Nasscom Community

RE- IMAGINE MarTech for enhanced Digital Customer Experience – A key strategy for successful marketing in the #newnormal

In my last blog “Emerging technologies and Reskilling redefining MarTech implementation in the new normal”, I had highlighted how emerging technologies and consequently reskilling in these technologies is becoming an important trend for successful implementation and utilization of MarTech across enterprises. Considering these trends it won’t be wrong to say “Marketing is quickly becoming a science”. Though creativity would always remain the top focus for a marketer, the rise of digital and increasing need to focus on digital customer experience is making the science i.e. software element a key priority.

Consequently, the share of MarTech have doubled over the last three years in the major markets of UK and North America, and this trend is only moving forward with more and more marketers putting their budgets into technology last year, more enterprises planning to increase this share in 2021.

                                                 Source: NASSCOM MarTech Report 2021

In addition to this increasing shift towards MarTech, another key trend that emerged under MarTech was the rise of digital customer experience – which has become a key imperative in the MarTech space in the #newnormal with the rise of digital.

                                         Source: NASSCOM MarTech Report 2021


Consequently, companies are increasing their MarTech budget spending towards Digital Customer Experience. With this increased focus on DCX, both enterprises and tech vendors need to reimagine ways to implement MarTech.

Considering this need we have devised an I.M.A.G.I.N.E. framework in our report which focuses on a four-stage process for enterprises to build a world class DCX for their customers.

                                               Source: NASSCOM MarTech Report 2021

It also includes go – to market recommendations for the tech vendors on the similar lines.

                                              Source: NASSCOM MarTech Report 2021

This year’s MarTech report captures this IMAGINE framework in detail and also talks in detail the key trends that are shaping MarTech in the new normal. Read all such insights more in our report “MarTech – The Digital Customer Experience Imperative From Personalized Products to Personalized Experiences”.

The post RE- IMAGINE MarTech for enhanced Digital Customer Experience – A key strategy for successful marketing in the #newnormal appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

Data Annotation Landscape and Trends: The India Story

We are well aware of the Achilles’ Heel of AI, training data on which the model is built, it has the power to make or break the AI model and the subsequent decisions it takes. My previous article highlighted the importance of data annotation services in creating well-labelled training data for enterprise AI models. The article also talks about the building blocks of successful service delivery in the annotation space and the business models prevalent globally.

Image Source: Analytics India Magazine

Let us in this article try to get a deeper understanding of the India story with respect to the data annotation landscape and a few trends that are driving the India market. The data annotation market serviced by India in FY20 is ~USD 250 Mn and the cost billed to the client for any project is based on the combination of the kinds of use cases, number of data items to be labelled, complexity and type of annotation required. The infographic below highlights the India market dynamics.

Source: Data Annotation – Billion Dollar Potential Driving the AI Revolution

The same business models as mentioned in my previous article apply in the Indian context as well – crowdsourced platforms, managed service providers (MSPs) and SaaS offerings. However, the managed services model drives the majority revenues approximately 65-70% of the total revenue.

Source: Data Annotation – Billion Dollar Potential Driving the AI Revolution

The Indian MSPs follow different workforce models with majority of the employees represented by non-metros:

  1. Dedicated Workforce Model
  • Service providers with dedicated full-time employees that utilize the internal annotation tool
  • The dedicated workforce is the USP and is trained to deliver client projects at the highest level of quality
  1. Partnered Workforce Model
  • This model is adopted by service providers that follow a platform-first approach with the tool serving as the USP
  • The workforce comes from verified BPM partners from Tier II/Tier III cities who are trained on the annotation platform

MSPs also impart an average of 4 weeks of training to the hired workforce and look for learnability instead of education.

Training – Apart from the training provided prior to live projects, employees receive an average of 2-4 weeks of training through the year

Mindset over Education – While basic intermediate education is sufficient, the key attribute while hiring is mindset and ability to learn

Employee Earning – The monthly salaries offered by MSPs can go up to USD 300 per month for generic data annotation tasks, for sector-specific expertise it could be even higher.

Source: Data Annotation – Billion Dollar Potential Driving the AI Revolution

Watch out for my next article that provides more details about the data annotation industry. Download our full report on Data Annotation – Billion Dollar Potential Driving the AI Revolution for more interesting insights.

The post Data Annotation Landscape and Trends: The India Story appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

Confront Concerns About IT Staff Augmentation: 4 Benefits of Engaging a Partner

As an in-house IT manager, a CIO, a CTO or a business professional, you may already have grasped the critical need for additional help on an IT project – whether it is ongoing assistance or help for a standalone project. You see the full picture. You know your IT team is overwhelmed, you know their skill set and you know you can’t get the job done with the existing knowledge and resources you have. You also understand the importance of getting that job done quickly and effectively.

