http://hclte.ch/If33g9 - More on IT Infrastructure Management http://www.hcltech.com/ - More on HCL Technologies As enterprises continue to unleash the power of the latest technology and technology trends such as ubiquitous data access, technology as a service, next-generation work force, social media and IT consumerization, they are opening up their networks to new vulnerabilities and attacks; with maximum threats coming from the Web. Dealing with these newly-founded threats demands a paradigm shift in the security strategy; enterprises need to evolve their security defenses and radically change the way IT is managed and secured. Enterprises’ highly constrained security budgets can be constraint though. Leveraging HCL’s Security Transformation and System Integration Services, organizations can achieve high level of security and strike the perfect balance between security expertise and service innovation for the business' benefit. HCL helps the organizations in the transformation process to plan, design and implement a proactive, enterprise-wide security strategy that aligns with their overall business objectives. HCL Security Consultants has successfully turned customer’s business and technical requirements into a best product solution for a large number of cases for different security technologies.

1. Security Transformation and
System Integration Services
HCL Information Security Practice

2. Why Security Transformation and
System Integration Services
?
Today organizations are facing multiple challenges like increasing competition, regulatory measures, globalization, making their survival
more difficult. Before evolution of Internet, antivirus used to be the only defense mechanism that used to be considered as most critical
and floppy disks used to be most dangerous. As Internet made the technology available at the finger tips, antivirus is no more sufficient.
Now day’s attackers may not be interested in infecting machine & impacting its performance but may be more interested in stealing the
information which can be million dollar worth. Systems can be compromised in multiple ways:
§ USB stick causing some infection
An
§Some removable media such as CD/DVD which has some malicious content
§Through the means of file shares
§Gaining remote control by exploiting some weakness/vulnerability in the system
§Sniffing traffic flowing to/from specific server
§Compromising some clients which are considered as trusted sources having full access to the server under consideration
§Social engineering techniques - getting information directly or indirectly through administrative users
Thus now days the security solution has to ensure that it is covering all the areas stated above. No single layer of security is enough to
survive various types of attack. So, you need to add as much layers of security as available and as easily possible & most importantly
aligned to organization’s security risk.
Our Approach
HCL helps the organizations in the transformation process to plan, design and implement a proactive, enterprise-wide security strategy
that aligns with their overall business objectives. HCL Security Consultants has successfully turned customer’s business and technical
requirements into a best product solution for a large number of cases for different security technologies. HCL follows the basic principle of
security while designing the solution architecture, ensuring it to be simple enough to be managed effectively and difficult enough to be
broken. With the perfect blend of knowledge and experience, HCL’s Transformation and System Integration team ensures that the
customer gets the expected functionality in the best possible manner.
HCL has a dedicated team of System Integrators & Project Management professionals who have a combined experience of more than
500+ man years in supervising the entire project throughout its lifecycle. HCL adopts a phased approach covering the entire security life-
cycle, which begins with Design & Engineering and ends with Acceptance Testing & Sign-off, thus creating successful track history of
delivering all kinds of projects within time frames.
Solution Design Project Product Evaluation Sustenance Service
& Integration Management & Testing
ŸDevice Management
ŸSolution design & ŸProject planning ŸBusiness requirement ŸPeriodic maintenance
implementation ŸProject management assessment ŸUpgrade & update
ŸSolution Integration with ŸThird party vendor ŸTechnology evaluation ŸConfiguration
other components coordination ŸVendor evaluation management
ŸTechnical refresh ŸOEM coordination ŸProduct mapping ŸProblem management
ŸMigration service ŸM&A planning and ŸSolution specification ŸChange management
ŸCaptive setup design execution mapping ŸVendor management
Ÿ design and
DC ŸProject governance ŸProduct UAT ŸOn-site facility
implementation and management
management
Security Professional Services Portfolio

3. Gartner has recognized HCL for its strong partner eco-system. Our partner eco-system consists of leading vendors and OEM’s of
Information Security solutions & products and we have a long history of working with each one of them, understanding their technology
roadmap in pace with the latest industry trends. We also understand our customer’s challenges and design solutions with our eco-system
partners to offer strategic, operational or financial benefit to our customers.
Partner
Ecosystem
Industry
Product Roadmaps Developments
Technology
Technology Trends Customer Experiences
Learning's
HCL Center of Excellence
Proof of Concept Lab Technology Evaluation Product Evaluation
Customer Benefits
Customer
Requirements Strategic Operational Financial
HCL Transformation & SI Services Deliverables
& Value Commitments
The key differentiator in the engagement approach is HCL works with the customer as their partner in their business aligned Information
Security program and not just as the reseller or an external service provider.
? architecture &
Secure Multi-Tier firewall
? Quick and effective address of
?
framework design business needs
Network/host IDS/IPS
?
Partial List of Security Technology
? and setup solution
Design Involvement of industry
?
? filtering for mail &
Content
controls to meet any experts and SMEs
web
System Integration Services
compliance requirement
? delivery of project
Timely
(PCI, ISO 27001, DPA etc.) Data Leakage Prevention
?
commitments every time
Value Commitments
Solution at end point or
Technology evaluation and
?
Network Value delivery ensuring
?
selection
highest effectiveness for the
Encryption of Data at Rest -
?
? re-architecture to
Solution customers
hard disk & storage
address merger, de-merger
encryption Assurance of higher ROSI
?
Technical refresh program for
?
Anti-Phishing/Malware
? Safe guarding business
?
existing setup to replace EOL
requirements and interests of
and out of support ? Access VPN solution
Remote
customers
components - Client based/Clientless
? scalable and
Reliable,
? technology
Ongoing Policy Compliance &
?
resilient solution framework
management and Enforcement - NAC
to meet any industry
maintenance
End Point Security Solutions
? requirement
? up and migration to
Setting
? Authentication
Strong ? neutral approach
Vendor
an integrated management
framework (SOC) ? & Incident
Security
Management & Correlation
Centralized Log Management
?

4. Case in Discussion
The Case Study discusses the HCL’s capabilities for transforming/migrating the present state of architecture to a world class and agile
Service Oriented Architecture of one of our international client in the Insurance industry having its Presence in more than 100 offices
in 35 countries.
Business Challenges Scope of Operations Results / Benefits
§In-appropriate security §Data centre services §Fully unitized based pricing
management including gaps § user computing and devices
End model
in event auditing and §Server-based application hosting & §Delivered SLAs for Infra from
operational security Client applications (on end user Day 1 with no SLO Period
management devices and thin-client) §Delivered Transition & BAU
§ proper root cause
No §Wide Area Network, remote access (Business as usual) in parallel
analysis to prevent the solutions, connectivity to 3rd §Transition completed in 6
reoccurrence of the issues parties including management of months
§Lack of flexibility and existing Data (WAN) §More than 70% work done from
emergency support from the contracts/services offshore
current vendor §Financial and Service Management § to End Security Services
End
§Risk of unauthorized access for 3rd party support contracts Redesign & Deployment of
and sharing of credentials including the M2 printer contract security components within
removes accountability in §Business continuity and disaster timeframe of 3 months
the event of an incident recovery planning & testing
§Little understanding of the §Software licence management and
compliance required to Hardware procurement/disposal
manage the environment in
line with standards and
policies
§Increased complexity of
migration/ transformation
due to the acquisitions made
by the client
For more details on HCL Security Transformation and System Integration Services
and to have our representative on call, please write to InfraPMGSecurity@hcl.com