CORPORATE

FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY
If we want to share an important document with a colleague on
the other side of the world, we can do so in an instant, at the
simple press of a button, and for free. Technology has made
business truly global.
However, this also means that the business world has become
dependent on computer systems. For example, entire supply
chains are run by computer systems which track and trace
goods as they travel around the world.
Wars Fought on So whilst the benefits of the cyber revolution are undisputable,
we need to look at the implications of our dependency on IT.
New Battlefields. Namely, we need to carry out proper assessments of the risks
we face and put in place mechanisms to protect our digital data
From the mobiles
and processes.
to the cloud, it’s
All business has become global. Companies of any size can now
all about knowing market products and services worldwide over the Internet. At
your enemy… the same time, competition has intensified because customers
can investigate global competitors with a few clicks of a mouse.
How prepared are
To compete effectively in a global market, companies need new
we? capabilities:

Global procurement and sales 24 hours a day

Integrated internal and external business processes

Up-to-the-minute access to sales, order processing,
production, and other business critical information
required for informed decision making flexible processes
that can adapt dynamically to changes in the business
climate

Meeting these challenges requires a fast, reliable, and
secure IP network.
SERVICES OUR TEAM CONTACT US
1
The extended enterprise requires that IT professionals perform
a complex balancing act. On one hand, you need to give people
the freedom to access information when and where they need
it. On the other, you have to make sure your business
information stays your business.
However, maintaining the IP network requires regular, ongoing
investments in networking infrastructure and IT staff training.
Many companies find it expensive to keep up with new
technologies—or simply prefer to devote IT resources to the
core business rather than ongoing network management.
Managed services bridge the gap by giving companies access to
leading network technologies and management expertise
without requiring high initial capital expenditures or ongoing
investments in technology upgrades.
Managed security services (MSS) is a systematic approach to
managing an organization's security needs. The services may be
conducted in house or outsourced to a service provider that
oversees other companies' network and information system
security.
Functions of a managed security service include round-the-clock
monitoring and management of intrusion detection systems
and firewalls, overseeing patch management and upgrades,
performing security assessments and security audits, and
responding to emergencies.
Managed security solutions from ERAD help you align policies,
processes, and procedures to secure your infrastructure
without disrupting the flow of information that’s the lifeblood
of your organization.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

ERAD was founded by industry professionals with a vision of delivering effective managed security services and solutions to
organizations of all sizes. ERAD has since gone on to provide its business oriented security offerings to a list of steady growing
clientele. ERAD provides professional security services using established information security standards to both private and public
sectors.

We are an Information security solutions partner to business and government. Our broad range of strategic solutions, services, and
expertise can help you improve infrastructure and application performance; secure your data wherever it is, create a collaborative
environment, and connect with your customers, partners, suppliers, and employees when and where you need to.

ERAD provides information security solutions to customers in a wide variety of industries including manufacturing, healthcare,
banking, environmental response, consumer products and technology offering a three-tiered solution that combines managing,
monitoring and maintaining network security.

ERAD has been providing services and solutions to Data Centers, Telecommunication sectors and Internet Service Provider markets.
ERAD provides turnkey independent and managed solutions, focusing on information technology and security, including compliance
with ISO 27001, HIPAA, BS7799, COBIT and PCI DSS. ERAD has partnered with various companies across the world to enable
complete 24/7 monitoring of systems such as firewalls, intrusion detection/prevention, and VPN solutions, as well as staffing
knowledgeable people.

ERAD provides security solutions to customers in a wide variety of industries including manufacturing, healthcare, banking,
environmental response, consumer products and technology offering a three-tiered solution that combines managing, monitoring
and maintaining network security. With a serious commitment to the individual customer relationship, we specialize in configuring
and monitoring each system to meet the specific security needs of each customer.

ERAD strives to foster long-term relationships in partnership with client organizations in order to effectively develop unique security
solutions based on specific business and operational requirements. We assist or advise our clients on continuous identification,
correction, maintenance and management of mission-critical security systems and data protection. Through this process our clients
consistently benefit from our expert knowledge and skills.

We continuously remain abreast of developments in the IT industry evaluating new products for suitability in our clients businesses
and recommending upgrades to our software suppliers. We also focus on improving our value-added services to clients either by
expanding existing services or introducing new ones, in response to market needs and client requirements. Our staff skills range from
programming to in-depth knowledge of large corporate networks, fire-walling and security on all operating system platforms. A pro-
active skills-development program ensures that staff receives extensive training so that their knowledge and technical expertise
remains current.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

ERAD is guided by an executive information security committee consisting Law enforcement personnel and a team of certified
information security professionals in scheming a viable information security framework for corporate, SOHO, SMB’s and for the End
users.

