iNode Services Limited

PART 1 i. BACKGROUND

What is Information Security Securing information means the employment of protective practices and management. They are all about protecting and preserving the confidentiality, integrity, authenticity, availability, and reliability of information. The information can be of various types be it personal health or financial records, or even classified sensitive government information. It is rather impossible to secure each or part of information if we do not deploy security practices systemically. Information system security implies the protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. Why Information Security Awareness We use information systems and internet to storing information, processing data, sending and receiving messages, communications, controlling machines and the list is not exhaustive. We also make online purchase and payments. These usages that create information flow are just to add convenience to our lives. If we take the cases of inadequate knowledge of security on internet usage we can become the victim of virus, hacking that could lead us to the loss of our personal, financial and other sensitive data. So awareness is required at personal and institutional level as long as to combat the threats to information security. Information Security Solution Information systems security solutions provide the basic requirements to successfully integrate security into information technology in a manner that properly addresses real threats so that to ensure the confidentiality, integrity, and availability of information. Implementing weak information security controls can result in the loss of trust, reputation, and money for consumers, businesses, and governments. The sharp increase in the number of fraud, extortion, and identity theft crimes is a primary result of weak information security management. The cost of implementing basic controls to protect information is generally much less expensive than a security breach. Weak information security management can generally be contributed to the lack of understanding and acknowledgment of the real threat to information. The need for business and government leaders to realize the benefits of security controls and integrate them into existing and new IT environments is key to the success of information technology and the economy that is driven by the sharing and availability information.

ii.

iii.

While there are a number of different internal and external threats to information, not all information systems are at risk because of their design, or the information that they maintain. The number of vulnerabilities can influence the associated risk of a threat. The following is a list of common threats to most information systems: Unauthorized access, alteration, or destruction of information.

Misuses of Social Networks, Emails and Blogs Misuse of authorized access to information. Accidental alteration or destruction of information. Malicious software programs. Misconfigured or poorly designed information systems allowing too much access. Social engineering. System or communications disruptions (denial of service, hardware failure). Improper handling of information. Physical theft of information or information systems. Environmental hazards (flood, fire, earthquake, etc.). Power failure.

PART 2 SECURITY MAP

WHERE

DOES

BANGLADESH

STAND

IN

THE

INFORMATION

With growing dependency on information and communication technology in everyday life, cyber security has become more and more important in the fast-changing socioeconomic environment. This diverse trend is apparent as information channeled through various media is constantly compromised for the vulnerability of the systems in operation. By realizing initiatives concerning information security such as National Information and Communication Technology Policy (2002) the government of Bangladesh has given enormous importance, albeit lately, to the information security practice. To get a clear picture of where Bangladesh stands today in respect to information security we can refer to the proliferation of cyber crime and hacking incidents. Recently the website of Bangladesh Supreme Court has been hacked but with the involvement of Cyber Crime Unit of RAB the issue is resolved successfully. The latest outbreak of series of cyber hacking attacks on Bangladeshi/Indian websites and servers by Indian/Bangladeshi hackers respectively added tension to the bilateral relation between Bangladesh and India. Alongside the internet related threats the absence of guidelines and standards for information and systems security at the policy level and also the absence of internationally accepted security standards and practices in management and performance level trigger Bangladeshi businesses and corporate to become susceptible to vulnerabilities. For information security to be successful in todays digital economy, it will require the involvement of all of its players to work

together. Because many organizations and government itself have been slow to adopt the concepts of information security, the need for standards and regulations is required to provide the proper direction for successfully protecting information. With the low cost of technology and the worldwide availability of the Internet, the possibility of exploiting vulnerabilities and turning threats into reality is a major concern.

