Data breaches are no longer any specific industry oriented or it count size of organizations. Data security has become a core strategy for almost all organization for preventing core business value. Websense, has earned global reputation in data security space and serving various clients to protect their sensitive data irrespective of verticals. We recently spoke to Surendra Singh, Regional Director, SAARC & India, Websense, Inc. to gain an in-depth insight on their strength and strategy in Indian market.

Surendra Singh, Regional Director, SAARC & India, Websense

Q1. How is Websense positioned today in Indian IT security market?

Ans.  With Internet penetration increasing in India, incidence of security breaches are on the rise. Hackers are using various Internet channels like the Web, email, Instant Messaging, VoIP etc. to launch sophisticated and targeted attack to steal information from which they can benefit financially. The biggest threat organizations face today is no longer phishing. At least three quarters of malicious content is now contained in legitimate sites.

Moreover, security attacks are becoming data centric hence there is urgent need amongst organizations to protect its data to remain competitive, avoid loss of reputation and ensure corporate compliance. Websense is well positioned to address this growing requirement of Indian organizations, it has unified web, data and email security solution that is data centric and protects two most important channel of communication – Web and email

Q2. With the emergence of new technologies and new devices, management of security is becoming a major challenge. What is Websense's effort in that direction?

Ans.  Today, successful organizations depend upon their ability to collaborate, communicate, and share information online. Established tools, such as email and the Web, are now more important than ever before, while emerging Web 2.0 applications, blogs, and social networking sites allow organizations to work in new, more efficient, and innovative ways.
Yet these technologies also expose businesses and other organizations to a variety of new and emerging information security risks. Malware and malicious Web sites pose external threats to confidential data, and the inappropriate use or distribution of such data creates equally pressing internal threats. Existing point security solutions, such as anti-malware or antispam tools, address some of these threats, yet they fail to detect many others. While a growing number of integrated content security suites attempt to fill the need for more advanced security solutions, these offerings often create more problems than they solve — increasing complexity, costs, and even creating redundancy in some areas yet leaving gaps in coverage in others.

In order to succeed in this new, more connected threat environment, business and risk managers require a unified solution architecture. Websense achieves this goal with its adaptable solution architecture of Web security, email security, and data loss prevention — delivering a unified content security platform called Essential Information Protection. Essential Information Protection empowers users, enabling communication and collaboration across new and legacy applications. It protects users and sensitive data against internal and external threats, and it allows users to work productively online without exposing an organization to security, legal, or other liability risks.

Q3. As social networking is gaining popularity in internet space, it also presents multi-dimensional opportunities along with security challenges. What should an individual and organizations even follow to minimize the risks?

Ans. Use of Web 2.0, like social networking and Twitter is ubiquitous among consumers, but more and more businesses are now taking advantage of Web 2.0 sites to reach out to their customers and partners. IT managers can no longer simply say “No” and block Web 2.0. However, they need the right policies and security solutions in order to safely say “Yes.” Businesses need a secure Web gateway and data loss prevention (DLP) solutions. They need the ability to detect dynamic threats “on the fly” because Web 2.0 sites change constantly and can be compromised at any moment. Finally, they also need data loss prevention technology to prevent their intellectual property and confidential data.

The right security solutions can allow IT to enable employee use of Web 2.0 without worry. The Websense Web Security Gateway provides real-time analysis and categorization of specific Web content on a page allows businesses to block just the inappropriate or malicious content, not the entire page or Web site. Websense, with the Websense ThreatSeeker Network and Defensio technology provides early threat outbreak detection and protection system by analyzing content as it’s posted to Web 2.0, social networking and blogger networks.

Q4. DLP solution is increasingly gaining momentum to prevent data breaches currently. But what major points one should follow to pick up the right solution in this space?

Ans. Businesses must continue to adopt new technology and new communication methods to stay relevant. The same is true of business security solutions; as the growing prevalence of botnets, hacker attacks, and data breaches demonstrates, point security solutions that fail to keep up with new security threats are quickly becoming irrelevant.  Following are the points organizations must consider while choosing a solution:

1. Accurate identification of data;

2. the ability to address data whether at rest, in use or in motion;

3. both content and context analysis;

4. an advanced policy framework;

5. and robust workflow and reporting

6. The solution must be manageable, scalable and integrate with wide range of technologies

Q5. How effective is Websense's Unified content security solution?

Ans.  TRITON is the first security architecture to integrate enterprise-class data loss prevention (DLP) technology into Web security gateway and email security solutions, delivering TruContent intelligence -- the real-time analysis and classification of inbound and outbound content for protection from inbound threats including zero-day Web exploits and malware, and outbound risk such as data loss, acceptable use violations and non-compliance for regulated data.

In addition to unifying market-leading Web, data and email security technology, TRITON is the industry’s only security platform to deliver TruHybrid – unifying policy management and reporting infrastructure across on-premise, security-as-a-service (SaaS) and hybrid deployment models. By delivering TruContent intelligence and TruHybrid, TRITON consolidates organization’s Web, data and email security solutions into a single architecture, improves security coverage for dispersed offices and remote employees, and reduces the complexity and cost of deploying and managing security implementations across distributed enterprises. TRITON provides customers a lower total cost of ownership (TCO) for enterprise security by easing IT administration and reducing the need for on-premise hardware requirements at dispersed locations, without sacrificing security.

With one control panel, organizations can easily set and manage security policies across distributed offices and remote workers.  This combination of the best of on-premise Web 2.0 threat protection, combined with the flexibility of SaaS Web security - along with enterprise-class data loss prevention technology embedded in the Web and email channels - gives dispersed enterprises the ability to ensure that wherever their employees are, they are protected. By delivering unified security architecture for any delivery model, TRITON eases administration requirements and lowers the total cost of ownership.

Q6. How does TRITON architecture stand unique in market today?

Ans. TRITON is the first and only unified content security solution.  Most content security solutions available today cover only a single threat – email security, web security, or data loss prevention across one or more channels.  TRITON, conversely, spans each of these offering unified content analysis for the best security for modern threats – both inbound threats and outbound risks (e.g., data loss), a unified solution set for vendor and solution consolidation of Web, email, and data security services, and a unified platform for cost-effective deployment across a distributed and mobile enterprise.

Q7. As integrated security solutions have been touted a lot, how does Websense's effort address this issue?

Ans.  The need has never been greater for a new unified security paradigm to provide consistent protection from both inbound threats and outbound risk with single policy management for on-premise and security-as-a-service (SaaS) deployments across dispersed enterprises.  With launch of TRITION, Websense delivers best security for modern threats at the lowest total cost of ownership.  The TRITON solution combines the market’s leading Web, email, and data security technologies across three areas:

1) Content analysis – unified web, email and data threat analysis that is gathered from our security labs and then productized into analytics onboard TRITON,
2) Products – Web, data, and email security products that provide unified content security and solution consolidation, and
3) Platform – on premise, SaaS, and hybrid platforms that allow customers to choose the most cost-effective solution for their specific needs.

Q8. Where do you see Websense in next few years in Indian market?

India is one of the fastest emerging markets for Websense globally. We continue to focus on growing our operations in India and maintain our leadership position in Web and Data security

—By: Surendra Singh, Regional Director, SAARC & India, Websense