Back to our Cocoons'!

It is a long weekend in most parts of India, and we are all back into our Cocoons again.
Just like a silk worm we keep weaving away cocoons which finally will get destroyed.
We believe we have the finest security barriers to our digital assets, but alas every day is a new beginning.
We forget about the last attack Heartbleed which seems like it has been overcome, little do we even ponder the outcome of poor design and its outcome on the end users.
Almost everyone's privacy has been compromised, some .organizations put up a banner proudly stating that they were not affected by Heartbleed.

Maybe next time around it may be Terminal disruption of the digital eco-system, companies who do not get back to their cocoons will be prepared for the next attack and survive to tell the story.
Those who gloat that they were not attacked and become complacent and get back into their cocoons  are doomed to be put down next time, though many may miraculously survive.  Miracles do happen in a digital world !
What do you want to do, do you want to spin a secure cocoon and keep at it and protect yourself, or do you want to gloat on the fact you were not affected this time around and rest in your cocoon?

Is your organization ready for the Digital World driven by Social Media?

In the old days the only professionals who suffered from Ulcer were those who worked in the fast paced real time market of Trading stocks, currency, commodities and more. They had to think on their feet and made or lost millions based on their ability to respond to information and act on it immediately.
With the advent of Digital World driven by Social Media in Real time organizations need to get Digital Traders onto the floor who can respond in real time to delight customers and protect your organization from Demise.
Can organizations be shaken  from their slumber to respond in real time to social media and infuse the speed required to be on top of your customers needs and suggestions?  The way forward is not throwing in more people with attributes of Traders (and candidates for Ulcer)  but to use technology driven real time analytic solutions to keep listen and respond on the Digital Highway.

 Organizations need business value from traffic in the Digital World!

This means if your organization having a presence in the Digital World driven by Social Media  is not enough! the organization  needs to invest on real time analytic tools which can help them to respond and sieve the good grains from the chaff in the real time traffic of social media.
Organizations who get this strategy right and make investments in the right people and analytic tools have a clear advantage of surviving, while those who don't will go extinct like the dinosaurs.
Are your ready to take on the  Digital World driven by Social Media?

Can  Indian Banks do a Flipkart to Digital Banking Experience

Indian Banks struggle to find a toehold in the digital space with reluctance by customers to  accept internet banking, mobile banking and tablet banking. Every bank tries to get the Indian customer on the digital highway but with mixed results, some  have tried using social media with mixed results. What keeps Indian Bank customers away from adopting and converting to Digital Banking?

The answer for this problem faced by Indian Bankers may lie with Flipkart who has  conquered the digital space for ecommerce in India, they have succeeded in every digital medium they have chosen and have successfully changed perceptions on how to ride the digital highway in India.

Here are some key figures from socialbakers.com the respected portal for social media engagement analytic.

The graph below shows the consistent growth of Flipkart month after month in social media.

Here are the growth of Flipkart fans per day, per week and by month, impressive figures again from socialbakers.com.

And below are the distribution of fans of Flipkart with 95% from India 2.5 million strong, more than the population of many countries in the world.

So what makes the juggernaut Flipkart a success story, the first and most important is the customer intimacy, at every step they are with the customer and keep reminding them of what they can buy, to share and rate their customer experienc. They pamper their customers in  their digital interaction.

They deliver as promised, ahead of time, their packing is easy to open and if you order for gift wrapping it is awesome. If there are any breakages they give you a replacement without a fuss. These are customer service levels unheard of in India.

There couriers are courteous, they let you know at what date and time they will deliver and they do it as promised. Again no nail biting suspense for the date and time of delivery.

The customer experience shows in the growth of their social media presence which is the best measure of success in digital experience.

Indian Banks can learn from Flipkart, can they shower the same customer intimacy to the customer of the bank using digital tools, deliver prompt and courteous customer service? Learn to cross sell from Flipkart and also the art of reminding the customer to buy something they searched for in the internet. 

