COVID-19 accentuates the need for data security protocols: Sun Life ASCI

Sun Life ASCI has deployed robust and advanced cybersecurity solutions to ensure a stable and secure network for its employees to support business operations securely while working from remote locations.

All the assets are regularly scanned and patched to ensure there are no vulnerable attack vectors available for the attackers.

The organization has a centralized globalSOC (Security Operations Centre) which continuously monitors remote access logs and alerts for anomalies.

The internal access policies and firewalls are constantly reviewed and updated and all access to the employees is provisioned based on the "Least Privilege" and "Need to know" principle.

Employees have been advised to use the secure connection to Sun Life network by ensuring VPN only usage on company-owned hardware with up-to-date security features, to prevent any infected data/malware into the company’s network. During a long remote access session, employees are required to re-authenticate themselves.

Endpoint devices are one of the most critical types of equipment when employees work from home. They are also an easy target for cyber-attacks while the world grapples with the pandemic making it even more important to secure endpoint devices.

At Sun Life ASCI, the IT team has updated its endpoint device policy framework to block the installation of unauthorized utilities/applications.  Full disk encryption has been enabled on employees’ laptops.

All employee's handheld devices are completely protected by MDM (Mobile device management). Antivirus and anti-malware solutions are deployed on the end-user devices.

The organization has deployed a phishing defense solution to minimize attacks and continuously educates employees on different phishing scenarios.

Constant communications with employees on best security practices; sharing of data security videos and circulation of critical updates relating to the operating system and other applications educate them about the same.

Email security policies are reviewed to make them more stringent and filter out malicious emails. ASCI also has a 24x7 IT and Security support desk to manage any incidents and queries. Data security as a topic is also discussed in Virtual Townhalls and Leadership messaging.

Chandan Barve, VP & Chief Administrative Officer, Asia Service Centressays, “Sun Life ASCI is committed to the fundamental principles of information security - confidentiality, integrity, and availability.

With work-from-home becoming the new normal, there is a greater need for organizations to maintain a robust and reliable security framework.

It is equally critical to keep employees informed about best practices, elevate their awareness and maintain stringent compliance.

We strongly feel that enterprises with secure technology and communication platforms would always fare better in times of crisis and ensure business continuity with minimal risk exposure.”