FELLOWS


SERVICES

Information Security Management

  • Information Security Policy Design and Deployment
  • Vulnerability Assessment and Management
  • Penetration Testing
  • Threat and Risk Assessments
  • Information Security Architecture Design and Deployment
  • Information Security Audits
  • Information Security services that include Firewalls, IDS, IPS,  Network Security  , Operating Systems and Database  Audits  and Hardening of them.
  • Compliance Checks : As per ISO / IEC  2700:27005, Sarbans Oxley (SOX) , (PCI –DSS) Payment Card Industry Data surety System , Gram –Leach-Bliley (GLBA) act   and Health , Insurance, Portability and Accountability acts(HIPAA).

Application Development

This includes Turnkey Software Development projects as well as development on time and material basis, customization of application and consultancy services whereby among the set of activities undertaken in providing system integration job are:

• Identifying user’s requirements
• Designing and developing application systems
• Project management
• Data Collection
• Testing and acceptance of the application systems
• Implementation of the systems Application
• Support and maintenance services
• Training

Database Management

• Establish a “single-point-of-contact”
• Develop standards, policies, and procedures supporting DBMS technical platforms and the
  applications development lifecycle
• Design the database environments and physical database structures based on the physical
  data models and transaction analysis.
• Provide technical expertise in the design, implementation, and support of an integrated data
  warehouse, reference database, and repository environment.
• Conduct database design, code and configuration reviews.
• Provide database system administration and server management support in all database
  environments.
• Provide Performance monitoring, tuning, backup, and recovery in all database environments.
• Perform migration of database structures from one database environment to another.
• Evaluate, recommend, and support DBA tools related to performing database creation,
  maintenance, and database monitoring task.

Infrastructure Development

We have extensive experience in building infrastructure that enables business partners and mobile employees to securely access enterprise applications from the Internet. FELLOWS Solutions offers a range of IT infrastructure service that includes:

• Hardware and software maintenance services.
• Office automation services, where the scope of service involves the supply, installation, and
  maintenance of hardware and software items
• Security services that include firewalls and network security audit

Disaster  Recovery Planning

The straight definition is how an Organization is prepared to recover the critical business applications in case a disaster happens. A disaster recovery plan (DRP) - sometimes referred to as a business continuity plan (BCP) or business process contingency plan (BPCP) - describes how an organization is to deal with potential disasters. Just as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention.

Disaster recovery is becoming an increasingly important aspect of enterprise computing. As devices, systems, and networks become ever more complex, there are simply more things that can go wrong. As a consequence, recovery plans have also become more complex.

Appropriate plans vary from one enterprise to another, depending on variables such as the type of business, the processes involved, and the level of information security needed. Disaster recovery planning may be developed within an organization or purchased as a software application or a service. It is not unusual for an enterprise to             spend 25% of its information technology budget on disaster recovery.

Nevertheless, the consensus within the DR industry is that most enterprises are still ill-prepared for a disaster. According to the Disaster Recovery site, "Despite the number of very public disasters since 9/11, still only about 50 percent of companies report having a disaster recovery plan. Of those that do, nearly half have never tested their plan, which is as good as not having the plan.

Disaster recovery planning is not a two-month project, neither is it a project that once completed, you can forget about. An effective recovery plan is a live recovery plan. The plan must be maintained current and tested/exercised regularly. What VCC-GCC  does is as under.

  • Planning scope and plan objectives
  • Project organization and staffing
  • Backup & Backup Retention Policy
  • Disaster Recovery Audit Program
  • Compliance with the ISO 27000 Series Standards (formerly ISO 17799 now ISO 27001 & ISO 27002), Sarbanes-Oxley, PCI-DSS, and HIPAA
  • Web Site Disaster Recovery Planning Form
  • Project Status Report Form
  • Department Disaster Recovery Activation Workbook
    • Quick Reference Guide
    • Team Alert List
    • DRP Team Responsibilities
    • DRP Team Checklist
    • Critical Function(s) Definition
    • Normal Business Hour Response Procedures
    • After Hours Response Procedures
    • DRP Location(s) Definition
    • DRP Recovery Procedures
    • Notification Procedures
  • Updated Business and IT Impact Analysis
  • Business Continuity Off-Site Materials
  • Business Continuity Audit Program
  • Test run in off peak business hour.
  • Documentation and Completion of the project report to Management.
  •  

INFORMATION SECURITY OPERATION CENTER

 Portfolio of SOC services

·       Firewall Management

·       Intrusion Detection System (IDS) Management

·       Intrusion Prevention System (IPS) Management

·       Vulnerability Management

·       Messaging Protection

·       Incident Management

·       Log Management & Event Correlation

·       Proto type / Remote SOC Services.

·       Management Security Dashboard

·       Customized reports

·       Information Security Help Desk & Field Support Services

·       Encryption / Key Management

·       Identity Management (Biometrics / SSO)

·       Antivirus and Patch Management

·       On site / Remote site Management.

·       Compliance management ITIL, ISO, PCI, GLBA, HIPPA

·       BCP – Business Continuity Planning .

·       End Point Security : Lap Tops , Mobiles BB , System end users

·       OS  hardening ,  DB / Network Information and Security Management

These constitute ~95% of the Outsourced MSS portfolio

Project proposed

·       Information Security Operation Center (SOC) is an enterprise level information security management tool for collection of security related information, analysis, correlation, reporting and remediation of such threats to the information assets

·       Real time security risk mitigation

·       24x7 Operation

·       Integration with IT/Telecom Operations

·       Management Dashboard & Customized reports