Rajesh Mittal

With over 20 years of experience in Application Security, Identity Management and IT infrastructure related projects, Rajesh has a developed a solid understanding of all aspects of IT security field and has assisted clients, of all sizes, in almost all segments of their Identity and Access Management journey. His core competency and passion lies in integrating heterogeneous products, fostering innovation to develop new Solutions and solving customer problems quickly and effectively. He is VP of Technology and Co-Founder of Avancer Corporation and leads Technical Strategic Planning, New Business Development, Marketing and Business Expansion. Prior to starting Avancer Corporation, Rajesh’s entrepreneurial venture, he has worked with PWC Consulting/Entology/HSBC/ LG Electronics in various capacities developing IT security solutions spanning multiple geographies. Rajesh holds a BE in Electronics Engineering from University of Pune, and MBA in Finance and Leadership from Stern School of Business, New York University.

cybersecurity-during-coronavirus
Your browser does not support theaudio element. Given the current pandemic situation, cybercriminals are implementing creative social engineering methods for accessing enterprise networks, systems and passwords through vulnerable personal devices or insecure endpoints of remote workforce.As the world struggles to contain the current coronavirus onslaught, cybercriminals are implementing creative social engineering methods for accessing networks, systems, and passwords. Capitalizing on the fear and uncertainty of the situation, cybercriminals are exploiting a human weakness to tempt users into conducting insecure online behavior, leading to detrimental consequences in the present scenario. Cybercriminals are seen to be posing as the WHO or CDC to send fraudulent emails, asking for bitcoin donations, or sending attachments with malware to gain access to a user's system. Most of ... Read More
04/20/2020Rajesh Mittal
shutterstock_148787003
Before we move ahead let me break the biggest myth of present times – Serverless Applications is servers on cloud and are to be managed by the cloud server providers. The term “Serverless” Applications gives an idea that administration of servers, which is one of the biggest headaches for IT teams, is not required. At the same time, it gives the power to write code without worrying about ongoing server administration. Serverless Applications on are on Cloud, so ideally, they must be viewed as an extension of enterprise infrastructure. The concerns related to Identity Management on Serverless Application, Access Management on Serverless App and overall IAM capabilities surrounding serverless app needs to be looked at carefully. As per Forbes, typical ... Read More
04/04/2018Rajesh Mittal
IT-Security-Trends-2018
Technology is a disruptive game, we discover something new with each passing minute. Businesses are out in the race, they are ready to embrace technology to be closer to business goals, automation and achieve competitive advantage. However, this cannot ignore the security climate associated with new technologies. It is, therefore, important to study and visualize the security paradigm surrounding these technologies. With technological advancements, a parallel need for studying the security paradigm surrounding new technologies has emerged.Experts at Avancer have put together the technology trends and related IT Security considerations to watch for in 2018! Assigning Identity to Robots in an enterprise setting will be the focus. The year 2017 recorded a milestone in robotics, Humanoid Sophia was made a citizen ... Read More
01/02/2018Rajesh Mittal
shutterstock_574000213
Any unknown application, device or IT specific service brought into the IT Systems that is not known to the IT departments can pose a security risk. The risk proposition is based on the premise that these application/device/service are not screened through the on-boarding process, thereby making an entry in the enterprise IT System without required checks and balances. This practice is known as Shadow IT. With widespread utilization of IT-integrated capabilities and diverse functional/role specific usage, Shadow IT has become a business reality. In order to curtail the practice of Shadow IT, the IT Departments have to enable smooth on-boarding of technology.Shadow technologies include hardware or software, including smartphones, tablets, USB drives, Google Docs, instant messaging services, Skype and so on. ... Read More
06/12/2017Rajesh Mittal
shutterstock_1421521661
Owing to lack of strategic foresight or sheer laziness, security has traditionally taken a back seat in IT Systems integrations. Lack of security foresight in IT endeavors can impact businesses in the course of time, thus it is recommended to look into security related aspects from the very start — be it at the time of integration, upgrades or migration of IT tool or solutions. Nowadays, security considerations such as in Software Development Life Cycle are integrated into each layer of technology engagement. With that backdrop, security loopholes and cyber vulnerabilities are becoming complex, leading to obstructing identity, data and information theft. Present day IT setup needs to expand and cater to a wider base — move ahead of on-premise and ... Read More
05/17/2017Rajesh Mittal
shutterstock_448231735
