Avenues in Information Security and Networks

Services
- - Compliance
  - Information Assurance
  - CloudSecure
  - Information Security Assessment
  - Information Forensics
  - Technology
  - Managed Services
  - Training Services

Why VISTA InfoSec

100% Compliance Rate

All organizations where VISTA InfoSec performed the ISO27001 initiative are successfully certified!

"We have partnered with VISTA InfoSec for assisting us in implementing a combined ISMS framework encomapssing the ISO 27001 and PCI DSS guidelines for our business. Their domain expertise and consultative solution driven approach were key to address the IT security risks arising from our complex processes. We greatly appreciate their inputs for helping our team prepare; and train for the final compliance audits; and are sure to engage VISTA InfoSec for any of our future initiatives."

Karthik Ganesan, VP – Operations, Billdesk (Indiaideas)
"We are honored to have this great business relation with your organization.
We appreciate the most your initiative to build the relation with our organization based on trust before jumping to the legal procedures.
Plus your continuous support & cooperation to make us earn this valuable certification (ISO27001)."

Mr.Abdulla H. Al Hammadi, Chief Operating Officer, Electronic Document Centre, Dubai..
"VISTA InfoSec has helped us immensely in making some of the difficult choices related to related to IT infrastructure, their advice at times have been superior than leading IT infrastructure services providers"

Dhaval Thakkar, D.GM.IT, Lodha Group
"When Khaitan & Co signed on Vista the Firm was looking for an expert in the IT Policy setting area who will be able to give us sufficient time and complete the project on a time bound manner. Overall we are very satisfied with the services rendered by Vista. Their experts have enough information and in-depth knowledge of the industry and have guided us in several areas other than the mandate as well. We will definitely consider them for future projects for their honest and professional approach and usefulness of their deliverables."

Mr.Nilanjan Ghose COO, Khaitan & Co.
Good knowledge about the standard - earlier and new version - alongwith all that goes on in the IT world be it technology, O/S, various tools, security sites, etc"

Mahindra Ugine Steel Company
"NASSCOM’s applications are complex and built on multiple platforms so as to meet the demands of our broad and dispersed member base. Additionally, these applications are developed and maintained by various partners. Being the entity that we are, it becomes very important that we maintain utmost security for our members. VISTA InfoSec helped us in analysing our applications and identifying vulnerabilities. Their support and commitment is outstanding. "

Ameet Nivsarkar, Vice President, NASSCOM
"To implement our ISMS, we choose Vista as our partner based on their expertise. Their functional knowledge and technical expertise was evident in the solution they designed and deployed for us"

Samir Dadia,, Director, Saama Technologies (I) Ltd.
"We have been working with VISTA InfoSec for more than one year and we find them to be one of the most competent, thorough and most importantly - proactive professionals in their field of work"

Mr. Anantha Krishnan, IT Head, Siyaram Silk Mills
"We have been working with VISTA InfoSec for more than one year and we find them to be one of the most competent, thorough and most importantly - proactive professionals in their field of work"

Mr. Anantha Krishnan, IT Head, Siyaram Silk Mills

Home >> Services >> CloudSecure >> Cloud Infrastructure Assessment

Cloud Infrastructure Assessment

Security professionals are facing the difficult challenge of extending security requirements to take advantage of cloud computing and software-as-a-service applications. This stems from the fact that as per the very definition of Cloud Computing, the infrastructure visibility to the end customer is very low especially in SAAS & PAAS Models. Furthermore, there could be several issues in the underlying OS and network designing/configuration which can compromise your sensitive data residing on the cloud.

For example, a denial of service attack launched by a malicious insider was demonstrated against a well-known IaaS cloud. The attack involved a cloud subscriber creating an initial 20 accounts and launching virtual machine instances for each, then using those accounts to create an additional 20 accounts and machine instances in an iterative fashion, exponentially growing and consuming resources beyond set limits.

Marco Slaviero, BlackHat Presentation Demo Vids: Amazon, part 4 of 5, AMIBomb, August 8, 2009, http://www.sensepost.com/blog/3797.html.
Kim Zetter, Bank Sends Sensitive E-mail to Wrong Gmail Address, Sues Google, Wired Magazine, September 21, 2009, URL: http://www.wired.com/threatlevel/2009/09/bank-sues-google.

Our well experienced and qualified team of experts assess the network design, virtualization topology (if any), Intrusion detection checks, failover controls, etc as per your business requirements.

Using globally recommended frameworks from NIST, ENISA, CCM, etc, VISTA InfoSec has developed a state-of-the-art assessment framework which effectively helps identify and mitigate infrastructure based risks on the cloud such as:

Insider Access
Ancillary data
Software isolation
Availability

Contact us for an Cloud Infrastructure Assessment "value add presentation" and detailed deliverables for your organization.