IT Infrastructure and Security
IT Infrastructure Consulting
A. Data Center Design Consulting
B. Enterprise Backup Consulting
C. IT Operational Policies &Procedures Development and Implementation
D. Disaster Recovery Planning consulting

Information Security Consulting Services:
Information is an important asset of every organization. In digital age all information, either business or personnel remains on the computer systems accessible by authorized or unauthorized personnel. Security of information asset is very critical for running the business and complying with required regulatory requirements. We offer a range of services to assist in securing the systems and information that lies in those systems, complying with required regulatory requirements, and to continue business in case of disaster and many more. The services in this discipline are as below:

A. Information Security Management Program Development and Implementation
B. Information Security Policy and Procedure development
C. Information Security Risk Management
D. Information Security Assessment
E. International Standards Compliance Program
F. Secure Architecture Design
G. IT Systems Audit
H. Business Continuity Planning Service

Information Security Management Program Development and Implementation:
We offer world class consulting service in developing ISMS program based on International standards, business activities and requirements, understanding the current IT Setup and Practices followed. Our ISMS program is based on PDCA (Plan-Do-Check-Act) cycle. Our skilled and experienced consultants are always prepared to help in successful implementation of developed ISMS program and train the personnel in carrying out further successful operations.

Information Security Policy and Procedure Development:
Policies are the building block for the Information Security Program. According to International standards like ISO 27001, PCI-DSS, and COBIT, every company must have an information security policy and required procedure to implement defined policies. We offer services in successful development of IS policy and Procedures according to your IT setup, followed IT practices, based on the industry best security practices and the business requirements. We are ready to assist you in the successful implementation of the developed security policies procedures.

Information Security Risk Management:
Our economy is increasingly dependent on the Internet and Computer Systems. It makes risk in these systems more visible and significant than ever. IT Risk Management is an executive attention topic. IT risk has to be managed by taking required effective steps, implementing required security control measures in a cost effective way. We offer IT risk management service to assist organizations in taking right decision on right time before the identified vulnerability can be exploited. Our risk management program is based on industry best standards like Octave, NIST, IRM, ISO 27005 etc. Risk Management program covers People, Process and Technology factors. Our qualified consultants are always prepared to assist in developing and implementing a successful risk management program for every type of organization according to business requirements, activities, and applicable regulatory.

Information Security Assessment:
Security assessment comes under CHECK part of PDCA cycle. It is very important to assess that implemented security controls are working fine as per the expectations. We offer Information security assessment service in two approaches.

Compliance Assessment: compliance to security policies and best practices like ISO 27001 (ISMS), ISO 20000 (ITSM).

Technical Assessment: Under technical assessment we offer services like Vulnerability Assessment, Penetration Testing, and Physical Security assessment, Configuration review of systems like Windows, UNIX, and Network Devices like Firewall, IDS/IPS, and Routers against the recommended security configuration. Our Technical assessment methodology is based on industry best known standards like OSTMM, OWASP, and NIST etc.

International Security Standards Compliance Program:
We offer services to assist in successful implementation of Industry best known standards like ISO 27001 Compliance, ISO 20000 (ITSM), COBIT Compliance and HIPAA. Our skilled and experienced consultants are always ready to assist in developing the frame work according to the defined standards, successful implementation and training the personnel for successful further operations.

Secure Architecture Design:
IT architecture designing is very important from security point of view. It is very difficult to decide where to put Web Server, Email server, Core Application servers, Firewall, IDS/IPS; and what policies are to be defined on perimeter devices. We offer secure architecture design service to assist in deciding where to put what system and what policies to be defined on those systems according to the business requirements and as per Industry best known standards. Our services range from System, Network and applications architecture designing.

IT Systems Audit:
We offer IT auditing service to assist you in finding whether defined policies are implemented and procedures are followed, what gaps are there and how to fill those gaps. We focus on various audits like Email servers, ERP system, Database system, AS400 System and many more.

Business Continuity Planning:
Continuity of critical business activities in any disaster is required. We offer services to assist you in developing the business continuity plan, Implement and test the plan. We have a team of skilled consultants who are specialized in BCP services. We have experience in developing BCP for Banking & Finance Organizations, IT Services Organization, and Insurance Sector etc.

SPECIALIZED TRAINING
Our motive here is to develop the local skills in the field of Computer Security, Audit and IT Management. Keeping this goal in mind we are offering various training programs specialized into IT Systems Audit, IT Risk Management, ISO 27001 Compliance implementation, Network and OS security etc. We have various crash courses to successfully compete for industry best known professional certifications like CISA, CISM, and CISSP etc. We also offer trainings for corporate employees ranging from information security awareness, training for management and for technical staff with specially designed short courses which can meet specific requirements. Following are our training programs:

1. IT Security Training: We have developed security training courses that empower your staff. Our lectures are intensive, interactive, and each covers a topic that is critical to run a small, medium or enterprise level IT network and systems. Currently we offer following courses in-depth:

a. Network Security Training
b. Windows & UNIX Security introduction
c. Web Server Security Training (ISS 6.0, Apache)
d. Wireless Network Security Training
e. Database Security Best practice training (MS-SQL, Oracle, Sybase, MySql)
f. How to perform Internal Vulnerability Assessment (A crash Course for security professionals and System admin)

2. ISO 27001 LI & LA Course: We offer training program for information security officers and managers who want to implement ISO 27001 frame work in their organization or want to audit their IT setup against ISO 27001 frame work. Lead Implementer (LI) Course is for 3 full day and Lead Auditor course is for 5 full days and by the end of fifth day there will be an exam to assess the understanding of candidates of the ISO 27001 frame work and how that can be used in their environments.

3. Corporate Information Security Training Program: We have specially designed Information Security programs for corporate professionals. This course range from information security awareness, Management trainings for information security, IT Governance training and special short technical course for the IT staff of the organization to understand IT security in better way and to make it safer.