Your SlideShare is downloading. ×
0
INSPIRED PEOPLE. INSPIRING RESULTS.




INCLUSIVE APPROACH TO INFORMATION SECURITY
                      Security Culture ...
INSPIRED PEOPLE. INSPIRING RESULTS.




                              COMPANY OVERVIEW




                               ...
INSPIRED PEOPLE. INSPIRING RESULTS.




EXECUTIVE SUMMARY
Industry leader in offshore healthcare billing and revenue cycle...
INSPIRED PEOPLE. INSPIRING RESULTS.




INDUSTRY AWARDS & RECOGNITION



                    Ranked among the Top 100 Offs...
INSPIRED PEOPLE. INSPIRING RESULTS.




INDUSTRY AWARDS & RECOGNITION



                      Among The Best Workplaces i...
INSPIRED PEOPLE. INSPIRING RESULTS.




THE FOUR PILLARS OF OUR DELIVERY MODEL



                                        ...
INSPIRED PEOPLE. INSPIRING RESULTS.




AJUBA - INFORMATION SECURITY TRACK RECORD




                                    ...
INSPIRED PEOPLE. INSPIRING RESULTS.




CHALLENGES FOR AJUBA IN INFO SECURITY


   In   an      industry       where      ...
INSPIRED PEOPLE. INSPIRING RESULTS.




IMPORTANT ASSET: PEOPLE CROSS FUNCTIONAL SECURITY TEAM




                       ...
INSPIRED PEOPLE. INSPIRING RESULTS.




TRADITIONAL SECURITY ORGANIZATION
                                         CEO



...
INSPIRED PEOPLE. INSPIRING RESULTS.




AJUBA SECURITY INFO ORGANIZATION
                                                 ...
INSPIRED PEOPLE. INSPIRING RESULTS.




INFORMATION SECURITY FORUM CROSS FUNCTIONAL TEAMS
                                ...
INSPIRED PEOPLE. INSPIRING RESULTS.




     For a total Ajuba staff strength of 1700

 ISSC          =                  4...
INSPIRED PEOPLE. INSPIRING RESULTS.




                                      INTERNAL
InfoSec – Focus Shift
                   Ajuba Security Approach – Terminology Used

  TRADITIONAL APPROACH               ...
INSPIRED PEOPLE. INSPIRING RESULTS.




SOME BEST PRACTICES

                                                      PEOPLE ...
INSPIRED PEOPLE. INSPIRING RESULTS.




                                              PROCESS
SOME BEST PRACTICES
        ...
INSPIRED PEOPLE. INSPIRING RESULTS.




SOME BEST PRACTICES


PEOPLE SECURITY


   Trendsetter in Transport Security – Las...
INSPIRED PEOPLE. INSPIRING RESULTS.


INFO SECURITY LIFE CYCLE IN AJUBA




                                              ...
INSPIRED PEOPLE. INSPIRING RESULTS.




                                                    Info Security Metrics
        ...
INSPIRED PEOPLE. INSPIRING RESULTS.




RISK MODEL – COMPLETE FEEDBACK




                                      INTERNAL
INSPIRED PEOPLE. INSPIRING RESULTS.




SUMMARY
AJUBA UNIQUE INFOSEC MODEL


   Ajuba model brings People to the forefront...
INSPIRED PEOPLE. INSPIRING RESULTS.




                                      THANK YOU




                              ...
Upcoming SlideShare
Loading in...5
×

Jaganathan - An Inclusive Approach to Information Security - Interop Mumbai 2009

482

Published on

This session details the unique inclusive approach to Information Security Management (ISM) followed by Ajuba International. Ajuba’s model involves all employees in Information Security making ISM a part of the work rather than a watchdog function.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
482
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
35
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Jaganathan - An Inclusive Approach to Information Security - Interop Mumbai 2009"

