Telecom service providers today are mostly large enterprises with operations at a massive scale that have mammoth-sized client data and critical infrastructure. This can be a tempting target for financially motivated hackers. Perfectly equipped to address the aforementioned challenges is Mumbai headquartered ARCON under the guidance of Anil Bhandari. He explains how the company devised a comprehensive suite of Enterprise Information Risk Control Solutions designed to predict, protect and prevent.
Below are excerpts of a conversation with Anil Bhandari, Chief Mentor, ARCON.
In the last decade, several telecommunications companies have continually evolved and adapted to the ever-changing communications landscape with a combination of technology and modern systems leaving distinct vulnerabilities and challenges. Being an information technology company, what specific engagements does ARCON render to companies in the telecom sector?
As telcos revolutionize their critical infrastructure with advanced network technologies to enhance connectivity, network devices face persistent data breach threats from sophisticated organized cyber criminals. As a pioneer in Information Security solutions, ARCON, incepted in 2006, has distinct capabilities with regards to protecting critical infrastructure (privileged identities) like those of telecom operators. To a large extent, our capability derives from ANB, a highly recognized consulting group with a market presence and the parent company of ARCON. It was in ANB where our largescale consulting projects with major telcos among other industry verticals helped us to understand the industry-specific access control and data security challenges. With a multitude of devices deployed in core telco networks, we realized that
seamlessly managing and governing a high number of privileged identities was critical to secure the telco infrastructure, given the fact that telecom’s critical network infrastructure is distributed and heterogeneous with a large number of legacy applications.
This inspired ARCON to design a best-in-class Privileged Access Management PAM) solution that offers the security and risk management team with Unified Governance Framework to control, monitor and manage privileged identities present across multiple layers of devices, applications and OEMs.
ARCON | PAM is a comprehensive solution that allows to integrate all elements with a single command and console, helping to build a centralized governing framework
PAM solution offers robust, yet lightweight security to streamline some key concerns for Telecom. Kindly give us a succinct idea on how ARCON ensures strong protection of privileged identities in telecom networks.
ARCON’s PAM has a high level of maturity when it comes to secure privileged identities in the day-today use cases of core telco networks. At the onset, one major concern for telecom operators is how to govern the privileged access to a large number of devices in a shared and distributed environment. ARCON | PAM is a comprehensive solution that allows to integrate all elements with a single command and console, helping to build a centralized governing framework. Once those ‘identities’ are assigned with privileged entitlements, the next challenge is to ensure authorized access to systems. ARCON | PAM offers a multifactor authentication (MFA) to ensure secure authorized access to all integrated systems. Maintaining audit logs is central to establishing a robust security posture. With ARCON | PAM, session logs of all administrative tasks can be seamlessly recorded and centrally tracked via video and texts/command. Further, core telecom networks often have a shared access environment with common passwords. To mitigate abuse or misuse of passwords, ARCON | PAM offers a
password vault which securely stores thousands of privileged ID passwords that are automatically and frequently randomized.
Give us a brief insight on how you meet compliance regulations with the PAM solutions provided to Telecom networks.
The regulatory standards mandated by the Department of Telecommunications (DOT) and other similar authorities across the world explicitly demand a robust privileged access control mechanism. ARCON | PAM ensures data integrity and data confidentiality by offering a host of features and functionalities which include Unified Control Framework, Single sign-on, Session Monitoring, Password Vaulting, Multi Factor Authentication and Software Tokens, Mobile & SMS OTP. ARCON believes in ZERO trust and has embedded the CARTA model in the solution architecture.
Having catered to a wide range of well-renowned clientele since 2006, please share with us success stories where ARCON helped achieve turnaround success.
We wish you had asked all success stories with our telecom projects because every story is so unique. However, ARCON recently successfully implemented a huge project with a multinational telecom giant having a strong presence in India. ARCON| PAM is securing this operator’s 100,000 devices, 700,000 privileged IDs and over 332 million subscribers’ data records. Some of the highlights of this project which reiterate ARCON’s distinct capabilities include – Its hybrid architecture for heterogeneous environment; a quick turnaround to build connectors for telecom devices for password change automation and single sign-on, thanks to our recently launched RPA platform; Password rotation at scale; The AI/ML driven Knight Analytics ensures that any cyber threats are met very swiftly with decisive action.
What is the future roadmap that has been envisioned for ARCON?
ARCON believes that Data will be the new frontier to guard, and the conventional device based security will be a passé. ARCON has invested millions in R&D and is likely to launch several new initiatives this year to help its goal in PREDICT|PROTECT|PREVENT. In the short run, ARCON is likely to improvise its AI/ML model to support the User Behavior Analytics to help organizations build a layer of active defense.