CIO Wall

Md. Tamim Wahid Al-Helal

Head - IT - BSRM Group - Bangladesh

CIO Perspectives

The Pandemic triggered digital and remote working making Cyber Security one of the top priorities for organizations. In this context, tell us briefly how your organization managed the transition to remote working during the pandemic? How did you manage employees logging into the corporate network or accessing critical resources and remain protected from cyber-attacks? Tell us about some of the unique security best practices that you have implemented to protect your organization against cyber-attacks?

Due to COVID-19, Bangladesh went under complete lockdown from 26th March 2020, which was only announced a day before. However, as a proactive measure at our organization, we had already been providing VPN solutions to all our remote users since long back. We simply increased the capacity of our VPN and email server, anticipating a larger than before traffic, which allowed our users to start working from home from day one. In addition, we evaluated several video conference solutions and selected one that suited our requirements, which helped us organize our team work between different verticals. We took several initiatives to keep our VPN solution secured, connecting our users to the corporate network safely while working from home. As security and stability for business was more important than anything else, we avoided any and all radical approaches, and decided to stick with existing solutions.

To deal with increased security needs during the pandemic, we undertook several projects. To name a few, we implemented 2FA Authentication for our VPN Users, upgraded our MTA and Email filter appliance to a modern and secured one, increased monitoring of critical assets, changed our Endpoint Protection to meet the ever-growing demand of user security, enforced strong password policy for all services and provided trainings to end users about cyber security via online video conferences. We also took initiatives to upgrade our network infrastructure with enterprise level security products and solutions which will help us run all business operations smoothly. We’ve also appointed a security partner to continuously assess our internal and external assets to check for vulnerabilities, reduce the attack surface and conduct trainings for our IT team to educate them about best practices in the field of cyber security and ways to implement them.