Below is a partial list of the work done for various clients.
BFSI:
Internet Banking Audit & Security Policy Assessment for a leading Commercial Bank
The Client is a large and fast growing scheduled commercial bank with 180+ branches. It was launching its Internet Banking service and wanted a security consultant to ensure that the services were secure.
Aujas provided application security services including Vulnerability Assessment of the internet banking application, defined and documented the internet banking security policy and procedures.
The Client's systems are now compliant with RBI guidelines on Internet Banking and the bank can now offer secure Internet Banking services as a new business channel to its customers.
Management of Information Risk Management services for India’s largest Credit Card Processing Company
The Client is one of India’s largest Credit Card processing companies. It is ISO 27001 certified and PCI DSS compliant and faced periodic audits by its Clients and regulatory bodies. The company wanted a partner to manage on-going compliance and audit requirements.
Aujas provided consultants from its Managed Information Risk Services practice, whose diverse skill sets design, deploy and manage a comprehensive IT GRC (Governance, Risk & Compliance) management framework for the Client.
The Client now has a team of experienced security consultants from Aujas who manage the on-going compliance requirements of the company, using an integrated risk management framework covering ISO 27001, PCI DSS and Client security policies.
Application Security Services for a leading Insurance Company in India
The Client is a fast growing private life insurance provider in India, part of the world’s largest financial services group. It had mission-critical applications and was concerned about security issues in the application.
Aujas conducted a security assessment of the company’s mission-critical applications including architecture reviews, threat modeling, code review and front-end testing. In addition, Aujas conducted a training session for their development team and also implemented a secure SDLC framework.
The Client now has a comprehensive and proactive model to manage application security that significantly reduces the development timeframe and cost.
ISO/IEC 27001 Advisory Services and ISMS Framework implementation for a leading Knowledge Services Company
The Client is a leading Knowledge Services Company offering technology due diligence, innovation management, intellectual property and litigation support service to corporations and law firms worldwide. It was looking for a consulting company which could help it implement a world-class ISMS framework and achieve preparedness for ISO 27001 certification.
Aujas leveraged its GRC practice and devised a 3-phase approach to establish and implement the ISMS framework and provide pre-certification support. The ISMS framework with all the necessary security controls was successfully implemented in the organization.
The Client achieved pre-certification preparedness and is now an ISO 27001 certified organization.
Identity Management Services for UK’s largest BPO’s India business center
The Client is one of UK’s largest BPOs with a large business center in India. It wanted to manage the sharing of access/passwords by privileged administrators and maintain a strong security position even with attrition amongst administrators.
Aujas helped the Client fomrulate the requirements by studying various components – specifically Active Directory and Cisco devices, recommended a solution, proposed the solution architecture and implemented the same.
The Client now has a dual-factor strong authentication system in place that has reduced the risks in its data-center and has improved access control.
Secure Architecture Design and Development of a Data Warehousing Application for one of the largest FMCG Companies
The Client is one of the largest FMCG companies with a large market share both in Home and Personal Care Products, as well as in the Foods and Beverages categories. The Client planned to develop a data warehousing application and required an application security expert to help it secure the application right from the initial phases of development.
Aujas leveraged its application security practice to conduct a threat model analysis and also developed an application risk management model which would help define the necessary controls to be deployed.
Aujas helped the Client identify security flaws in the application at an early stage, leading to better timelines with a robust and secure product. In addition, the application risk management model defined by Aujas helped the Client adhere to stringent security controls and industry best practices for all future application development.