ERAD is guided by a deep commitment to genuine customer satisfaction and good corporate citizenship. Our responsibility to our
customers and the communities we serve is based on clear alignment between glimpse our business and corporate responsibility
strategies. Whether through the delivery of security awareness campaigns to the netizans or our employees’ donation of time and
…the entire procedure
skills to local communities, ERAD is known for responsible business conduct and corporate citizenship.
of the migrations ran
At a glance
smoothly from the
auditing stage through • Wide-ranging information security and data privacy policies with third party compliance requirements and built-in
to the implementation. integration with ERAD business process
• An intense Information Security infrastructure, with standards-based Information Security Management System and controls
The time-lines given
for efficiently managing hazards
were closely adhered to • Steadfast in shielding business information from intentional or unintentional exploitation
and there was minimal • A comprehensive information security framework under the guidance of an executive information security committee
downtime for all of our consisting Law enforcement personnel and a team of certified information security professionals.

systems ensuring that Creating Value for Our clients

our users were not
At ERAD, we are dedicated to delivering Information security solutions and services that help our customers improve management
inconvenienced during systems, enterprise performance and make the world safer. Emphasizing this dedication is our commitment to conduct our business
any part of the process. in an ethical manner and to create value for our customers, employees, partners and the communities in which we work at large.

This commitment and ERAD’s core values — Confidentiality, integrity, transparency, innovation, modesty, and passion — provide the
– MIDWEST GRANITES
foundation on which our corporate responsibility program is built.

We are committed to ethical conduct and good corporate citizenship.

ERAD believes that enduring business success is inextricably linked to ethical business conduct and good corporate citizenship. We
have established a corporate control infrastructure to promote ethical business practices and to communicate our expectations to
our employees.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

ERAD provides host of Information Security services offerings which is truly focused at delivering the best Return on security
investment to enterprises.

Whether the client scuffle with an existing implementation or aim to define a new strategy from zero, ERAD’s Professional Services
Consultants specialize in transforming the client’s vision into clear business objectives, assessing the client’s state of current
processes, and defining a clear list of requirements for achieving new or evolved vision. ERAD Consultants will work with you to
create the blueprints for your vision.

Once the business objectives of client project are agreed upon and the solution architecture is established, it is time to execute! With
the insight gained from many years of successful implementations, our team is dedicated to helping you fine-tune the requirements
and create an implementation tailored to client’s organizations needs—end-to-end.

Services we offer:

Information security management

system (ISMS)

Managed
Risk Consulting Incidence Application
Security
Management Service Response Security
Service
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

Managed Security Service:

ERAD allows businesses to focus on their primary goals while enjoying the benefits of world-class
security expertise.

ERAD’s managed services solutions is an easy way for clients to upgrade their internal security services to best-of-breed solutions and
Managed Security Service experienced professional services without having to maintain or acquire the talent in-house.
Risk Management
Why Managed Services?
Consulting Service
With IT managers and administrators working harder than ever to accomplish more with fewer resources, no one has the time to
Incidence Response comb through gigs and gigs of daily log file data looking for possible security vulnerabilities… until it’s too late.

Application Security With limited resources, your company still needs to keep focused on the information regarding security updates, notifications,
information on patches and white papers to keep your systems updated and secure. Picture having important information about
your security and operational systems provided to you in a clear and concise format.

ERAD’s managed services solutions is an easy way for clients to upgrade their internal security services to best-of-breed solutions and
experienced professional services without having to maintain or acquire the talent in-house.

ERAD allows businesses to focus on their primary goals while enjoying the benefits of world-class security expertise.

ERAD provides a secure web portal which allows clients to view their system status and configuration submit and track change
requests and trouble tickets, generate ad-hoc reports, view archived reports. All ERAD clients have access to their private portal,
regardless of service level or the specific service components chosen.

Managed Firewall/VPN Managed IDS/IPS Managed Servers

Managed Desktops Security Device and Log Management

 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

Risk Management:
KNOW YOUR ENEMY – EVALUATE YOUR SECURITY STANCE
To ensure that client’s organization’s infrastructure is Secure, one must identify what we protect and what we’re protecting it from.
ERAD’s Risk Assessment Services assess internal and external threats posed to organizations at People, Process and Procedures
level.

Managed Security Service The most precise method to evaluate client organization’s information security stance is to scrutinize how it stands up against an
attack. With ERAD’s penetration testing service, our experts perform a simulated attack on your network to identify faults in your
Risk Management system, but with care to help ensure that client’s network stays online. Our external, internal and wireless penetration testing
Consulting Service services follow a structured methodology to ensure a thorough test of client’s entire environment that includes a detailed report
with tactical and strategic recommendations that take client’s business into account.
Incidence Response
Every tool used in our penetration testing has been thoroughly tested in ERAD’s labs by experts that have performed numerous
Application Security information security assessments of organizations in the retails, healthcare, biomedical, pharmaceutical and other industries.

By measuring the risks associated to business critical services and assets, ERAD can provide visibility of the top 10 vulnerabilities and
help plan delivery of prioritized, effective and least cost remediation.

Security risk analysis, otherwise known as risk assessment, is fundamental to the security of any organization. It is essential in
ensuring that controls and expenditure are fully commensurate with the risks to which the organization is exposed.

WHAT DO WE ASSESS?

Information Security

Process Security

Communications Security

Physical Security
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

Consulting Services:
Over 7 years of experience in providing Information Security
consulting and professional services.