In this article, we outline four benefits of IT staff augmentation for your consideration and to share with decision-makers across the enterprise.

“Whatever your need, be sure to gain a full understanding of your requirements before you begin to interview candidates and look for a partner with proven references and experience. You won’t be sorry!”

Here are four benefits of staff augmentation you can share with your management team:

  1. Budget and Schedule

While your team may believe that IT staff augmentation is more expensive than doing it yourself, there are many financial benefits and time factors involved. First, you must weigh the value and importance of the projects your in-house team cannot complete or the delays they will incur because they are distracted by this project or by the ongoing needs of the organization. Secondly, you must look at the cost of a prospective IT staff augmentation partner and understand that the right partner will provide Service Level Agreements (SLAs) to ensure that the work is on budget and on time. In this way, you are ensuring that your estimates and plans will be achieved. When a project is approved for in-house execution, it also includes plans but when those plans fall through, there is little you can do to recover. With a partner, you have an agreement that will keep you on track.

  1. Resource Optimization

Your in-house IT team has a lot of important work to do and they are usually overloaded and find it difficult to complete even the workload they have assigned to them. When you assign a particular project or ongoing technology area to an IT staff augmentation partner, you allow your in-house team to do what they do best. They know your network, your hardware, your in-house software, your environment, your databases and they can use that knowledge to focus on core responsibilities. It is a win-win all around!

  1. Scalability and Flexibility

IT staff augmentation allows the organization to flex and to increase or decrease resources as the need arises. It allows the business to add different team members and skills as required and ensures that the business will not pay for more than it needs but will always have what it needs to get the job done in an ever-changing environment. IT staff augmentation can be very specific in timing and staffing or it can be flexible. When a business has to hire additional team members to staff a project or to accommodate expansion, and plans or markets change, they must adjust, and all the considerations that go along with hiring will apply (benefits, schedules, space requirements for team members, updated training, etc.).  IT staff augmentation provides the ultimate flexibility.

  1. Knowledge and Skill

IT staff augmentation ensures you will have the skills, knowledge and experience you need to complete a project or to provide ongoing support. If needs change, new skills and team members can provide just what you need, when you need it. Your business does not have to worry about team member downtime for scheduled training classes or waiting for the right team member to become available to complete a particular task.

When confronting confusion or concern over engaging a partner for IT staff augmentation, it is important to be prepared with an overview of the benefits of this approach and how it can help you achieve your goals. Whatever your need, be sure to gain a full understanding of your requirements before you begin to interview candidates and look for a partner with proven references and experience. You won’t be sorry!

“The right partner will provide Service Level Agreements (SLAs) to ensure that the work is on budget and on time.”

Every business deserves a skilled, dependable IT staff augmentation partner. Start here and explore our IT Staff Augmentation Services.  Read our White Paper to find out how to select an Offshore Outsourcing Partner.

The post Confront Concerns About IT Staff Augmentation: 4 Benefits of Engaging a Partner appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

Effect Of COVID-19 On Hospitality Industry

The world is currently battling with the unprecedented effects of the COVID-19. With the UN claiming it to be a crisis on humanity like never before, it has put our social fabric and cohesion under tremendous stress. In the face of this fatal virus, the economies worldwide have come to a standstill, making the travel restrictions and social distancing policies the new normal.

Impact of the Outbreak

The hospitality industry has taken a massive hit around the globe with occupancy rates dropping by 59% in US hotels alone. Significant declines are also forecasted in average daily rate (ADR), occupancy, demand, and revenue per available room (RevPAR) for 2020.

Current forecasts predict a deep economic contraction in the first half of the year, followed by a bounce-back in the latter half. However, there could also be a prolonged economic uncertainty that would resist a sharp bounce-back. As hotels counter this economic crisis, there will be a dire need to assess the business continuity and operational challenges, both for the short and long term, and understand the impact on Cash, Working Capital, and Profitability.


The severe situation had stalled travel plans for the majority of the people around the world but it is expected that hotel bookings will see a recovery after September 2020. However, it is also predicted that people will be more inclined towards traveling domestic rather than international. Thus, it is imperative for the hotels to be prepared before the business starts to ramp up and use this interim period as an opportunity to overhaul their legacy systems.

The need of the hour

1. Regain Guest Confidence

The core of the relationship between any brand and its consumers is “the trust”, and thus recapturing guest confidence should be the primary step for any brand amidst this pandemic situation. At a time when consumer confidence is at an all-time low, communication will play the lead role in re-assuring the guests of the safe environments at different hotels. Also, within the hotel premises, the way hotels empower their guests with increasingly relevant and timely information, will also hold the key to future.

2. Revisit Hospitality Offerings

Hotels will need to review their existing service offerings to adapt to the “new normal” and provide a touch-free experience to their guests when they arrive at the property. To achieve this, Hotels will need a transformation in their daily operations to provide an experience that would ensure that both the guests and the hotel staff are in safe hands.