  1. 1. INSPIRED PEOPLE. INSPIRING RESULTS. INCLUSIVE APPROACH TO INFORMATION SECURITY Security Culture in the Corporate World Jaganathan T ISSC Chairperson Ajuba Solutions India Pvt Ltd INTERNAL
  2. 2. INSPIRED PEOPLE. INSPIRING RESULTS. COMPANY OVERVIEW INTERNAL
  3. 3. INSPIRED PEOPLE. INSPIRING RESULTS. EXECUTIVE SUMMARY Industry leader in offshore healthcare billing and revenue cycle management Proven track record: We process claims with a gross value of over $3 Billion, code 3 million charts and collect over $1 Billion in cash annually Over 1700 domain experts Long term partnerships and retention of clients Seasoned Team and Quality Processes Employees come from organizations such as Deloitte, EDS, McKesson, NDC Health etc. Strong management bench and training capabilities; ability to scale INTERNAL
  4. 4. INSPIRED PEOPLE. INSPIRING RESULTS. INDUSTRY AWARDS & RECOGNITION Ranked among the Top 100 Offshore Companies in the world by Managing Offshore and Neo IT Identified as a ‘Rising Star’ by The International Association of Outsourcing Professionals (IAOP), in The Global Outsourcing 100 list and published by Fortune Magazine Ranked #1 as The Top Healthcare Revenue Cycle Management Outsourcing Vendor by The Black Book of Outsourcing Among The Best Employers in India (Hewitt Associates-The Economic Times) INTERNAL
  5. 5. INSPIRED PEOPLE. INSPIRING RESULTS. INDUSTRY AWARDS & RECOGNITION Among The Best Workplaces in India (Great Places to Work Institute Inc, US - The Economic Times) Among Best BPO Employers in India (IDC – Dataquest) Among The Top Emerging Exciting Places to Work for (NASSCOM- Grow Talent) Award for Excellence in Gender Inclusivity by NASSCOM INTERNAL
  6. 6. INSPIRED PEOPLE. INSPIRING RESULTS. THE FOUR PILLARS OF OUR DELIVERY MODEL PLE PEO PR OC ES S GY IN LO FR NO CH AS TE TR UC TU RE INTERNAL
  7. 7. INSPIRED PEOPLE. INSPIRING RESULTS. AJUBA - INFORMATION SECURITY TRACK RECORD ISO27001:2005 certified HIPAA Certified FDCPA Certified SAS70 Type 1 Certified We take Security and Compliance very seriously INTERNAL
  8. 8. INSPIRED PEOPLE. INSPIRING RESULTS. CHALLENGES FOR AJUBA IN INFO SECURITY In an industry where Info. Security and compliance is very critical to business. HIPAA Ajuba is continuously awarded as a `Best Employer’ and widely known for `Employee Friendly’ culture. Improper Security enforcement has the potential to affect `Best Employer’ brand equity. Judicious balance between Security Management and Employee comfort required. Average age less than 30. Additional impetus to security awareness required. INTERNAL
  9. 9. INSPIRED PEOPLE. INSPIRING RESULTS. IMPORTANT ASSET: PEOPLE CROSS FUNCTIONAL SECURITY TEAM INTERNAL
  10. 10. INSPIRED PEOPLE. INSPIRING RESULTS. TRADITIONAL SECURITY ORGANIZATION CEO CIO CSO CMO Info Security manager Auditor IT Security Officer Physical Security INTERNAL
  11. 11. INSPIRED PEOPLE. INSPIRING RESULTS. AJUBA SECURITY INFO ORGANIZATION President Director Director Director Manager Corporate Operations Finance & Technology& ISSC Comm. HR Chairperson Sr. Manager Operations Sr. Manager Manager HR Sr. Manager Manager Finance Sr. Manager Sr. Executive operations Operations Technology Asst Asst Asst Manager Asst Manager Manager Manager ISSC Manager Tech Team Team ISM Team Supervisor Supervisor Asst Supervisor Manager ISMS Team Team Agents Leader Leader Team Leader Agents Executive INTERNAL Executive
