Trusted: The Role of Security Transformation in Digital-First Enterprise “ and “Security Strategies for a Work-from-Anywhere World”
There were panelists from different industries like banking, manufacturing, insurance and pharma to discuss the importance of Data Security for any digital transformation during this pandemic and the best security strategies that worked well during work from anywhere.
There were a lot of insights shared on the importance of Information security across different work culture and how it was adopted & there were also key takeaways from success stories that were shared.