3. Employee Well Being

A turnaround is also expected in the hospitality industry at the employer level. The current working models need to be re-evaluated for efficiency with ‘employee wellbeing’ positioned higher than ever in the hotel’s priority list. Providing them with safety kits and eliminating the different touchpoints while serving the guests are the major needs of the hour.

4. Regulatory Compliances Liabilities

In this new environment, hotels need to adopt new practices to regulate the environment in which the business happens. Once the operations begin, stern measures on sanitation and hygiene will be very important and hotel properties will have to not just be aesthetically clean but also clinically clean. It will also be important to ensure that the mandatory regulatory guidelines such as social distancing are being followed at their properties

Hotel Digital Transformation: Unlocking Technology’s Caring Feature

Technology has always been a primary component in driving a hotel’s value proposition to provide a home-like experience to guests. In a post COVID scenario,  it will have a big role to play in furthering the digital transformation journey of the hotels. Digital solutions that can identify touchpoints and ensure minimum physical contact among the guests and the employees at each point of contact will take the center stage.

1. Contactless Journey for Guests

The operational goal will be to make the guest and the staff’s journey seamless, reducing the physical touchpoints while they are at the property. The journey starts the moment guests/staff enter the property where a touch-less identification and mobile check-in is needed to avoid the long queues at the reception. Digital keys to access the rooms or elevators would be another aspect to avoid the physical touchpoint with the doors.

Smart devices such as sensor-based lights or gesture control features in washrooms can further elevate the touch-less ecosystem of the hotel

Touch-less experience means that the users are enabled with these services on their own mobile devices and avoid contact with any other vulnerable surfaces. In spite of many solution providers working with the hotels to incorporate such offerings, the major challenge which the hotels face is to get their applications downloaded onto the guest’s devices. Solutions such a Next Generation Hotspot (NGH) solution can help hotels in overcoming this challenge and further boost their mobile-first strategy by providing touchless and secure access to the available hotel services without the need for users to download any application on their devices.

2. Ensuring Social Distancing

Digital solutions can help hotels in ensuring that the social distancing guidelines would help them mitigate the legal liabilities which they need to comply with. One way is to re-design the common areas and communal facilities like health clubs, restaurants, and salons to ensure minimum human contact and drive guests to relish those spaces. Another relatively easier way is to ensure it, via technology, where hotel staff or the guests are informed of any such violation, enabling them to take appropriate actions. Solutions such as People Insights AI and Intelligent Monetization Platform (IMP) can empower hotels with such features by using the existing infrastructure of security cameras or hotel Wi-Fi networks.

3. Real-Time Communication

An important role will be played by the effective communication of the brand to empower their guests with the right information at the right place and at the right time. Besides engaging guests at the premises based on their locations, Proximity Marketing can enable the hotels to notify them regarding any violations of the allowed number of people in a surrounding area, information about room-service delivery, or even informing them if their room is ready to check-in.

4. Remote Operations

The crises made it evident that technology solutions accessed by employees remotely are crucial to keeping operations on track and were not considered by the past hoteliers in order to manage their hotels from afar before the pandemic. Reviewing and updating standard operating procedures, upgrading towards cloud-based platforms should be a standard for the hospitality ecosystem.

Hoping for a beginning of an End

COVID-19 is pushing the industry to manage, adapt, and respond to the uncertainty and risk associated with this global health incident. Managing the guests’ & employees’ safety and delivering as per guests’ expectations will not be considered a competitive advantage, but rather an industry imperative. Enterprises in the hospitality industry should partner with the right technology solutions providers to ensure a foolproof digital transformational strategy for the future.


The post Effect Of COVID-19 On Hospitality Industry appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

5 Topmost Practices for Converting Business to DevOps


Businesses have been facing the age-old delivery conundrum arising from developers and operations not having a proper communication channel, resulting in operations having to deal with production issues. This issue caused several delays in the completion of the software development life cycle (SDLC) and hence increasing the time-to-market of the product. As a result, costs companies millions of dollars.

DevOps rose to be the hero who salvaged this situation by bridging the gap between the two. It acquired application and infrastructure configuration by resolving the challenge that agile delivery faced by defining ownership and roles.

This setup resolved the issues faced during delivery wherein developers would complain that the software application performed adequately in their development environments but caused problems once pushed to an IT configured environment.

Why does your business need DevOps?

DevOps allows companies to become agile, enabling them to keep up with the twists and turns of the market. DevOps decreases the time-to-market meanwhile improving the UX of your customers. CI/CD frameworks created using DevOps methodologies automate the entire software development process.