  12. 12. INSPIRED PEOPLE. INSPIRING RESULTS. INFORMATION SECURITY FORUM CROSS FUNCTIONAL TEAMS ISSC : Information Security Steering Committee Management team to guide and steer security implementation ISTF: Information Security Task Force Responsible for implementing and managing Information Security implementation. IRT: Incident Response Team Responsible for Incident Response and Resolution IAT: Internal Audit Team Responsible for Internal and External Audits ERT: Emergency Response Team Responsible for response to emergency conditions and drills INTERNAL
  13. 13. INSPIRED PEOPLE. INSPIRING RESULTS. For a total Ajuba staff strength of 1700 ISSC = 4 ISTF = 20 IRT = 12 IAT = 40 ERT = 63 Total 139 ie 8.2 % of total staff strength Extended Security Focus possible because of unique model followed INTERNAL
  14. 14. INSPIRED PEOPLE. INSPIRING RESULTS. INTERNAL
  15. 15. InfoSec – Focus Shift Ajuba Security Approach – Terminology Used TRADITIONAL APPROACH REPLACED BY Central Security Team Centrally Enabled Participative Team CSO Steering Committee coordinate by a Chairperson Policy Enforcement Participation & Peer Pressure Vigilance, Monitoring Peer Reporting & Health Check Disciplinary Action Incident Resolution Internal Audit Peer Review ISMS I Support Maintaining Security! INTERNAL
  16. 16. INSPIRED PEOPLE. INSPIRING RESULTS. SOME BEST PRACTICES PEOPLE INVOLVEMENT Second Week of every December is Celebrated as ISMS Week ISMS week Includes Various Competitions for staff Periodic spot checks and “ Best Compliant team” awarded annually Weekly ISMS quiz in intranet Monthly ISMS newsletter Transparent & Open security escalations INTERNAL
  17. 17. INSPIRED PEOPLE. INSPIRING RESULTS. PROCESS SOME BEST PRACTICES Automated Incident Registration, Tracking & Resolution Anonymous Incident Registration possible Weekly Security Posture Review Standard and structured disciplinary matrix known to all staff Security Responsibility is part of everyone’s Job Description Measurable KRAs for Security Team Security Conformance part of every employee’s HR track record. Electronic NDA as part of onboarding INTERNAL
  18. 18. INSPIRED PEOPLE. INSPIRING RESULTS. SOME BEST PRACTICES PEOPLE SECURITY Trendsetter in Transport Security – Last Drop Confirmation Quarterly ERT training Surprise ERT drills INTERNAL
  19. 19. INSPIRED PEOPLE. INSPIRING RESULTS. INFO SECURITY LIFE CYCLE IN AJUBA INFO SECURITY IS A COMPLETE LIFE CYCLE INVOLVEMENT IN AJUBA INTERNAL
  20. 20. INSPIRED PEOPLE. INSPIRING RESULTS. Info Security Metrics 20 18 16 14 Total Incident 12 10 20 8 6 12 12 10 10 11 9 4 7 2 5 4 2 0 1 2007 2008 2009 2007 2008 2009 2007 2008 2009 2007 2008 2009 Access Rights Camera Phone Non Compliance Physical Security Violations Violation with IS Policies Violation Security Incident Category --> INTERNAL
  21. 21. INSPIRED PEOPLE. INSPIRING RESULTS. RISK MODEL – COMPLETE FEEDBACK INTERNAL
  22. 22. INSPIRED PEOPLE. INSPIRING RESULTS. SUMMARY AJUBA UNIQUE INFOSEC MODEL Ajuba model brings People to the forefront and weaves Technology and Process around People No Compromise on Process and Technology Works very well for Ajuba Should work well for any company. May require little customization to suit the organization. Efficient security implementation at minimum cost INTERNAL
  23. 23. INSPIRED PEOPLE. INSPIRING RESULTS. THANK YOU INTERNAL
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×