Skip to main content

Home  About Us  Services  Contact Us  Site Map  Member Login   
Bussiness Systems > Information Security > Project Management > Infrastructure > Collaboration Platforms  >  

Identity and Access Management ESL's cross domain expertise combined with our experience in high-availability, policy based secure multi-service networks offers our clients a formidable edge. Our participation at professional and industrial associations and strong support for standards help in providing quality solutions.

In 2001 ESL provided consultancy for the first ISO-17799 compliant public network in Pakistan. We continue to build on our strengths and are today helping clients implement a comprehensive layered network security infrastructure.

ESL’s cross domain expertise combined with our experience in high-availability, policy based secure multi-service networks offers our clients a formidable edge. Our participation at professional and industrial associations and strong support for standards help in providing quality solutions.

Identity and Access Management

ESL offers expertise in the development and implementation of enterprise-wide security architecture for the protection of critical corporate information. Our Security Design, Configuration and Implementation program includes the design and development of a comprehensive, yet flexible, IT architecture that defines overall operating objectives for security, continuity and control of information resources.

Microsoft Windows and LINUX hosts are typically insecure in default configurations. ESL leverages its expertise in these operating systems as well as industries best practices and standards to harden these hosts against attacks and vulnerabilities.

 

Audit & Standards Compliance

ESL is keeps a close watch on existing and emerging industry standards as well as regulatory and legal requirements. This helps in preserving investment in technology and also limiting any legal or technical risk exposure. ESL is actively involved in review and advice on security related legislation and standards through ISSA. This helps us guide our clients plan future requirements through a multi-stage improvement program.

Information security risk assessment services are at the forefront of the discipline. We use cutting edge methodologies developed by the top experts in the field of information security risk management; this includes the use of OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) Methodology for assessing information security risks.  ESL sorts through the complex web of organizational and technological issues to map and address information security risks of your organization.

ESL experience combined with its understanding of national and international security standards offers its client’s unmatched assistance in developing security policies and procedures for organizations. In fact ESL has provided consultancy for developing the first ISO-17799 compliant network policy document in Pakistan.  Currently ESL’s staff is actively participating in development of GAISP (Generally Accepted Information Security Principles) which is an effort to develop a superset of current global security policy frameworks in order to address their individual shortcomings and unify the focus.


Business Continuity Management

The adage “if you fail to plan, you plan to fail” is the essence of DRP/BCP. ESL facilitates in developing/validating disaster recovery planning for systems in case of a catastrophic failure. The focus is to be able to recover to normal operations with the least disruption in service. Business continuity planning requires a more detailed study of business critical processes and developing a strategy to reduce the impact of catastrophic events on them. ESL’s alliance with Strohl Systems brings on board over 25 years experience of the industry leader in BCP for organizations that include Government, Defense, Telecommunications, Manufacturers, Service providers, etc.

Incident response protocol is invoked in a special condition which is outside the normal operating parameters and not covered in SOP’s. This special condition requires proper planning and response in order to effectively manage security incidents. These incidents may involve external agencies, forensics and legal obligations which are identified and addressed under this protocol.