As the country prepares to introduce its first comprehensive privacy law
The Digital Personal Data Protection Bill (DPDP) to harmonize data privacy regime, a Bengaluru based SITC enterprise Vantage Network Solutions has successfully delivered tools to major PSU Bank to secure its data.
“We have partnered with SISA for implementation of their proprietary RADAR solution for Data Discovery and Classification also to establish necessary security controls. This collaboration ensures adherence to the stringent guidelines set forth by the proposed Act for entities that collect, process, and store personal or sensitive data of millions of individuals,”says Vikas Khosla, Managing Director of Vantage Network Solutions Pvt. Ltd.
This collaborative effort taps into Vantage’s infrastructure expertise and SISA’s proprietary Data Discovery and Classification technology, jointly fortifying the security of confidential customer and associated data across the board. The implementation is done under “Make in India” Class-1 initiative taken by our Honorable PM Shri Narender Modi under the Atma Nirbhar Bharat Abhiyan, Vikas says.
SISA is an Indian Origin forensics driven Cyber Security solution company for the Digital Payments Industry having worldwide presence.
Shyam Sunder, Regional Director, Hitachi – Vantara who have provided data storage for the project says “Hitachi specializes in enterprise storage and computation. We do a lot of services that we render to the banking sector. Most leading banks in India and overseas use our technology for critical workload management that ranges from core banking to multiple side operations”.
Sanjay Virnave, General Manager & Country Head, Altos India (a subsidiary of Acer Inc) who have provided compute servers says “In harnessing Altos servers and workstations, we’ve spearheaded one of India’s most ambitious data segregation and classification endeavors based on DPDP act and compliance, setting a new benchmark for data management excellence. Leveraging the technological prowess and expansive scale within the Acer Inc. group, Altos has achieved unprecedented levels of innovation and deployment efficiency”.
The proposed DPDP Act provides for the establishment of a regulatory body, the “Data Protection Board of India” (DPBI), which will be the primary entity responsible for enforcing the Act. It outlines rules for security controls, safeguards, and data processor obligations, along with appropriate technical and organizational measures.
The RBI has issued directives, compulsory for all banks, for implementation and deployment of DPDP compliant infrastructure.
Today, several institutions and enterprises such as banks, hospitals, and government agencies collect personal data like Aadhar and PAN cards and need security controls to address any security gaps to prevent data theft. To prevent data theft, it’s crucial for these entities to implement robust security controls to address any security gaps and vulnerabilities.
In the context of data breach investigations the emphasis is placed on determining whether the data has been accurately identified (discovered) and classified. This process is vital for assessing an enterprise’s adherence to regulatory standards. A clear understanding of the enterprise’s data landscape not only facilitates compliance but also enables organizations to make informed decisions and implement the necessary corrective measures to enhance data security.
The DPDP Act will be applicable to entities that process digital personal data within India’s territory, covering data collected both in digital and non-digital forms (which is subsequently digitized).
A major PSU bank, officials not wanting to identify the bank for obvious reasons, is happy that it is ahead of others in this vital area.
The Bank has implemented the SISA RADAR – Data Discovery and Classification solution on their Disaster Recovery-Direct Connect (DR-DC) servers situated in Mumbai and Bengaluru. This solution actively scans each endpoint to automatically identify and classify sensitive data present and integrates with other Data Loss Prevention (DLP) and Security Information and Event Management (SIEM) solutions to trigger alerts for any highly sensitive customer data stored insecurely on an endpoint.
The implementation and commissioning was done for the PSU Bank at their crucial Disaster Recovery-Direct Connect (DR-DC) servers situated in Mumbai and Bengaluru.
“Vantage in tie with SISA, has deployed the solution across the Bank’s 100,000 PC terminals (endpoints) spanning 9,000 branches nationwide. The solution has been tailored to protect the data of 75,000 email users within the Banking facilities. We have deployed 13 Acer Database BR servers and have synced 13 Acer servers at their data centre along with high capacity Hitachi Vantara storage of 5TB Nass through various application licenses for making the infrastructure ready for implementation” Khosla concluded.
The implementation extends to additional data protection, including Breach Attack Investigation and Simulation, Managed Device Management, Endpoint Detection and Response and Security Operation Center managed services.
This proactive approach ensures that sensitive data is securely protected and access to it is meticulously controlled,” stated Dharshan Shanthamurthy, CEO and founder of SISA.
Vantage Network Solutions partnership with SISA looks forward to winning entities that will have to adhere to the new law and RBI guidelines when these come into force. The company is focusing on implementing the solution for Data Discovery and Classification. It is also targeting critical needs of data security.
Through this collaboration, key sectors in India, including banking, insurance and other public sector undertakings (PSUs), will significantly enhance their data protection capabilities. says Vikas.
This rollout marks the first nationwide implementation of a DPDP compliance infrastructure.