Mindtree leverages Microsoft solutions to transform its security architecture for the new normal

Need for an integrated security solution

Mindtree’s security team ensures that the company’s infrastructure is safe and secure across various aspects of cloud, cloud-plus, on-premise systems and work-from-home systems. 

Before the pandemic, security was pre-defined as per the office routine, where employees would work in a security-controlled environment within the physical space. Remote employees made up a very small fraction of the workforce. For these and for people who would take their work home after office hours, access controls and VPN ensured secure transmission of data.

However, this scenario was turned on its head overnight when the pandemic arrived in India in 2020. Almost all workers moved to remote work and with it changed the security model of the business world. The trust placed in office systems, needed to be replicated in home systems as well. 

“Security teams had no direct visibility of individual machines that employees worked on at home, nor the control of the environment they worked in,” says Chandan Pani, CISO, Mindtree. “This is why the demand for enterprise-grade solutions, that can have control on the various moving pieces, has gone up.”

There was a requirement of systems that could interact with each other, remove the blind spots and give Mindtree’s security team a single pane of visibility on the entire distributed working system. Whether it was cloud, cloud-plus, IoT, cameras, everything needed to be connected to the same security solutions to create a single view. Also, a change from a centralized to a decentralized solution, more secure and guarded solutions became the need of the hour. 

When the pandemic struck, Mindtree was quick in assessing all possible scenarios, and evaluating solutions to help build a relevant, yet strong, security infrastructure for the new normal. The company needed solutions to help navigate the landscape of multiple domains.

It soon realized that managing multiple OEMs was a bigger challenge, and so was integration. Blind spots arising due to application of multiple solutions was another challenge common to all large players, including Mindtree. A single pane view was the need of the hour. The organization decided to deploy Microsoft solutions, as they were scalable and came with AI/ML capabilities, which gave the security team the ability to view the entire landscape with minimum efforts.

Covering the entire security architecture

As Mindtree was already present on Windows and the Azure environment, security solutions were easy to deploy and positioned the company for handling all workloads. Microsoft’s Endpoint detection and response (EDR) solution was a value-add to the architecture, along alongside Azure Sentinel.  

“The integration of multiple systems is the biggest advantage, especially with ATPs that make it easier to interact between consoles and solutions,” adds Pani. “We estimate that that we have cut the implementation and deployment time by a couple of years by choosing Microsoft solutions. Currently, we are up and running with a workload of almost 25,000 systems.” 

Microsoft’s data-centric solutions (AIP and MIP) provide flexibility to look at data, its components, security policies covering it, treatment required, all of this can be done with a single click.

Microsoft 365 for flexible management

Microsoft 365 E5 suite offers an interesting combination of solutions for Mindtree. It allows a flexible and scalable approach to workloads and is also used extensively to safeguard emails, leveraging AI/ML capabilities. The company uses Microsoft Defender as a seamless solution for a single view of activities happening on endpoints and servers. Microsoft 365 enables the organization with the flexibility to pick and choose solutions as required.

Office 365 to prevent phishing

Mindtree’s E-mail solution is on Office 365 and it helps protect the company from phishing attacks. The phishing simulation feature is crucial – the number and nature of simulations conducted for the employees are on demand.

In pre-pandemic times, the trend was to carry out this exercise two or three times in a year. Now, the availability of a dedicated platform gives Mindtree’s security team the flexibility to do it any way they want, any number of times. For instance, the company can consistently create a phishing attack for the finance team every week to monitor how the team members identify different threat scenarios. This customization is a significant value add to the company’s phishing prevention practices. 

Integrated solutions for a unified view

The workload on SIM monitoring has been optimized to a high degree. Because of the integration, cloud-nativity and seamless dashboards, the burden of workloads was considerably less. 

The security architecture is an inverted tree structure, where Azure Sentinel sits on top, and connects to all other systems. The systems are homogenous and natively interact with Azure Sentinel, be it identity protection, endpoint security, email docs collaboration, applications or workloads. 

Mindtree’s advanced threat protection layer is also from Microsoft – Azure Active Directory, Defenders, Endpoints, Azure Security Center, O365, cloud security, TVN, etc. All these systems integrate well, provide the company a single pane view, and the whole system can be scaled within minutes. It is an easy solution to deploy.

Culture of data security awareness

Before the pandemic, employees would be concentrated at one place, the office, and it was easier to keep a track on their digital behavior and impart training based on those patterns, as well as messaging through posters, fliers, on-floor sessions, minimum-skill trainings, etc.

However, user patterns have changed with the hybrid work model, and so has the mode of imparting good digital behavior. Mindtree imparts training through emails, wallpapers, screensavers, etc. Gamification has been found to be a very effective way of engaging the employees about best data security practices. All of these, combined with the phishing prevention exercises, help the security team drive a culture of data security awareness within the organization.

“Considering the hybrid work environment, we have standardized security for every individual system used, regardless of location, and we are gradually moving towards a zero-trust security model,” concludes Pani..