Continuous and High Availability Planning ESAAG assists clients with very high availability requirements and resilient business environments by building data redundancy and fail-over into daily operations; designing and deploying robust hardware, software, network, data management; and emphasizing the necessity for change control, systems management mechanisms and disciplines. When the business processes demand continuous availability of operations, human and technical resources must work in concert. ESAAG evaluates all aspects of the business process with the goal of maximum resilience.
Crisis Management Programs ESAAG assists clients in the formation of management teams to respond to potential crises, formation of crisis command centers, development of crisis communications protocols, and documentation of guidelines for interacting with public authorities and officials.
Facilitated Discovery Process (FDP) ESAAG leads clients through a formal process to identify and prioritize risks and threats to client assets and allows cost-effective development of safeguards to mitigate those risks. This process determines the relationship between the value of information assets and the cost of measures to protect them. This process is accomplished in days versus months required for a formal risk analysis.
Incident Response Planning ESAAG facilitates the development of a comprehensive road map for clients to use when responding to a variety of physical and cyber events, ranging from minor to major. Major life or property threatening events are managed by implementing a formalized plan using tools and procedures that addresses the welfare of employees, the protection of property, and the management of the client's public image. ESSAG can assist in the establishment of client CIRT teams and participate as support team members, as required.
SCADA VASS ESAAG’s SCADA (Supervisory Control and Data Acquisition) VASS (Vulnerability Analysis and Security Strategy) solution provides the organizational, managerial and structural foundation for the implementation of a state-of-the-art SCADA security program and establishes mechanisms for the effective maintenance of the program over time. The SCADA Solution provides cohesive proactive and reactive responses that address the specific culture, business requirements and risks unique to the organization.
Security Architecture ESAAG assists clients in a needs assessment and architecture design to secure the infrastructure utilizing industry standards and guidelines. The results are systems with controlled and monitored access, that are continuously available, that have confidential but monitored communications, that have non-reputable transactions, are resistant to attacks, and recoverable.
Security Awareness and Training ESAAG assists client with the identification of current security training needs, and the prioritization and development of presentations. ESAAG’s awareness and training service enables clients to communicate and implement information protection policies and procedures, customize security awareness and education programs, maximize reach to all members of the organization and encourage proactive protection of information assets. In order for organizational personnel to support the security and availability policies, they must be aware of, understand, embrace, and adapt behavior in support of them.
Security Management ESAAG helps an organization develop and manage information security and availability programs. This includes managing the development and maintenance of preventive, availability and control measures, assuring the measures stay in place and are effective, monitoring for potential or actual failures and incidents, managing the events to conclusion, and learning from failures to prevent re-occurrence.
Security Policies and Procedures ESAAG facilitates the creation of Security Policies that communicate management expectations to protect business from interruptive event impacts. ESAAG creates policies using methods based on ISO 17799 that assure an appropriate level of security that fits the business needs. The security and availability procedures that accompany the security policies detail the technical methods used to accomplish the policy. These policies and procedures orchestrate and perpetuate the efforts throughout the organization to accomplish the desired level of security and availability.
Vulnerability Analysis Process (VAP) ESAAG identifies and analyses vulnerabilities in the internal network, hosts and servers, perimeter network (including firewalls, web servers, etc.), and dial-in or remote-access servers. The results provide a roadmap for eliminating or mitigating identified vulnerabilities.