“Depending on the type of agreement with the client, we keep testing their security walls, trying to penetrate into their systems from time to time. Banks would require testing every week while for some companies we do it once a month. If we find loopholes we alert them,” he says.

“These software companies have software programmes, database like lakhs of names and details of credit card holders, codes of new software products being developed etc, in their systems. If there are loopholes in the system, a hacker can steal this data online and cause immense losses. Mischief mongers not only steal data but also destroy systems by releasing viruses. Our job is to guard against this,” says Ashish Pathak, an ethical hacker.

With instances of cyber geeks and hackers penetrating the best protected systems and websites, companies are not only guarding against database painstakingly accumulated over several years or new programmes and codes being stolen, they are also wary of anyone using their networks for terror purposes like sending emails. “It is bad for the company’s reputation if data is stolen,” says Alfred David, a consultant ethical hacker.

“It is a race to stay one step ahead of the hackers. You create one foolproof firewall today and they will come with something to break it within a week,” says another hacker. Some companies are also engaging ethical hackers to keep track of emails being sent or received by their employees. “This is mostly used in a positive way — trying to find out if a useful employee is unhappy or is looking for a job in a rival company,” says a company’s executive.

... contd.