CIO100 awards are given to CIOs who have made significant contribution to their organisations by innovative use of technology. These awards are among the highest tech recognitions in the country. Saurabh Chandra, a graduate of the One-year Full Time MBA (IPMX Class of 2009) at IIM L and Founding Member and CIO of OneAssist Consumer Solutions has been awarded at the 2014 edition of the award.
Considered the ‘Oscars of the IT industry’, CIO100 awards are the most sought-after recognition and its winners represent the crème de la crème of enterprise IT leaders in India. The Ninth annual CIO100 awards celebrated a hundred and thrity-six organizations and their CIOs—The Dynamic 100—that are using information technology in smart and relevant ways to deliver business value, whether by creating competitive advantage, optimizing business processes, enabling growth, or improving relationships with customers.
Uncertain economic situations, challenging business requirements, fast-changing market needs and demanding end-users are the new normal. CIOs are now expected to deliver superior solutions and execute larger number of business technology projects with shortened timelines, fewer resources and tighter budgets.
This year’s CIO100 therefore fittingly focused on recognizing and felicitating the CIOs who have been imaginative and innovative in these times; and adept and astute in converting the handicaps to their advantage while not only enabling their businesses to grow but also extending their lead on their competition.
As per information provided by CIO100, the project from OneAssist was not just about one technology, but a complete solution encompassing application, infrastructure, network, and data storage. The objective of the project was to implement a framework that keeps cardholder data secure at rest and in motion.
For application level security, OneAssist used Java Cryptographic Extension framework to encrypt card data. Data transmission over an untrusted network was encrypted using Extended Validation SSL.
At the network level, defense-in-depth security was implemented to significantly mitigate the security risks arising from insider and outsider threats. For users across the organization, Disk Encryption technology was used. Another Data Leakage Prevention (DLP) software was implemented to eliminate the threat of leakage of card data.
All cardholder data was encrypted using AES encryption. With this solution, multiple encryption keys, secured under split-access and dual-knowledge control are needed to decrypt cardholder data, making it extremely difficult for hackers.