Can Indian Bankers change their stripes and become a customer focused bank rather than an intimidating monolith.  Maybe it is time for Indian Banks to transform customer experience in digital banking by learning from Flipkart. Are Indian Banks Listening ? Are Indian Banks ready for the Leap of Faith into the digital Highway?

Audit Logs the Important Sauce for a Secure Organization

In a recent audit I found that audit logs were not being archived, the team was puzzled on why I was insistence on audit logs. 
Here are my thoughts on the importance of enabling the Audit logs for the various targets in your digital ecosystem, we need the audit logs for your servers, end point devices, applications, databases, network devices, security  tools in your digital ecosystem.
Many administrators disable the audit log since because they do not understand that the audit log is one of simplest & effective tools available to keep your environment safe.

The audit log tracks every action undertaken in your digital ecosystem by users and unwelcome visitors (read potential hackers), the audit log records the duration of time that an user was logged in, which files were opened, what was changed and if required even the keyboard activity.

To run a secure organization we need to constantly assess our vulnerability and the audit log is the key to  collecting data in the digital environment to be able to constantly monitor and proactively defend.

Audit Log is used to automatically track every action undertaken by users on a network. It can record what time a user logged on, which files they opened, what they changed and even which key strokes they used.

It can be used as proof if an employee is not using the system as they are supposed to.

 The Audit Log is Like a Rear View Mirror –  You need to know what is behind you! 

It is also very handy for a team to understand how a problem happened by accident - after all people make mistakes but it is great to know how it happened and what needs to be done to fix the problem and to avoid making the same mistake again. Audit logs (in our experience) can be a very useful to gain an insight of what is really happening in your digital ecosystem. 

If you are a large enterprise you could merge your logs and use analytic tools to get a granular view of what is happening in your network, devices and applications.  This could help your company in strengthening its defenses and also optimize on usage of resources.

Flying in a single formation - An Unified Blog Site

Over the years I have created a number of  blog sites to address cyber security, banking, cloud computing, financial exchanges, cloud security, new technology and more.
I have now brought all these blogs under one umbrella and have all my earlier  blog posts available here for your convenience.
Do continue reading and sharing your thoughts on my blog spots, this has been possible because of  your support and encouragement, Thank you.

Regards
LS Subramanian

Securing your organization by use of Psychometric Testing

Most companies use psychometric testing today as a tool to recruit the right person with the right skills and attitude for the job. The tools used for psychometric testing are reliable, mostly computerized, secure and it is generally not possible to fiddle with them to get a job.

The test results are systematically scored against well researched and authenticated models to make sure there is a fool proof testing and assessment. 

The psychometric tools available today balance the questions against each other to ensure that the interpretation is accurate in assessing the test takers psychological attributes and personality. 

The most popular method is to use two type of questions, the first type measures the candidates characteristics relative to each other while the second type measures the candidates profile in the given business. 

In the light of maturity in psychometric assessment the time has come for organizations to also access the candidates attitude to information security of the organization. Psychometric testing must be able to assess the candidates attitude to integrity, loyalty and honesty by adding this to the existing questionnaire.

This approach will ensure in the long term that Business stop a Snowden from entering the organization and thus ensure continuity of compliance, ethics and integrity in their organization.

Identify the fault lines before they bring your organization to a standstill!

The employee has been the weakest link in the security of the organization and psychometric testing gives the organization the chance to be proactive in stopping unwanted rogue employees from entering the organization and proving to be a threat to the business.

It is time organizations started administering psychometric testing to evaluate the integrity, honesty and ethics of the employees in its organizations and this must include all existing employees and also new recruits.

Psychometric testing has been successfully used in Latin America to lend to the poorest of the poor for establishing a credit score based on the borrowers psychological profile to access the intent to return the money borrowed. The success of this has been encouraging and can the details can be found in various micro-finance journals. 

In an ungrateful and dangerous world psychometric  testing for information security will ensure that your organization is secure and your colleagues have been rated by a standard psychological evaluation about their integrity.