Synersoft Technologies is a start-up from Ahmedabad founded in 2008 by Vishal Shah. Invested by Rajasthan Angel Innovators’ Network (RAIN). Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE-IIM-Ahmedabad. The company aims to provide competitive edge software-hardware tools, and provide the technology at an affordable cost to the small and medium entrepreneur segment, thereby assisting them to broaden the effectiveness in using the information technology setup and secure intellect vital data (digital asset). Here are excerpts from an interaction with Vishal Shah, Co-Founder, and CEO, of Synersoft:
Q: What are the best practices Synersoft technologies is following to improve cyber security and data loss prevention?
A: Synersoft follows a zero-trust policy in all its information security practices. To ensure cyber security, it uses a virtual private network for allowing external access to its applications and data. It uses antivirus on all its devices. The devices used by the team at Synersoft are designed to allow users to access specific applications and data and to restrict users to be able to install any other applications. It uses an active recycle bin to capture data deleted by the users over the network so that it can be recovered if such delete action is accidental or intentional. It also maintains file operation logs to be able to identify if the delete action was intentional. Synersoft uses a mail distribution system as a layer between G-Suite email host and the user to apply email vigilance and control policies. Synersoft uses a firewall to allow users to access websites that are required for their professional work. it also uses its patented automatic data isolation technology when the user accesses the Internet for research or business development purpose in which restrictions are minimal.
Q: What are the biggest issues that MSME companies face from a privacy perspective and how are you helping them prevent data theft?
A: MSMEs exchange, use and, store data of customers, and employees in terms of technology, IPR, personal data. For example, a diagnostic lab would store the biological data of all its customers. A stock-broking firm would store the financial and personal data including the signature specimen of its customer. A hospital would store privacy-bound data of its patients. A school or coaching class would store the personal data of minor students and their parents. This data could be misused to commit crimes, make unsolicited calls, or identify theft. In a way, MSMEs become custodians of such data of their customers and employees. They need to protect data from theft. Synersoft helps MSMEs to protect their data from theft in various situations. It helps MSMEs to protect data from theft over the USB ports, Email Attachment, Blind Carbon Copy (BCC), and cloud drives.
Q: How much has India’s cyber security awareness and practices advanced in the last three years?
A: Cybersecurity awareness and practice advancement in India differs according to types of enterprises from a B2B perspective. Large enterprises and the government have evolved and matured their cyber defense with great awareness. Unfortunately from an MSME perspective, it is way behind on the learning curve. Cybersecurity awareness in MSMEs needs to be improved to a great extent. MSMEs need to gear up their cyber security practices to maintain their competitiveness on the global standards. On the consumer side, growing number of cybercrime and estimates on unreported cybercrime are alarming. It mostly happens because India does not have a privacy protection law in place. That leaves many loopholes for cybercriminals as well as dilutes the accountability of merchants and enterprises to protect consumers’ data from theft and misuuse.
Q: How does the Blackbox Duo assist MSMEs?
A: BLACKbox duo solves a serious problem from an MSME perspective. MSMEs cannot afford to provide company-owned laptops to their remote users for cost and logistics reasons. Mostly they rely on their employees to use their personal laptops on a BYOD basis. BLACKbox duo makes dual profiles on employee’s personal laptops, i.e. personal and professional. BLACKbox duo intelligently applies enterprise policies on professional profile and gives access to enterprise data and networks. It does not apply enterprise policies on personal profile to allow the employee to use the device for personal purpose. BLACKbox duo invokes backup only for the data residing in professional part of BYOD laptop.
Q: How is Blackbox MAX helping the MSMEs sector in preventing data loss, data theft and ransomware?
A: BLACKbox helps MSMEs to deal with external threats as well as insider threats that can lead to data loss or leakage. Data loss can happen by deletion, ransomware, disaster, or hardware failure. BLACKbox applies Active Recycle Bin which enables MSME to recover data after deletion. It also helps MSMEs to identify who deleted the data. BLACKbox applies primary-hidden chamber technology to maintain previous versions of in an isolated media to enable MSMEs to recover data after ransomware attack. It also provides hook to cloud backup to enable MSME to recover data after disaster or hardware loss. BLACKbox provides control options to restrict, control, and monitor USB ports, email communication, as well as data exfiltration over the Internet to enable enterprises to prevent data theft by external hacker or an insider.
Q: How is Mr Vishal Shah, Co-founder & CEO, using his signature in VRSAFE Strategies to mitigate cyber breaches for MSMEs?
A: VRSAFE stands for use of VPN for remote access, Router to block ports, Standard email systems, Antivirus deployment, Forgoing piracy, and strong Employment Agreement. Vishal Shah advises that MSMEs must use VPN to give remote access of its applications and data by using inbuilt facility in most routers. They should also block inbound communication at router level except for VPN. Vishal Shah strongly recommends use of standard and secured email systems that use TLS for exchanging the emails for protection against phishing and identity theft. He insists on having a licensed and updated Antivirus on each every system used by MSMEs. He recommends use of licensed software only and not pirated ones to protect MSMEs from malware which is mostly part of pirated software. He recommends that employment agreement between employee and MSMEs should clearly state confidentiality clause and hold the employee accountable to protect data from theft or leakage.