Headquartered in Mumbai, India, WNS (Holdings) Limited (NYSE: WNS), a leading provider of global business process outsourcing (BPO) services, offers business value to more than 200 global clients by combining operational excellence with deep domain expertise in key industry verticals, including travel, insurance, banking and financial services, manufacturing, retail and consumer packaged goods, shipping and logistics, healthcare, and utilities. WNS delivers an entire spectrum of business process outsourcing services such as finance and accounting, customer care, technology solutions, research and analytics, and industry specific back-office and front-office processes. WNS has more than 21,000 professionals across 23 delivery centers worldwide, including Costa Rica, India, Philippines, Romania, Sri Lanka, and the United Kingdom. A dedicated team of seven security analysts monitors logs and alerts generated from various security systems to ensure protection of WNS and its customer data across endpoints globally.
The Need to Close Security Holes in Encryption and Vulnerability Management
“WNS acts as an extension of the customers’ enterprises; therefore, information security is of the utmost importance,” says Arup Chatterjee, chief information security officer, WNS, “We need to cover all our bases to make sure that our customers’ data stays safe and their outsourced business processes run smoothly, without any disruptions. Compliance with PCI, Sarbanes-Oxley, and other regulations is also critical.”
Not long ago, WNS was concerned about the possibility of a breach of confidential data from one of the company’s 1,500 laptops. “Our previous endpoint encryption tool had serious limitations that increased our risk exposure,” explains Chatterjee. “It required manual installation and updating, thus our remote laptops often went too long without up-to-date encryption. It also lacked effective integration with [Microsoft] Active Directory and required end users to maintain their own encryption keys. To best support our global operations, we wanted to be able to manage encryption centrally and to automatically update all our laptops, no matter where they were located.”
WNS has increasingly embraced virtualization and the move to cloud computing for better resource utilization and increased business agility. This creates a new set of security challenges. WNS needed a better way to detect systems vulnerabilities, one that was extremely scalable and could scan systems at each service site, yet be managed centrally in Mumbai. The company desired a software-based solution rather than a hardware-based one; having a unified management platform would provide a solid foundation to start building adaptive and flexible security policies.
Extending the Company’s Existing Integrated Security Framework
WNS thoroughly evaluated the leading endpoint encryption tools and open source and proprietary vulnerability management products. In each case, McAfee solutions beat the competition at meeting WNS’s technical requirements, particularly in the areas of ease of management and global scalability. However, technical superiority wasn’t the only reason for going with McAfee.
WNS had been using McAfee anti-virus solutions for more than a decade to protect endpoints, and, since 2005, McAfee Network Security Platform for network perimeter intrusion detection and prevention. The company had been pleased with the effectiveness of both these solutions and with the McAfee ePO central management console used to manage the solutions. “McAfee has one of the best-in-class centralized infrastructures for efficiently managing security across thousands of endpoints,” says Chatterjee. “We had already experienced the value of managing security solutions from one [McAfee] ePO console, so managing encryption and vulnerability detection with [McAfee] ePO made perfect sense.”
WNS deployed McAfee Endpoint Encryption on all of its 1,500 laptops worldwide and McAfee Vulnerability Manager at each of its service sites in India, Sri Lanka, Romania, the Philippines, and Costa Rica. McAfee Vulnerability Manager at each site scans the local network, after which the scanned data is automatically rolled up into a central database in Mumbai. No other vulnerability management solution could provide such enterprise-wide visibility.
“Besides helping us do our own jobs faster and more efficiently— from monitoring to remediation— [McAfee] ePO makes it easy to provide management or auditors the information they need to see in a format that is easy for them to digest.”Arup Chatterjee
Chief Information Security Officer WNS
Huge Time Savings from Centralized Management and Customized Reports
“The more security solutions we manage with [McAfee] ePO, the more time we save,” says Chatterjee. For instance, with McAfee Vulnerability Manager and McAfee ePO software integration, a WNS administrator can quickly and easily provide auditors with a custom, easy-to-read report that proves compliance for ISO certification. “Having an integrated security platform and customized reports saves IT administration countless hours,” says Chatterjee. “Besides helping us do our own jobs faster and more efficiently—from monitoring to remediation—[McAfee] ePO makes it easy to provide management or auditors the information they need to see in a format that is easy for them to digest.”
ArcSight Integration Improves Security Posture Further
WNS uses McAfee ePO software to manage more than just McAfee products. The company recently deployed the market-leading security information and event management (SIEM) solution by McAfee strategic alliance partner, ArcSight. ArcSight ESM gathers log data from devices across WNS’s network, performs event correlation to determine in real time if a security breach has occurred, and then sends incident notifications directly to McAfee ePO software, along with information about the host appliance, impacted host, impacted application, protocol, threat type, and other data.
“ArcSight ESM integrated seamlessly with the McAfee framework,” says Chatterjee. “Now we are audit-ready 365 days a year and have realtime visibility of our global security posture. In addition, we have reduced data collection and log reproduction time by over 75 percent.”
Improved Data Protection and Control for Laptops Worldwide
Previously, the difficulty of installing and updating encryption software on remote laptops combined with dependence on users to manage encryption keys meant that the data on many laptops went unprotected. Today, however, with McAfee Endpoint Encryption and McAfee ePO software, all of the company’s 1,500 laptops are encrypted and kept up to date with the latest encryption algorithms. “From Mumbai, we can push out updates to all of our laptops, without having to depend on users or make in-person visits,” says Chatterjee. “If a laptop is missing or stolen, we can instantly view its encryption status. We can also manage and restore data for any of our laptop users across the globe. Even if they are not stationed at a WNS site, they can connect to a central server via the Internet to receive updates or restore data.”
A Consistently High Level of Support and Long-Term Vision
To support all of its McAfee solutions at each of its major facilities, WNS purchased McAfee Platinum Support, rather than pay a third party for support. “McAfee has always worked towards ensuring customer satisfaction to the highest degree,” says Chatterjee. “We have consistently received efficient and high quality support from McAfee and have enjoyed an excellent relationship with our McAfee team.”
“That McAfee has a proven track record for continually improving its product capabilities and intelligently integrating new solutions under one unified framework also means a lot to us,” adds Chatterjee. “We are confident McAfee will be able to help us meet our evolving security needs, not just today but in the future.”