ERAD is able to provide just-in-time cost effective resources whether

you are designing and delivering new applications, improving the
performance of existing systems or migrating to a new platform.
Managed Security Service ERAD Consultants have over 7 years of experience in providing
Risk Management security consulting and professional services for a wide variety of
platforms. The Consulting Division focuses on providing
Consulting Service knowledgeable consultants in areas such as Security, Disaster
Prevention, Business Continuity and Policy Development. Whether
Incidence Response
for long-term basis or an immediate project, we can supply expert
Application Security personnel to meet your needs.

ERAD is able to provide just-in-time cost effective resources whether

you are designing and delivering new applications, improving the
performance of existing systems or migrating to a new platform.

Our consultants have the opportunity to work in a wide variety of

technologically advanced corporations. We provide continuous
training to keep our consultants up to date in the latest technology
related to their specialized fields.

Secure Network Architecture designing

Product Provisioning

Secure Implementation

Security Policy Review and Development
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

Security Incidence Response Team (SIRT):

For organizations that need specialist investigation of a security infringes or helps in developing and
executing their incident response and disaster recovery plans.

Overview

Threats to businesses can take many forms: unauthorized access, data theft and malware outbreaks are just the tip of the iceberg.
Managed Security Service Many organizations, when faced with an attack, are ill-prepared to respond to the security incident. ERAD’s SIRT, a team specializing
in forensics investigations and security testing, has developed a program to prepare and help protect organizations from such
Risk Management incidents.

Consulting Service SIRT is ideally situated to assist organizations in their pursuit of threat prevention; in the past two years, SIRT has investigated more
than 50 cases involving security compromised organizations which were not adequately protected. With the help and advice from
Incidence Response
SIRT, these organizations ultimately institute appropriate policies and procedures to help protect them against future attacks, such as
Application Security those resulting in data loss.The Incident Readiness Service are SIRT proactive approach to help prevent security compromises and
protect the integrity of your organization.

Islands of Defense

The Incident Readiness Service combines SIRT’s data knowledge and field experience in preventing security incidents and dealing
with the aftermath of attacks. With this service, clients will receive training, documentation development and review, simulated
attack exercises, and on-demand and on-call services. The Incident Readiness Service is designed to help build “Islands of Defense”
into an organization’s infrastructure by employing multiple protection services and mechanisms to secure your critical assets.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

Application Security:
A Growing Threat to Sensitive Data: Insecure Applications

Poorly coded applications put organizations at risk. A large amount of confidential consumer information lies within the
application layer as more and more organizations develop applications to streamline internal processes and improve the
customer experience. However, without making security an inherent part of the Software Development Life Cycle (SDLC), the risk
associated with insecure applications far outweighs these gains in efficiency and customer satisfaction.

ERAD’s full suite of application security solutions delivered by an expert team of application specialists ensures that your
Managed Security Service application is tested and reviewed thoroughly. The application security team uses manual processes to test and review
applications according to your needs. The result is specific guidance that can significantly improve the security of your
Risk Management applications.
Consulting Service Application Penetration Testing
Incidence Response An application penetration test simulates an attack against an application to determine the effectiveness of its security controls.
Application Security Performed by ERAD’s application security experts, the manual testing process probes an application much more thoroughly than
automated assessment tools that can produce generic responses and excessive false positives. By thoroughly testing an
application from a variety of authenticated- and unauthenticated user perspectives, the ERAD application penetration testing
service highlights risks posed by exploitable vulnerabilities.

ERAD application penetration tests evaluate an application’s vulnerability to all known application exploits including but not
limited to:

Arbitrary Code Execution Authentication Bypass Input Validation Input Tampering

Cross-Site Scripting URL Manipulation SQL Injection Hidden Variable Manipulation
Buffer Overflows Cookie Modification

The intention of ERAD’s application penetration testing methodology is to demonstrate existing, exploitable vulnerabilities within
an application that can lead to the compromise of critical data. Clients receive the results in a detailed deliverable including both
tactical and strategic recommendations. The simulated attack aids clients in pinpointing flaws and mitigating the risk of data
compromise.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

10

Our Team:
The ERAD’s Information Security Team supports the client's mission by evaluating information security vulnerabilities and
implementing technologies, procedures, and guidelines to ensure that appropriate levels of confidentiality, integrity, and
availability of all clients’ information assets are maintained.

Our team is highly experienced and trained in the latest tools and techniques used by hackers and organizations that commonly
compromise networks and the systems within to obtain access to confidential data and critical resources.

The team includes Certified Information System Security Professionals - CISSP, Certified Information System Auditors - CISA,
Certified Business Continuity Planners - CBCP, Information Systems Auditors - ISA, ISO27001 auditors, CISCO professionals,
Microsoft Certified professionals and Certified Ethical Hackers – C|EH.

ERAD is founded with the articulate purpose of protecting people around the nation using the latest in state-of-the-art security
technologies.
 CORPORATE
FOREWARD ABOUT ERAD RESPONSIBILITY SERVICES OUR TEAM CONTACT US

ERAD PVT LTD.

3rd Floor NSL icon, Suite#15 & 26
Hyderabad, Andhra Pradesh-34
Tel: +91-40-4431-1341, Fax: +91-40-4431-1100
Email: info@erad.co Web: www.erad.co