In 1996, when big boys of Indian IT Industry were concentrating on IT development and maintenance, and long before IT security management became a pre-occupation for top companies around the world, two young engineers from Wai, a sleepy hamlet near Panchgani in Maharashtra, had the vision to start an IT governance, risk and compliance company in India "We had a conscious choice to make. Instead of doing basic IT development and maintenance work, which was outsourced in bulk from US companies and helped
Indian IT companies grow leaps and bounds, we decided to focus on next generation IT services such as security and risk compliance," says Atul, who partnered with Nitin to start Highband Communications Pvt Ltd in 1997.
Today they have done more than 80 IT audits of large US companies having turnover in excess of $50 million. "The IT security management in US is estimated to be more than $16 billion. After the recent financial meltdown and a probe to ascertain the causes behind Lehman bankruptcy, I expect more companies to opt for IT compliance," says Atul.
However, those days, not many companies thought IT audit to be necessary. "First 3-4 years were full of struggle. Companies were concentrating on their networking solutions and nobody even knew about the hazards posed by IT infrastructure. We went around and advised companies about the loopholes in the IT system, vulnerability of putting company's information and processes on the web, and the safeguards to prevent possible frauds," says Atul. "We started working with Satyam Computers on security and compliance."
The turning point came in 2003 when the US government passed Sarbanes Oxley Act (SOX) after big US companies such as Enron and WorldCom went bankrupt. It made the corporate laws stringent. CEO of a company was made liable for any failing or shortcoming in implementing compliance norms. "Our business had gone northwards since then. In past 5 years we have done auditing of more than 50 companies including the bigwigs of Indian IT industry as they had to adhere to SOX regulations to do business with US companies," says Atul.
Quiz Atul on fraud cases and he says, "Most of the companies think that putting a robust technology will prevent frauds. But frauds are not just about the technology; people and processes of the company lead to 90% of the fraud cases. Human angle is always there. It's equally important for a company to address the issues of disgruntled employees," says Atul. He gave the example of one of his clients, a trading exchange in Dubai, where sensitive information of the exchange was compromised by an internal employee.
Highband employs more than 50 people in India and US and has grown over 50% in the financial year 08. The company is looking for strategic partners in US and Europe to expand their international operations. "We are planning to recruit more than 500 people in next five years. However, it' easier said than done as this field requires high IT qualification and one has to constantly upgrade himself with the latest in IT technology. I still study and give exams for various certification courses to update my knowledge in IT security management," says Atul.
Highband is also looking for funds to bankroll their international expansion plans.