That being said, traditional companies face a lot of issues while trying to implement DevOps. They have trouble understanding where to begin their transformation. This article will enumerate the 5 topmost practices for converting a business to DevOps.

Let’s begin!

Top 5 Practices for converting your business to DevOps

Identify Resources

Before adapting to DevOps, you need to identify the resources that you have or need for its successful implementation. Identifying individuals who have knowledge of the latest DevOps tools in the market can be of great help. If your company lacks these resources then you should hire individuals who have extensive knowledge of DevOps frameworks. Cross-functional teams should be provided with different incentives to promote the model of DevOps. Create a new model that incentivizes delivering a better customer experience.

Your DevOps team will be responsible for everything related to software delivery. Aspects such as gathering resources for a project, planning, implementation, deployment, and maintenance, making them the most important team in your enterprise. Hence, they should possess the ardor to learn and deliver excellence in their work.

Establish a continuous testing environment

Once you have established a DevOps team, you should focus on the technological resources they need. It’s essential to provide them with accurate, recent information about the production environment, enabling them to plan deployment.

As the DevOps team will be involved in the entire service lifecycle, they need in-depth knowledge of the platform and infrastructure, as this will allow them to debug and troubleshoot software applications. Creating an automated deployment pipeline that enables the DevOps team to deploy fully automated scripts within minutes is pivotal. This pipeline should integrate continuous integration, continuous development, continuous testing, and continuous deployment into a single entity.

Implement agile principles

Following agile principles along with DevOps methodologies is the key to success. This cocktail will allow developers, testers, and analysts to have better communication channels. Following this path will reduce the deployment time and the number of bugs in the software, thus reducing the time-to-market.

Following agile methodologies ensure that CI/CD pipelines are effectively implemented. These methodologies enable you to get feedback from the customers as soon as possible, thus improving the quality and usability of the product.

Establish continuous deployment

Creating a continuous deployment system enables you to deliver continuously. This system doesn’t require the involvement of a human, each build gets automatically deployed after passing a test scenario. Continuous deployment allows organizations to deliver new updates and upgrades without losing the functionalities of the software application.

To successfully implement continuous deployment your developers should be good at coding, and your testers should create scenarios that aren’t redundant. When this structure is in place, your system will work without any hassles. But continuous deployment is not fruitful if the company doesn’t monitor the feedback it receives. Feedbacks allow users to assess the useful features in a software application, further improving the user experience.

Implement blue/green method

The blue-green method is a technique used by DevOps engineers to create two identical production environments allowing companies to reduce downtime. The blue environment is treated as the primary environment whereas green serves as secondary. This setup helps companies to route traffic depending on what stage a software application is in the software development lifecycle (SLDC).

This technique can put an end to any downtime that may arise due to app deployment. Furthermore, the blue-green method allows you to roll back to the earlier version of the software application in case of a bugged update by simply switching environments.

To Conclude

DevOps is a methodology that allows companies to reduce the time-to-market, meanwhile improving the quality of the product. While adopting DevOps, you should be realistic about your goals and expectations. The primary requirement for starting your DevOps journey involves getting the right resources and structure in your organization. After the primary goals have been achieved, it is necessary to create the necessary testing and deployment environments.

After all the preliminary changes, the most essential part is to establish and monitor crucial metrics. These metrics will allow you to gauge where your software is performing well and where it is lacking, allowing you to redirect your resources to the functionality that requires change. DevOps provides your business with expansive gains by streamlining the end-to-end delivery cycle. DevOps also creates customer feedback loops, ensuring that your customers are always satisfied with your product.

DevOps methodologies don’t just save your time and effort but also improves the quality of your software applications. If you’re planning to begin your DevOps transformation, then a software testing company can assist you with the same.

Source: 5 Topmost Practices for Converting Business to DevOps

The post 5 Topmost Practices for Converting Business to DevOps appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

Gender equality matters and we must accelerate the conversation

Across organizations around the world, there are many inspirational women professionals who have broken the glass ceiling and taken centerstage as powerful leaders and mentors. Technology, finance, electronics, manufacturing, chemicals, food and beverage, retail, healthcare, oil and gas, government, and military, automotive, and many others top this list. While these courageous women set a great example for people everywhere, it is also important to recognize that their success did not come easy. Success is often the sum of many factors that include aiming for and working hard to achieve ambitious goals, undergoing continuous learning, having advocates, and having the courage to pivot when required, with the wisdom to know how.

While in certain parts of the world, India included, we see an uptick in the number of women in the workplace, there remain issues still rooted in the traditions and assumptions of the past. Unconscious biases, gender disparity and gender discrimination, unfortunately, still exist. The good news is that every woman and man can be an instrument of change. We can be the ones driving a dialogue for equal opportunity and an inclusive work ecosystem.

