Soft drink security

Dubai Refreshments has completed a vulnerability audit and deployed a range of solutions to protect itself from penetration. The security project ensures that the company’s new IT infrastructure will remain safe.

  • E-Mail
By  Matthew Southwell Published  October 27, 2003

I|~||~||~|Dubai Refreshments has boosted the security of its IT infrastructure. The two-part project began six months ago with the completion of an enterprise-wide vulnerability audit. Information garnered from the survey was then used to create the company’s security policies and choose appropriate solutions for the soft drink firm.

“When we started this project there was no security. Our systems were completely open and the connection from Etisalat, for example, went directly to the server because we had no firewall,” explains G.V Rao, IT manager at Dubai Refreshments. “As an IT manager, this started to take up too much time and although security is important, it was not possible to focus on it solely. We had to find an answer,” he continues.

The solution arrived in the form of Intertec Systems’ IT security division, SecurIT Professional Services (SIPS). In addition to carrying out a security audit, the company has helped Dubai Refreshments implement a number of solutions and create its security policies.

“SIPS came in to do the audit and their consultants went through everything within the infrastructure. They completed a vulnerability test, which scared us. Although we knew there was nothing there it was worse than we thought and it would have been very easy for someone to come into our systems and enter our files,” says Rao.

So far the soft drink company has reconfigured its proxy servers, deployed a web filtering solution from Surf Control and installed both a Cisco firewall and Trend Micro’s antivirus software. This has since been followed by another assessment to ensure any gaps threatening Dubai Refreshments’ IT infrastructure have been successfully sealed.

In addition to rolling out technology solutions, Dubai Refreshments has created, implemented and disseminated a number of other policies. For instance, the company is poised to remove access to the administration function on PCs to prevent users from uploading files from either floppy disks or CDs.

The correct attitude and approach to security has also been instilled in the user community by fully explaining why decisions have been made, communicating them by e-mail and supporting them with official warnings, if necessary. According to Rao, the response has been favourable.

“When we implemented Surf Control, for example, users knew that Big Brother was watching. However, rather than just doing it, we explained how the internet was a work tool not to be abused. Although a few people were unhappy, most were onboard early,” he says.

Dubai Refreshments’ focus on security has been spurred by its ongoing investment in IT. Begun 18 months ago when Rao overhauled the company’s network infrastructure, technology has become a core component of the firm’s ambitions to grow both its market share and improve its internal efficiencies.

“IT is becoming more important to the company and this is reflected in everything from management to business processes. We have completed between 30-35 projects within the past year and a half,” explains Rao. “Some the projects have been small and some big, but they are all designed to help us grow [our business]. Therefore we need to ensure we have the correct security,” he adds.

||**||II|~||~||~|Following the deployment of a fibre optic and Nortel Baystack switches-based local area network (LAN), Dubai Refreshments deployed over 100 PCs for its users. Each of these machines has since been fitted with antivirus software that is updated on a daily basis.

“Today we have about 140 PCs in the company and they are for everybody, except for the labourers and sales people,” confirms Rao. “Everyone in the office has a PC with e-mail access and a licensed copy of Microsoft Office. They also have a connection to a LAN printer,” he adds.

Through these PCs, users can access the company’s core business application. Called Dubai Refreshment Sales & Distribution (DRSD) and hosted on a Compaq server, the software was written inhouse over a two month period. It is based on a standard edition Oracle database and forms.

“DRSD takes information from the load outs, the gate passes, the invoices, settlements and everything else,” explains Rao. “It allows us to enter all the sales and invoice data into the database and ensure sales reports are generated by 8am the following morning for the general manager. The report means the day’s selling is done with all the necessary knowledge,” he adds.

In the not to distant future, users will also have access to Oracle’s E-Business Suite. Currently being deployed by the inhouse IT team and Hyperlink on HP 9000 servers, the soft drink company is rolling out the suite’s financials, manufacturing, inventory, procurement and human resources management system (HRMS) modules. However, the Oracle sales & distribution module will not be deployed as Dubai Refreshments intends to carry on using its own application.

“Even when the Oracle E-Business Suite is fully rolled out we will continue to use the DRSD application because is specifically built for our company’s needs, unlike Oracle’s sales & distribution module,” says Rao. “However, we will have an interface between DRSD and the accounts receivables and inventory modules in the E-Business Suite at the database level,” he explains.

This huge repository of information will then be used to create even more detailed reports for Dubai Refreshments’ senior managers. The company already has Oracle Discovery, which is being used by the company’s financial analyst, and there are plans to acquire a business intelligence (BI) application from either Brio or Business Objects.

“Our core objective for the business is to gain market share, which takes strategic decisions. Our IT overhaul helps achieve this in many ways, for instance, it provides management with 2D and 3D reports so they can plan how the company moves forward and how it can sell more product,” says Rao. “IT also helps increase the speed of business processes, whether that is in terms of recruitment for the HR department and closing accounts in finance,” he adds.

As the company’s Oracle implementation is completed and other projects begin, Dubai Refreshments’ technology team will continually evaluate its security policies to ensure every piece of kit and business process is covered.

“We will review our security policies all the time so we are carrying out preventative maintenance,” says Rao. “We have to do this if IT is to contribute to the business and deliver,” he adds.||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code