PART 3

WHY US

iNode Services Limited is a systems security service provider pioneering this sector in Bangladesh. Our services cover some of the major components of Information Security which are: Cyber Security Cyber/Digital Forensic Penetration Testing Evidence Preservation and Collection IT Security Consultancy IT Network Solution and Support IT System Solution and Support Web Designing Customized Software Development Training

With the ever increasing rates of system vulnerabilities we already bagged clients in both governmental and corporate level including RAB, the wing of Bangladesh Police that spearheading the cyber crime investigation in our country. Our accomplishments so far as a pioneer in information systems security solution provider are commendable. We design and deployed Cyber Crime Investigation and Digital Forensic System (CCIFS) in Bangladesh at RAB HQ, the first of its kind in Bangladesh. A collection of open source forensic software and servers been added there for forensic system. Additionally a team of 20 personnel have been trained during the deployment. PART 4 MISSION AND VISION

We started our venture with a very simple but critical mission of making our society safer by enhancing security efficiency for the information systems and also by improving flexibility of our information-dependency through information security awareness and customized solutions. The rationale behind our mission is well suited and explained by our vision to create effective understanding and appropriateness of information security among technology users while sharing information.

PART 5

OUR PEOPLE

Chairman : Mohammad Ekhlasur Rahman Khan

Area of Knowledge: A retired banking professional applies his financial acumen and economic knowledge to help setting up the company with guidance and prudence. Experience: As a commerce graduate from Dhaka University Mr. Khan joined The Directorate of Commercial Audit of Pakistan as Auditor in April 1964. He then joined the then Agricultural Development Bank of Pakistan in 1967 as Internal Auditor. For his service excellence he headed various departments of Bangladesh Krishi Bank until his retirement in July 2000. He also received various training including International Banking at Commerz Bank, Germany in 1991. After his retirement he served one of the leading NGOs of Bangladesh as Consultant and also adorned some advisory position to several insurance company until he initiated iNode Services in 2009.

Vice Chairman : Mahfuzur Rahman

Area of Knowledge: Service Portfolio Management Project Management Marketing and Communications Experience: Mr. Rahman has experience of working for foreign and multinationals under his belt. Prior joining iNode he was the Operations Director of the Dhaka Liaison Office of Exling LLC, a Florida based software development and automation service provider. Under his leadership Exling launched its eCommerce ventures like ajkeroffer.com and started few other marketing projects. Previously, he worked for British Telecom, the global telecommunications services company in the UK. He pursued his Masters degree in Globalisation from University of Aberdeen. He also obtained an MBA in Corporate Finance from University of Abertay Dundee. He completed his BSS Honours in

International Relations from University of Dhaka.

Chief Adviser : Dr. Mohammad Zahidur Rahman

He is currently a Professor at Department of Computer Science and Engineering of Jahangirnagar University, Bangladesh. He obtained his B.Sc. Engineering in Electrical and Electronics from Bangladesh University of Engineering and Technology in 1986 and his M.Sc. Engineering in Computer Science and Engineering from the same institute in 1989. He obtained his Ph.D. degree in Computer Science and Information Technology from University of Malaya in 2001. He is a co-author of a book on E-commerce published from Malaysia. His current research includes the development of a secure distributed computing environment and e-commerce and overall Information Security. Besides he has worked (and working) with ICT Ministry, GoB, World Bank, ADB and many vital national/multinational organizations as an advisor or consultant.

Adviser, HR and Management : Mohammad Sayeedur Rahman

Area of Knowledge: Training Education Research and consultancy Experience: Sr. Research Officer, Bangladesh Institute of Management (BIM): Work as a regular faculty member and trainer in the institute-run short management training fof professionals . Adjunct Faculty Member in University of Asia Pacific: work with 4 departments of university of Asia Pacific. The responsibility includes conducting semester long course on economics, setting question, examining answer script and preparing the grade sheet of the students Worked with Muktijudhdha Kalyan Trust, Transparency International Bangladesh, Runner Group in different assignment.