This dialogue is even more important in light of the impact of COVID. According to a recent McKinsey report: Women make up 39 percent of global employment but account for 54 percent of overall job losses. Using data and trends from unemployment surveys in the United States and India, where gender-disaggregated data are available, McKinsey estimates that female job loss rates due to COVID-19 are about 1.8 times higher than male job loss rates globally, at 5.7 percent versus 3.1 percent respectively.

Today, my focus is on gender – which is only one element of Diversity Equity, Inclusion and Belonging. Diversity, Equity and Inclusion is focused on driving equity across gender, race and age. The main components are driving diversity (increasing representation), equity (making the diverse groups equitable in things like job title and pay); Inclusion (how does your company culture include the diverse groups) and the final component is Belonging.

As we honor and celebrate International Women’s Day, here are four areas of focus that can help achieve better equality and more diversity, not just at work, but in our life.

  1. Choose to challenge gender stereotypes.

Gender stereotypes is a complex issue to address. Rooted in history and culture and effecting economics, stereotypes are engrained brain reference points where we’ve all had ideas and experiences cemented in our minds throughout our childhood, which if gone unchecked, gets reinforced as a child grows to adulthood. A person could still be reliant on ‘stereotyping’ and not be aware of it. This is true for both men and women. Effectively addressing gender stereotyping starts by breaking down areas where it most commonly is used.

One area of focus should be on language. We must stop the use of stereotypical language such as middleman, drama queen, chairman, spokesman, etc. Sensitizing others to why it is wrong when similar language is used is important. Generalizations such as ‘The guys’ or ‘The girls’ posted on common workplace platforms should be discouraged. Being professional and focused on goals and challenges directly related to the job, reduces the possibility of dialogues going on a tangent. Staying informed of what is acceptable behavior, being unafraid to speak up and being prepared to answer inappropriate comments with levelheaded professionalism is necessary to overcome barriers.

  1. Choose to challenge women and girls to work in technology and science.

It is a well-established fact that globally, women are underrepresented in science, technology, engineering, and mathematics (STEM) fields. Multiple studies indicate this is not due to the inability of women to excel in STEM. In fact, in some parts of the world, women are more attracted to STEM courses. However, the global situation remains challenging for them to enter these fields because of gender imbalances. There are several reasons why this disparity exists. This includes lack of encouragement, active discouragement, lack of female role models or mentors in STEM, and negative peer pressure. Less than a third of female students choose to study higher education courses in subjects like math and engineering

Like many unconscious behaviors, these were likely developed when in school or college. Take the common example where a group of mixed gender engineering students are working on a project. The female in the group is most likely to be relegated to doing routine managerial or secretarial roles while the males take on the challenging segments of the project. We can change that by making the decision to push past the old ways and adopting new ones.

It is critical that both men and women in STEM do not let the outdated culture of sexism continue. It will take consistency and commitment to solve this complex problem. However, it is worth the effort not only for women today but for the generations to come. In 2021, the barriers for women in STEM are much less than even 10 years ago. Women and men must utilize opportunities to create a more gender-balanced enterprise and contribute their unique inputs to the growth of the company. True leaders will take charge of any situation and set the tone by being competent professionals, as individuals qualified to get the job done, and request for assignments that are desired.

  1. Choose to challenge the assumptions that men are stronger leaders and innovators. Challenge the system to accept that women are powerful, effective leader and innovators

While there are more women moving into leadership roles and becoming innovators, there is a global need to increase and accelerate female representation at the highest level. There are multiple real and imagined barriers that prevent women from aiming for the ultimate pinnacle of leadership. It is on each one of us to address these hurdles and change every challenge into an opportunity. For example, if a meeting is attended only by men, instead of viewing it as overwhelming as a woman, take a seat at the meeting room table and know that you belong. Help people see your unique skills and viewpoints. Multiple studies have shown that encouraging and promoting women leadership is one of the devices by which an organization can increase gender equality in the workforce which can, in turn, drive better business results. The clear message for women therefore is to be confident, play to your strengths, recognize that your work has brought you to new levels, and leadership is a very viable goal.

The best way to really challenge any status quo, is to measure it and take action to change it.

  1. Choose to challenge gender discrimination, always

Gender discrimination is defined as the unfavorable treatment of someone (employee or applicant to a job) due to their gender. The #MeToo movement highlighted how gender discrimination and harassment was a deeply embedded problem in societies and industries, across the world. It is real and present.

The question to ask is, how can an employee recognize and address gender discrimination at the workplace? The first part of the answer is to be aware that gender discrimination can come from anyone regardless of their gender. It can be paygrade disparity based on gender; it does not have to be as extreme as sexual harassment. It can also involve frequent negative comments and stereotyping that make the workplace offensive or hostile. How does one effectively address this?  By following a few simple pointers: Note down the instances and what was said, with the date, time, and location of the occurrence. Check for company protocol and file a complaint with HR or your direct manager. Irrespective of what the outcome, it is important to communicate and prevent discrimination from taking control of your work life.

