Our Services

Enterprise Security and Availability Group, LLC

ESAAG provides a set of related professional services to help make businesses more secure and resources available to accomplish business objectives. These services can be used individually or in various combinations, according to the business need. ESAAG helps identify the needs, designs programs and infrastructure that address the needs, and leads or train staff resources to support the programs and infrastructure. These services will enable businesses to create controls that anticipate and prevent business impacts, monitor the effectiveness of these preventive measures, detect the inevitable impacts, and manage those impacts to conclusion.

ESAAG does not provide staffing augmentation, sell products, or perform system integration services.

ESAAG Services at a Glance (PDF: 188KB)

Business Continuity Planning  ESAAG provides analysis, strategy, development and maintenance of robust continuity plans to ensure the ability of the business to continue critical business functions and enable the survival of the business after major disruptions. ESAAG performs fast track business impact and risk analyses, creates a business case, develops and exercises the continuity plans, and provides ongoing review and maintenance of the plans.

Business Continuity Program Management  ESAAG provides management and maintenance of the enterprise business process continuity program including program check-ups, maintenance reviews, simulations and exercises, and expansions to include new business programs, services, and products.  Ultimate business continuity program success is progress over time.  ESAAG’s BCPM service supports the business success goal.

Business Continuity Exercise, Awareness, and Training  This ESAAG service includes the facilitation of scenario based exercises, design and delivery of employee awareness and training programs and interaction with management teams who own the business continuity programs.  Exercise results provide the organizational, managerial and structural foundation for the perpetual improvement of a state-of-the-art availability program and establish mechanisms for the effective maintenance of the program over time.  Personnel awareness and training programs ready the business unit teams for effective performance of tasks when duty calls.

Computer Forensics  ESAAG assists clients in the collection of cyber evidence to determine the cause, extent of break-in or loss, and who was involved in a security incident.  The ESAAG team members are professionally trained investigative professionals utilizing specialized forensic software and techniques. ESAAG’s Certified Incident Response Team service can provide timely assistance to minimize impact of an incident to the company assets.

Complete Security and Availability Strategy (CSAS) ESAAG’s CSAS solution is designed to provide clients who have unsatisfactory or non-existent information security programs with a coherent and comprehensive strategy. Utilization of the CSAS solution provides a means for seamless identification and documentation of security requirements, policy and procedure, development of critical security operating and managing capabilities, assessment of risks and vulnerabilities, and elevation of the security staff to professional status.  This solution is an integrated combination of most of the basic security services that ESAAG offers.  The CSAS Solution provides assurance that both proactive and reactive responses are not only cohesive but address the specific culture, business requirements and risks unique to the organization.

More Information on Business Continuity Management (PDF: 112KB)

Continuous and High Availability Planning  ESAAG assists clients with very high availability requirements and resilient business environments by building data redundancy and fail-over into daily operations; designing and deploying robust hardware, software, network, data management; and emphasizing the necessity for change control, systems management mechanisms and disciplines. When the business processes demand continuous availability of operations, human and technical resources must work in concert.  ESAAG evaluates all aspects of the business process with the goal of maximum resilience.

Crisis Management Programs  ESAAG assists clients in the formation of management teams to respond to potential crises, formation of crisis command centers, development of crisis communications protocols, and documentation of guidelines for interacting with public authorities and officials.

Facilitated Discovery Process (FDP)  ESAAG leads clients through a formal process to identify and prioritize risks and threats to client assets and allows cost-effective development of safeguards to mitigate those risks. This process determines the relationship between the value of information assets and the cost of measures to protect them.  This process is accomplished in days versus months required for a formal risk analysis.

Incident Response Planning  ESAAG facilitates the development of a comprehensive road map for clients to use when responding to a variety of physical and cyber events, ranging from minor to major.  Major life or property threatening events are managed by implementing a formalized plan using tools and procedures that addresses the welfare of employees, the protection of property, and the management of the client's public image.  ESSAG can assist in the establishment of client CIRT teams and participate as support team members, as required.

SCADA VASS ESAAG’s SCADA (Supervisory Control and Data Acquisition) VASS (Vulnerability Analysis and Security Strategy) solution provides the organizational, managerial and structural foundation for the implementation of a state-of-the-art SCADA security program and establishes mechanisms for the effective maintenance of the program over time. The SCADA Solution provides cohesive proactive and reactive responses that address the specific culture, business requirements and risks unique to the organization.

Security Architecture  ESAAG assists clients in a needs assessment and architecture design to secure the infrastructure utilizing industry standards and guidelines.   The results are systems with controlled and monitored access, that are continuously available, that have confidential but monitored communications, that have non-reputable transactions, are resistant to attacks, and recoverable.

Security Awareness and Training  ESAAG assists client with the identification of current security training needs, and the prioritization and development of presentations.  ESAAG’s awareness and training service enables clients to communicate and implement information protection policies and procedures, customize security awareness and education programs, maximize reach to all members of the organization and encourage proactive protection of information assets.   In order for organizational personnel to support the security and availability policies, they must be aware of, understand, embrace, and adapt behavior in support of them.

Security Management  ESAAG helps an organization develop and manage information security and availability programs.  This includes managing the development and maintenance of preventive, availability and control measures, assuring the measures stay in place and are effective, monitoring for potential or actual failures and incidents, managing the events to conclusion, and learning from failures to prevent re-occurrence.

Security Policies and Procedures  ESAAG facilitates the creation of Security Policies that communicate management expectations to protect business from interruptive event impacts.  ESAAG creates policies using methods based on ISO 17799 that assure an appropriate level of security that fits the business needs.   The security and availability procedures that accompany the security policies detail the technical methods used to accomplish the policy.  These policies and procedures orchestrate and perpetuate the efforts throughout the organization to accomplish the desired level of security and availability.

Vulnerability Analysis Process (VAP) ESAAG identifies and analyses vulnerabilities in the internal network, hosts and servers, perimeter network (including firewalls, web servers, etc.), and dial-in or remote-access servers. The results provide a roadmap for eliminating or mitigating identified vulnerabilities.

Copyright © 2006 ESAAG, LLC. All Rights Reserved | Privacy Policy