Chief Executive Officer : Symum Jahangir

Area of Knowledge: Certified Ethical Hacker (C|EH) Experience: CCHA Project: Automation Project of

Computer Hacking Forensic Investigator (C|HFI) MCITP (Server and Enterprise) Cisco Certified Network Associate (CCNA) CCNA Security Sun Certified System Administrator(SCSA) Sun Certified Network Administrator(SCNA)

Chittagong Custom House (Complete Network Design, setup and implementation). DCHA Project: Automation Project of Dhaka Custom House (Complete Network Design, setup implementation). ADAFCSS Project: Air Defense Artillery Fire Control Simulation Systems (Complete Network Design, setup and implementation). CTMS Project: Container Terminal Management System of Chittagong Port (Complete Network Design setup and implementation). FASS Project: Field Artillery Simulation Systems (Complete Network Design and implementation). Standard Chartered Bank, Bangladesh: Head Office Extension Project. CCIFS Project: Cyber Crime Investigation & Forensic System, Rapid Action Battalion (RAB) HQ. (Implementation, Consultant and Trainer)

Chief Technical Officer : MJF Rupom

Area of Knowledge: Specialist: Cyber Security, Cyber Crime Investigation, Digital/Cyber Forensic and UNIX Trainer: Cyber Security and UNIX Researcher: Information Systems Security and Forensic C|EH : Certified Ethical Hacker EC-Council OCSECA : Oracle Certified Expert, Security Administrator OCNA : Oracle Certified Expert, Network Administrator OCSA : Oracle Certified Professional, System Administrator MCITP : Microsoft Certified IT Professional (Server Admin. on Windows Server 2008) MCITP: Microsoft Certified IT Professional (Enterprise Admin. Windows Server 2008) MCTS : Microsoft Certified Technology Specialist (Exchange) MCTS : Microsoft Certified Technology Specialist (Share point) MCTS : Microsoft Certified Technology Specialist (Lync) MCTS : Microsoft Certified Technology Specialist (Virtualization) MCTS : Microsoft Certified Technology Specialist (HPC Developing) Experience: RAB Forces HQ: Consultant & Trainer, Cyber Crime Investigation and Digital Forensic Cell Controller of Certifying Authorities (CCA), Ministry of ICT (MOICT), GoB: Consultant and Expert Bangladesh Computer Council: Special Guest Faculty member, BKIICT Bangladesh Institute of Management (BIM): Guest Speaker, Cyber security American International UniversityBangladesh (AIUB): Senior Instructor, Unix OS & Ethical Hacking, Sun Academic Initiative, Continuing Education Center

MCP : Microsoft Certified Professional CCNA: Cisco Certified Network Associate

Head of Sales and Marketing: Sifat Alamgir

Area of Knowledge BBA Project Management Professional (PMP) Experience Asian Global Associate Ltd.: Assistant Merchandiser. Asian Global Associate Ltd.: Merchandiser. iNode Services Limited: Head of Sales and Marketing

Network Admin : Atiqur Rahman

Area of Knowledge CCNA, RHCE, CEH System and Network implementation. System and Network Security Experience Fiza VCD & Business Solution : CSM (Customer Service Manager) & Network Administrator iNode Services Limited : Network administrator Dhaka, Bangladesh Design, Implement & Secure the Corporate Systems/Network

Project Manager : Md. Abdul Woaes

Area of Knowledge CCNA, RHCE, CEH System and Network implementation. System and Network Security Experience ZTE Corporation Bangladesh Ltd: System Engineer Data Soft Systems Ltd: Network Engineer : Chittagong Custom House Automation Project Dhaka Custom House Automation Project iNode Services Limited System administrator Dhaka, Bangladesh Design, Implement & Secure the Corporate Systems/Network

PART 6

CONCLUSION It is very crucial for us to realize that information security is no longer remained just a technology issue, but also a people and business issue. This helps to emphasize that the role of information security neither begin and end with nor an absolute domain of Information Technology. And our business is to ensure the information security by protecting the people, businesses, government and our economy from security vulnerabilities caused by the natural advancement of Information Technology and society as we know it.

Company Profile
iNode Services Limited
Office
Ka - 39/5 Progoti Sarani, Kuril Bishwa Road, Dhaka 1229, Bangladesh Phone : +88 02 8416478, +88 01611 046633 Web : www.inode.com.bd E-mail : info@inode.com.bd

Index
PART 1 PART 2 PART 3 PART 4 PART 5 PART 6 PART 7 BACKGROUND WHERE DOES BANGLADESH STAND IN THE INFORMATION SECURITY MAP WHY US MISSION AND VISION OUR PEOPLE CONCLUSION ORGANOGRAM 1 2 3 3 4 7 8

PART 7

ORGANOGRAM