Women are fearless leaders who are regularly carving niches for themselves in their careers. They strive to deliver the best of their capabilities and stay self-motivated. Women embrace change instead of looking at it with fear as, sometimes, with big risks come great rewards and the ability to make a difference. Committing to continuous improvement, advancing skills, keeping abreast of emerging tools, all go towards building expertise. Being a lifelong student, a person who is well informed and unafraid to be heard, could very well make many women future leaders, that the world looks up to. My previous boss and mentor, Padmasree Warrior, would always remind me when looking up – “keep your eyes on the stars and your feet on the ground.”


The article was first published on ET HRWorld

By Annie Weckesser, Chief Marketing + People Officer, Uniphore

The post Gender equality matters and we must accelerate the conversation appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

6 Things To Look For in a Penetration Testing Services Provider in India

In the wake of soaring cyber attacks, penetration testing services have acquired remarkable prominence worldwide. Business owners, stakeholders, IT risk managers, CIOs and developers, who have recognized the importance of having a water-tight security plan, have stepped to the front-line and quickly implemented and recommended penetration testing services.


Yet, to decide upon a penetration testing service provider is a confounding process for many organizations. Security testing in India varies upon the type of application or network & the certification you need as per the government or regulatory authority. There are all sorts of penetration testing services available for businesses to secure their online assets such as website pentesting, mobile pentesting, network pentesting and so on.

Not all services cater to all requirements or testing scope. Also, not all provide the desired results. For example, a service may only be doing automated tests, another only manual, some may be providing certificates, some may not.


Hence, it is extremely important to put down your requirements before you even start looking for a penetration testing service. You should also be clear on your goals before you opt for a penetration test. What do you really want to achieve with the test?


In most cases the goals are one (or a few) of the many things given below:

  • Vulnerability discovery and patching
  • Security certificate
  • Compliance needs
  • Formulation of a security plan, etc.

As you would have guessed by the title, this post’s aim is to help you make the right choice for a penetration testing service. Here we’ll discuss what makes for an outstanding penetration testing service provider and how to decide the perfect fit for your business. So, dig in more.

5 traits of an outstanding penetration testing service provider

Before we get to listing the traits, it should not be ignored by any means that there’s a disclaimer too. These traits are:


  1. They are certified professionals

We are talking about your business’ security here. Crucial data, processes and systems are at risk. Hence, it is very important to verify if the person who will be carrying out the pen-testing job is qualified enough to do that job. Although it is a given for a security company to have certified professionals, it is good practice to confirm anyway.

Ethical hacking certificates such as – CEH, OSCP, LPT, etc. are accepted worldwide as standard professional certificates. If the individual possesses a few of them, it should be fine.


  1. Customer reviews are positive for the service

It almost seems like an obvious trait but it still gets ignored many times. Confirming that the service is valid and delivering expected results from someone who has taken the service before is always a recommendation.

Make sure you go to certain trusted review platforms and verify if the pentesting service provider is as good as presented. In case, you can’t find a listing for the service on any review platform, consider it a red flag. Usually, people also talk about their experiences with a service on other social media platforms such as Reddit, Quora, Facebook, so make sure to check those, too.

Swipe the card only when you are 100 percent sure of the service.


  1. They have a documented methodology and transparent process

Security companies normally have their processes and methodology documented. Study their method to ensure your requirements and the service’s offering are compatible. You can either find the methodology on the pentesting service provider’s website or you can explicitly ask for it. This will also help you get a gist of the type of tests that will be performed in the process.


  1. They provide detailed reports with fixes and recommendations

Check if the pentesting service provider provides detailed reports with information regarding the vulnerabilities found, risks attached to them, and their quick fixes. Always make sure that the reports provided are not yawn-inducing and incomprehensible chunks of data. Reports should be easy to understand and follow through for checking the progress.

Almost all viable services offer sample pentesting reports. If you can’t find it on their website, ask them to send one. Besides PDF and text-based reports, selenium scripts (scripts to reproduce the vulnerability) are also a great differentiator for an outstanding penetration testing service.

It is always recommended to choose a penetration testing service provider that offers a centralized dashboard where you get reports on vulnerabilities and other findings on a periodic basis to reduce the time of waiting for a full testing report. It will also help your developers in lining up and fixing up bugs that are reported parallelly.


  1. They have active customer support

When opting for a service online, it is extremely important to check their customer support system. The type of support they offer (chat, email, call), number of hours they are available, average revert time and so on. In case of panicky situations, the company’s support is all you’ve got to get a clear answer, solution or reassurance maybe. You can again utilize customers’ reviews to get a truthful picture of the service’s support.