Organizations are increasingly incorporating changes in the Software Development Life Cycle (SDLC) in order to improve security posture and create a robust IT System. These changes are aimed to bring security at software development stage itself, rather than incurring expensive fixes for IT vulnerabilities post-implementation of the software. Traditionally, SDLC was focused towards fulfilling specific business requirements, functions and features in a step-down manner. It did not bring any security consideration to ensure system security is set as default through each stage. Therefore, a security layer has to be added to introduce security early-on in the process for each stage of SDLC. Secure SDLC stages encompasses following steps: Inception Stage: Business Requirement Document is prepared keeping security aspects in consideration and foresee ... Read More
03/27/2017Rajesh Mittal
binary-1187194_1280-Pixabay
Application security is becoming a prominent aspect of enterprise security and a crucial component in software development and deployment. Companies are investing in app security testing, especially source code review and penetration testing, to create a robust IT System. While IT departments limit using only source code reviews, it is advisable to perform penetration testing. Here’s why: Although, code analysis helps in producing secure code, but issues such as changes within the system, may result in making IT Systems vulnerable. For instance, PHP being installed using safe mode might be enabled during the code review stage, which might get disabled in the actual system environment. Such flaws within the source code may result into potential attacks and compromising of the system. Newer ... Read More
01/05/2017Rajesh Mittal
shutterstock_543352492
Come to think of what went on my mind last week, as I savored a cup of hot chocolate, and looked out at snow laden gardens. It was not just a praise for how beautifully nature takes on, it was my time of throwback and, where are we headed? Technology has taken over the way we operate, look at nest thermostat, phone operated door locks, lights et al. In technology space, only so much has changed over the years. Each technology as opened up room for threat, uncertainty and security needs. And so much is to change, for good or for worse depending on the preparation levels. I believe that IT security posture is going to become more colluded and ... Read More
12/30/2016Rajesh Mittal
shutterstock_494436820
Before we point at the magic word, Big Data – let’s talk a bit about the volume of data, financial services sector is also facing the challenge of managing the data in a secure manner. API’s are just one aspect of data transfer, but it is important to be integrated smartly. Thus APIs – application programming interfaces – have become an important part of doing business for companies in the current business scenario. APIs provide a secure environment for business and help them manage customers, employees, and business partners, while streamlining operations. A majority of financial services and insurance companies are developing as well as increasing their presence online through customized websites and mobile apps, for providing value-addition to their ... Read More
11/22/2016Rajesh Mittal
shutterstock_188016452
An absolute nightmare for an IT security professional is when protected data is accessed by unauthorized personnel. While passwords, firewalls and other basic protection methods are becoming easily ‘hackable’, organizations are seen shifting towards Multi-Factor Authentication (MFA), which includes voice callbacks, SMSes and OTPs, to combat the issue. Although, MFA has been able to minimize the risk to certain extent and has become a necessity, it seems the way ahead for enterprises to protect their large data is by implementing adaptive authentication. Understanding secured login, MFA is the present, adaptive authentication is the future.Here’s why: MFA is the present, adaptive authentication is the future: While MFA could help in tackling the security issue in the present scenario, enterprises looking at a long-term perspective ... Read More
09/19/2016Rajesh Mittal
shutterstock_217580251
Einstein famously defined insanity as “doing the same thing over and over again and expecting different results.” We may relate this saying with redundant and repeated function/process that companies continue to follow including archaic security strategies while data breaches. There are cases guiding IT security strategists to take a close re-look and close any security loop. But most of them just stay put, with failed efforts and unconvinced non tech decision makers. Insane, it is! Safeguarding IT Systems is crucial in bringing down unforeseen cost of breach.Ponemon Cost of Data Breach Study’s researchers interviewed IT, compliance and information security practitioners, states that in 2016 the average consolidated total cost of a data breach grew from $3.8 million to $4 million. The ... Read More
07/28/2016Rajesh Mittal
shutterstock_412439182
Being rich in information, the healthcare industry has become one of the most vulnerable industries. It is being targeted by cyber-criminals as it contains information ranging from an individuals’ personal information credit information to protected health information (PHI) – all in one place. It translates into a high return when such data is viewed in monetized aspect. Industry needs checks in place, HIPAA has institutionalized such checks specific to the healthcare industry and to protect patients against loss, theft or disclosure of their sensitive medical information. In June 2005 the U.S. Department of Justice (DOJ) clarified who can be held criminally liable in Healthcare related breaches. As per legislation, entities and specified individuals within the healthcare industry, who “knowingly” obtain or ... Read More
07/22/2016Rajesh Mittal