Integrating people, process and tools for holistic security

Information Technology

Business Challenge

A multi-million dollar IT services and BPO provider for North American and European companies, our customer was grappling with several pain points in their IT security infrastructure. Rapid growth and expansion, coupled with the need to link to multiple networks, yet maintain them in isolation meant a growing challenge for their internal IT. On one hand, they were forced to be more open to their partners and customers, and on the other hand, as an IT services provider themselves, it was of paramount importance that their network (and their customers' data) was completely secure and in line with stringent compliance requirements.

Quadra at work

We adopted an all-round approach to their information security, consisting of processes, people and infrastructure along with continual review and monitoring, as point solutions were just a cog in the security mechanism. Our unique process driven approach and business engagement model ensured that we took a holistic approach to defining and maintaining information security for the customer, through the entire information life cycle, right from information generation to information destruction. One of the highlights was an integrated management, monitoring and reporting framework.Based on best practices from industry standards such as ITIL and BS 7799, we adopted a unique approach to securing information for our customer, spanning across

  • Assessing business risk and exposure
  • Implementing policies & structure
  • Defining IT practices & procedures, and last but not the least
  • Continuous review and improvement.

Business Benefits

Considering the fact that a significant investment in technology can be rendered ineffective if we don't take into account proper patch management and procedural security, and also taking into account information security in all forms such as physical security, people security and electronic security, we devised a complete strategy, instead of a point approach.

We backed this up with dynamically evolving security services, with our processes continuously evolving to meet changing security landscapes, and also improvement as a result of our structured reviews and evaluation processes.