For the sake of generality, we have not addressed more specific questions that as a business owner you might have. By all means, clear out your queries with the provider beforehand.


Why choose professionals?

When it comes to taking services from security professionals (pen-testers), make sure they follow a straight-forward process of pentesting within a few and clarified steps and use specifically designed automated and manual tests to cover all bases when it comes to the security of the website.

The security service provider should also provide an intuitive VAPT dashboard that offers real-time vulnerability reporting and direct collaboration with experts, with materials such as PDF reports, selenium scripts and video POC for the concerned developers to grasp the vulnerability details.


Therefore, conduct adequate research before finalizing your desired penetrating testing partner, as it can make a world of difference for your application in the long run.

The post 6 Things To Look For in a Penetration Testing Services Provider in India appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

DGFT: Submission for review of Global Authorisation for Intra-Company Transfer (GAICT) scheme

On 10 March 2021, NASSCOM submitted a representation to DGFT, to submit suggestions received by the industry for review of the Global Authorisation for Intra-Company Transfer (GAICT) scheme. The representation refers to Public Notice 20 which notified the GAICT scheme and Public Notice 65 for implementation of GAICT. For background of GAICT scheme, Public Notice 20 and Public Notice 65, please see here.

The representation requests DGFT for the following in relation to the GAICT scheme:

  1. Clarification that GAICT covers re-export of SCOMET items which have already been imported at the time of applying for GAICT, and SCOMET items which may be imported by the exporter within the GAICT validity period.
  2. Include items/software/technology imported under bulk authorisations under the coverage of the GAICT scheme.
  3. Exclude the need for providing ‘Product model No./part No.’, ask for only ‘Generic Description of export item/s including technical specification’, and ask for only the first 3-digit alphanumeric SCOMET product codes under Table 2A (Details of SCOMET items), ANF 2 O(b). This is to ease the burden on the industry to re-apply for a new GAICT authorisation to keep in line with updates in the SCOMET list as a response to update in the WA control list. Moreover, it is impracticable for the industry to provide the product/part/model numbers of SCOMET items as these are dynamic in nature and often run into thousands.
  4. Ask for Technical drawings (Information on Product/Technology) and Technical Specifications/Data Sheets/Brochures of the product (s) only where applicable, under Table 8 (Type of supporting documents submitted to DGFT), ANF 2 O(b).
  5. Delete the requirement that the use of an item which is re-exported under GAICT shall not be changed, nor the item modified or replicated without the prior consent of the Government of India (under Appendix 2 S (iv)), as this is in contradiction to paragraph F of Public Notice 20 which states that further re-export/re-transfer of the item/software/technology from the foreign parent company or its subsidiary to end users in other countries would be subject to the export control regulations of the country of the foreign parent company or its subsidiary.
  6. Clarify that a time period of import and export is sufficient instead of the exact date of import and export, under Table 3(i) of ANF 2O (c). This is because it is difficult for the industry to specify the exact date and instances of re-export of certain technology/software, due to its intangible nature.
  7. Clarify as to how should the value of re-exported software/technology be specified by the industry, in the case of transfer of software/technology which is not in the final executable form, under Table 3(iii) of ANF 2O (c). This is because most often the intra-company transfers are being carried out by the industry to perform research and development services on an intermediate software, in which case it is not possible to attach a value to the software/technology being worked upon.
  8. Revise the scope of GAICT scheme to include repair and return services. This will reduce the burden on the industry to obtain an additional SCOMET license for re-export of items that were originally imported for the purposes of performing repair services.
  9. Revise the scope of a GAICT authorisation to include approved third-party entities which form part of the same supply chain. This will reduce the burden on the industry to obtain an additional SCOMET license for the Indian third-party company for transfer of technology to the same foreign company. Moreover, it will enable Indian companies to perform services for the Original Equipment Manufacturer (OEM) along with the foreign subsidiary seamlessly and integrate with the global supply/value chain.


For more information, please write to


The post DGFT: Submission for review of Global Authorisation for Intra-Company Transfer (GAICT) scheme appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

DPIIT: Suggestions for creating an enabling e-commerce ecosystem

On 09 march 2021, NASSCOM submitted a set of suggestions to the Department of Promotion of Industry and Internal Trade (DPIIT), the nodal government department for the e-commerce industry, asking for government intervention in various ways in order to move forward in building an enabling ecosystem for the industry.

Our suggestions included the following:

  1. Facilitate Indian businesses to sell online

A. Create Infrastructure

  • Enabling policy environment to drive public and private investment in infrastructure development, such as, creation of warehouses, sorting centres, multimodal logistics networks (air, rail, road).
  • Creating communications infrastructure to support a strong digital backbone for the industry.
  • Creating logistics infrastructure for smooth delivery and returns, e.g., last mile connectivity.
  • Central government to facilitate discussions with state governments for creating infrastructure in a structured manner.
  • Encouraging state governments to adopt a common minimum agenda to facilitate e-commerce.

