How Indusface’s helped CXC secure their SAAS application

Indusface has become the extended arm for CXC Solutions to manage and safeguard its web applications

How Indusface’s helped CXC secure their SAAS application

Thursday February 17, 2022,

4 min Read

CXC Solutions embarked on its journey in the healthcare administrative benefits sector 11 years ago, thereby ramping up the process of claims processing and management, and gradually shifted towards compliance. In simple terms, the health benefits ensured by employers to their employees are governed by the laws of the Internal Revenue Service (IRS) and the US Department of Labor (DOL). As these are all tax-saving plans CXC Solutions helps employers stay compliant with the IRS and DOL regulations. 

“We deal with a lot of data based on the privacy of individuals, health conditions, health plans, etc. Thus, security is a must-have for us, as most of the CXC users use the CXC web application to consume our service,” says Shiva Shenoy, CTO, CXC Solutions. 

The main challenge while dealing with web application security is expertise and time. “As CXC started expanding, we realised that web application security was becoming a major challenge, and thus the need was felt for vendors like Indusface who can take ownership and be my security partner, based on their full-service model, monitoring things 365 days and 24x7 included with their Web application firewall” he adds.

CXC subscribed to Indusface AppTrana services to get continuous updates and policy updates from Indusface to defend against new threats. “Indusface is in the business of security, focusing on all their clients, and I kind of leverage this knowledge they provide through their software and services,” adds Shiva. 

Winning trust through Indusface

Shiva recalls testing a few alternatives before making the final move with Indusface. “I did consider a few alternatives in the earlier days. But now I don’t feel I need to look for any other vendor as I have trusted them with my data and web property, and so far, they have never let me down,” he says. 

Talking about offshore working for a US-based company like CXC to deal with an Indian name, Shiva says, “Rather, this can be taken as an advantage. The Indusface team is 11 hours away from me and is providing 24/7 support. During the daytime in the USA, if something goes wrong we can always check and get it fixed with support from Indusface. But at night too, the Indusface team is always available to monitor my software, and alert me if something goes wrong.” 

Another thing that has evolved is the higher needs from clients from SAAS product vendors. “We ourselves have emerged to become a white club service to our clients, where they just hand over the problem and expect to get a proper fully managed solution and not just a software tool,” says Shiva. Considering Indusface to be an extended part of the CXC Solutions’ team, he adds, “It’s almost like being my 24x7 security partner, proactively taking care of securing my applications and keeping the hackers and bad payloads/DDOS and bot attacks away from hitting my application and providing a better experience to my real customers and users.”

Creating the security ecosystem

Shiva explains that CXC Solutions gets on quarterly calls with the Indusface team, and gets updated on product enhancements and monitoring processes. “It’s a completely different scenario when you have a security vendor that’s educating you when the world changes and security processes become more complex than usual,” he says. 

This has in turn positively helped us focus on our sales and retention of clients. In addition to all the above-mentioned points, Shiva concludes “Large enterprises have huge security teams, facing different challenges, managing them on their own or the hired vendors. At CXC Solutions, a mid-sized enterprise, it is impossible for me to hire and manage security experts.I should do what I do best, i.e., compliance, and let vendors like Indusface manage the security issues, while I get the benefits at a much lower cost. Instead of having a single tool, it’s always great to opt for a team that continuously works as a backup in managing the security issues,” conjectures Shiva.