IT Infrastructure Assessment and Roadmap for a Diversified Auto Major
The client is in a diversified business ranging from automotive dealership, rent-a-vehicle, leasing & financing. The client business has both retail and wholesale components, and is expanding rapidly across the region. The client has IT as a shared service and is on the verge of a major transformation. During this transformation, the client wanted to get their core infrastructure in the right alignment to be able to do the leap in the right size.
Kanooelite worked with the client to create an IT Plan for 3 – 5 years. Kanooelite studied the various facets of the client business and came up with the requirements that needed to be met. These requirements were further aligned to expansion plans, state of the art technology, training and skill requirements.
The client now got a structured plan for their IT which encompassed people skill upgrades, technology, and a roadmap for process improvement – thereby resulting in an all round scenario. The client now has an accepted plan with management for setting up a defined capex budget with the required return on investments scoped out and mapped with the business requirements.
Governance (ISO 27001 and Cobit 5) Advisory for a large airline company
The client is a leading airline company based in the region. The airline is one of the oldest, and has been around the region. In the quest for corporate governance, the airline has embarked on alignment to leading standards of the IT governance quest. This required specialist skills and people needed to be mature while consulting the client on their requirements.
Kanooelite has high-end skills related to ISO 27001, Cobit, ITIL, ISO 20000. The client needed someone able to marry these skills and aid the airline in their quest for ISO 27001 as well as the Cobit 5 Governance. Kanooelite worked with the client to help them attain the ISO 27001 certification. Kanooelite also worked with the client to give them insights to achieving the Cobit 5 compliance and also reach towards their goal of Governance.
The client got the necessary expertise from Kanooelite in a cost-effective manner. Client also got a subject matter expert for each of the area along with integration capabilities, so client was able to appreciate the skills and benefited from the overlapping skills, which meant the client did not need to carry out multiple repeated tasks and instead leveraged on the know-how to achieve a rapid transformation.
Technology Risk Assessment
The client is a medium sized bank and required to get a technical risk assessment done from a CBB compliance perspective.
Kanooelite worked with the client and conducted the technical risk assessment. The assessment was conducted for all technology components. Along with this assessment, Kanooelite also conducted a network review and mapped the client concerns to a heat map. The heat map aids the clients into looking at various issues and mapping them to high-risk and low-risk categories so as to assign priority for fixing. The Technical Risk Assessment comprised of Penetration Testing (Black Box/ White Box/ Grey Box), Vulnerability Assessment, Configuration Review of servers, applications, databases, routers, switches, firewall, anti-virus etc.
The client has got a view of vulnerabilities in the IT setup. The client also gets steps for closing the issues as well as priority requirements for mitigation. The client now knows for sure what they need to fix and this is the biggest benefit in the deluge of information security that comes across.
Technology Risk Assessment
The client is a leading hospital in Saudi Arabia.
Kanooelite worked with the client and conducted the technical risk assessment. The assessment was conducted for all technology components. Along with this assessment, Kanooelite mapped the client concerns to a heat map. The heat map aids the clients into looking at various issues and mapping them to high-risk and low-risk categories so as to assign priority for fixing. The Technical Risk Assessment comprised of Penetration Testing (Black Box), External Vulnerability Assessment, firewalking, checks for brute force attacks & denial of service etc.
The client has got a view of vulnerabilities in the IT setup. The client also gets steps for closing the issues as well as priority requirements for mitigation. The client now knows for sure what they need to fix and this is the biggest benefit in the deluge of information security that comes across.
Technology Risk Assessment
The client is an auto major.
Kanooelite worked with the client and conducted the technical risk assessment. The assessment was conducted for all technology components. Along with this assessment, Kanooelite also conducted a network review and mapped the client concerns to a heat map. The heat map aids the clients into looking at various issues and mapping them to high-risk and low-risk categories so as to assign priority for fixing. The Technical Risk Assessment comprised of Penetration Testing (Black Box/ White Box/ Grey Box), Vulnerability Assessment, Configuration Review of servers, applications, databases, routers, switches, firewall, anti-virus etc.
The client has got a view of vulnerabilities in the IT setup. The client also gets steps for closing the issues as well as priority requirements for mitigation. The client now knows for sure what they need to fix and this is the biggest benefit in the deluge of information security that comes across.
Technology Risk Assessment
The client is a medium sized bank and required to get a technical risk assessment done from a CBB compliance perspective.
Kanooelite worked with the client and conducted the technical risk assessment. The assessment was conducted for all technology components. Along with this assessment, Kanooelite mapped the client concerns to a heat map. The heat map aids the clients into looking at various issues and mapping them to high-risk and low-risk categories so as to assign priority for fixing. The Technical Risk Assessment comprised of Penetration Testing (Black Box)
The client has got a view of vulnerabilities in the IT setup. The client also gets steps for closing the issues as well as priority requirements for mitigation. The client now knows for sure what they need to fix and this is the biggest benefit in the deluge of information security that comes across.
SIEM/ SOC/ Log Management Tool Review
The client is in a diversified financial services company. As per CBB requirements, they needed to do a log management and analysis and procured a tool. The client was unable to use the tool efficiently and hence engaged our consultants for identifying the areas of improvement.
Our consultants worked with the client using our standard SIEM risks assessment toolkit. The toolkit allows us to check for events required to be monitored and accordingly is able to identify the log sources, log events, co-relation rules that are required to be enabled on the tool.
The client has a clear roadmap for implementation along with the necessary steps and events required to be enabled. The operational impact analysis performed also provides them with the upgrade requirements for enabling additional events at the log sources.
Technology Risk Assessment
The client is a government ministry.
Kanooelite worked with the client and conducted the technical risk assessment. The assessment was conducted for all technology components. Along with this assessment, Kanooelite also conducted a network review and mapped the client concerns to a heat map. The heat map aids the clients into looking at various issues and mapping them to high-risk and low-risk categories so as to assign priority for fixing. The Technical Risk Assessment comprised of Penetration Testing (Black Box/ White Box/ Grey Box), Vulnerability Assessment, Configuration Review of servers, infrastructure applications, databases, routers, switches, firewall, anti-virus etc. The assessment was also done for performance in the infrastructure side.
The client has got a view of vulnerabilities in the IT setup. The client also gets steps for closing the issues as well as priority requirements for mitigation. The client now knows for sure what they need to fix and this is the biggest benefit in the deluge of information security that comes across.
Security Awareness
The client wanted to get an awareness session conducted for its employees to sensitize them regarding the information security requirements.
Kanooelite worked with the client and identified specific messages which needed to be communicated to the employees. Kanooelite then customized the session accordingly and conducted for the client.
The information security team now has a more responsive employee set. The employees now have a clear view on why they should not be doing certain things which undermine the security of the company.
Continuous Data Protection with disaster Recovery for a financial organization in Bahrain
The client is in a diversified financial services firm in Bahrain. As a part of the backup and disaster recovery requirements, the data on the user’s needs to be backed up in real time with multiple version support. The recovery time for these data needs to be immediate. The client also needs to take images of the critical machines which can be restored to any platform in case of system failure.
The requirement is achieved by introducing Dell SonicWALL CDP based solution. Kanooelite have proposed CDP and implemented with real time backup features on the client machines. The Bare Metal Recovery with universal restore option allowed them to keep images and with faster restoration options.
The files and folders of client machines are backed up in real time as soon as a change is occurred on the system. Multiple version configuration allowed them to restore the files based on time stamp. Critical machines are configured with bare metal recovery option to keep images of the systems. The universal restore option provides restoration of these images to any hardware platform in very less time.