B. Support for MSMEs

  • Handholding support for digitisation and onboarding onto online platforms.
  • Incentives to offset digital marketing and branding costs to promote “Make in India”.
  • Enabling wider adoption of digital payments by MSMEs.
  • Tax incentives for setting up warehouses and data centre facilities.

C. Proactive role by state governments

  • Establish/identify manufacturing clusters; leverage One District One Product programme to promote targeted products through omnichannel retail.
  • Help in onboarding more sellers online through upskilling and training cells.
  • Adopt a common minimum agenda to facilitate e commerce.

D. Ease of Doing Business

  • Bring parity in GST thresholds for online and offline sellers.
  • Enable small businesses registered under composition scheme sellers to sell online.
  • No cancellation of PPoB registration for lack of traditional physical set up.
  • Digital invoices for transporters.
  • Effective roll out of the Code on Social Security Rules, to deliver desired benefits to gig workers in partnership with e-commerce platforms.

E. Stakeholder Involvement

  • Consult with industry stakeholders for development of e commerce ecosystem.
  • Include representation from e commerce industry on the Open Network for Digital Commerce Steering Committee set up in November 2020.


2. Facilitate e-commerce exports

  • Create delivery infrastructure, in terms of logistics solution through India Post which is low cost, fast and tracking-enabled; and designate Foreign Post Offices at all district headquarters.
  • e-Commerce Export Zones (EEZ): ‘one stop shop’ for storage, certification, testing, customs clearance, expedited processing of export incentives, GST ITC refunds etc.
  • Single Window clearance for exports: Create a single window clearance system Integrate Customs’ ICEGATE system with other systems (such as IEC by DGFT, EDPMS by RBI and GSTN).
  • Create awareness among MSMEs: Organisations entrusted to accelerate exports to create awareness on benefits of omnichannel retail e commerce exports for businesses and train on digital marketing, digitisation etc.
  • Dedicated customs clearance lanes for facilitating 100% mandatory online processing of customs clearances.


For more information, please write to


The post DPIIT: Suggestions for creating an enabling e-commerce ecosystem appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Nasscom Community

MEITY: Feedback on Draft Handbook of Intangible Technology Transfer Controls

On 11 March 2021, NASSCOM submitted its feedback to the Ministry of Electronics & Information Technology (MeitY) on the draft Handbook on Intangible Technology Transfer (ITT) Control (‘draft ITT Handbook’). This was in furtherance of MEITY’s efforts to finalise this ITT Handbook from last year, which could not be finalised due to unforeseen circumstances. NASSCOM had given feedback given last year as well (here).

Draft ITT Handbook

The objective of this ITT Handbook is to be used as a reference document for companies exporting dual-use items, software and technology which are covered under export control laws in India. It will fulfil the purpose of making companies, which engage in export of such controlled items/software/technology through intangible means, aware of their export compliance obligations. It is an important step towards India’s commitment under the Wassenaar Arrangement to promote awareness of ITT controls.

Our main recommendations on the draft ITT Handbook are the following:

1. Clarity around the audit mechanism: We suggest clarifying that an audit mechanism here would entail submission of internal audit report by companies. This is for the reason that every company that indulges in transfer of controlled goods/software/technology, maintains and adheres to a strong Internal Compliance Program (ICP) or Technology Compliance Program (TCP), with the objective of ensuring adherence to export control obligations. One of the important elements of an ICP is conducting internal audit to perform ICP related checks. Thereafter, an audit report is prepared, which may be submitted to the government, if needed. This report will provide a basis to the government to identify if a company’s control measures are sufficient. Therefore, an additional audit mechanism from the government may only result in additional compliance burdens on the industry and government, especially given the complexity of intangible technology transfer.

2. Suggestion to set-up helpdesk facility for SCOMET related queries: we suggest including a specific reference to supporting activities by the government by way of creating a helpdesk facility for all SCOMET related queries, such as, SCOMET classification, application filing etc.

3. Clarity around visa-vetting requirement: Visa-vetting should be adopted as a control mechanism only in specific scenarios defined by the government. This is for the reason that companies implement sufficient internal security access pertaining to controlled technology for employees, visitors and partners. Embedding visa vetting could potentially restrict the interaction required to support research and development activities for the industry and create additional administrative burden for both the industry and the government.

4. Use of consistent terms: There is a need to align definitions and terminology used in the draft ITT Handbook with the SCOMET List and Wassenaar Arrangement (WA), to avoid any ambiguities and maintain consistency with terminologies used at the international fora.

For more information, contact:

The post MEITY: Feedback on Draft Handbook of Intangible Technology Transfer Controls appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Page 1 of 53
1 2 3 53