Please wait...

Executive Overview

Thank you for reaching out to the team at Harshwal & Company LLP . You are about to take an essential step forward that will result in the enhancement of your organization’s cybersecurity effectiveness and the strength of its cybersecurity posture.

Harshwal & Company LLP has proven itself the ideal Managed Services Provider for companies throughout United States and International locations. Our scope, breadth and depth of certified knowledge and experience ensures that we bring the exact mix of experience, product, service and value to meet VIP CUSTOMER’s rigorous requirements.

Highlights of This Proposal

In this proposal, you’ll discover:
  • Our clear understanding of VIP CUSTOMER specific requirements for network and engineering services
  • Detailed Overview of Harshwal & Company LLP Methodology
  • Pricing and Terms and Conditions

Expertise—Certified to Satisfy

Our experienced and expert technicians, architects and engineers are certified across all major systems—hardware and software. They’re on top of the latest innovations, in touch with the right knowledge sources and working with those technologies every single day.

At Harshwal & Company LLP , we believe that every client is unique, and each project should be treated as priority #1. Our team members are highly credentialed penetration testing and cybersecurity professionals (CISSP, OSCP, OSWP, CJIS Level 4, CompTIA Security+, IBM Certified Application Developers, etc.) and are absolutely the best that the industry has to offer.

Scope of Services—Every Corner of Your Infrastructure

We’ll provide ground-floor consulting, strategy and IT architectural services. We’ll take responsibility for all your IT assets, including license optimization, maintenance and upgrade, monitoring and more. We’ll host your network, defend your security and build and augment your applications.

Customer Care—Whatever You Need, Whenever You Need It

Top-quality service is evident in every aspect of our work with you—and especially so in our help desk and support services. We handle every level of support, every second of every day. That includes everything from simple password resets to Level 3 support issues. We guarantee professional, timely, accurate results and ensure that each client is 100% satisfied with the work that is delivered.

Account Management—Working Side by Side

A key part of our relationship with you is our account management team. Account managers are permanently assigned to a client. They’ll get to know you, your systems, your processes, your culture and—most importantly—your people.

Fully Transparent—You’re Always in Control

With Harshwal & Company LLP , you have unobstructed visibility into every corner of your operation. No matter which elements of your IT you trust to us, we’ll keep you continually informed through ongoing alerts, ongoing conferences and easy-to-understand, regularly scheduled reporting.

Highlights of The Harshwal & Company LLP Security Assessment Process

  • Security Requirements Discussion
  • The initial kick-off typically involves email exchanges, phone call discussions with team members, meetings and possibly a demonstration of the test targets (if required).
  • Internal Penetration Testing
  • This testing starts with the premise that an internal, trusted employee has “clicked the wrong link” or “opened the wrong email attachment” or “plugged in the wrong USB”. At this point, the adversary has a foothold inside the network, and you have been actively compromised. For any internal assets being tested, Harshwal & Company LLP shall employ a strategy that replicates a post-breach situation within the network (i.e. what can be done if an adversary has successfully breached the network perimeter). This testing method involves using a domain workstation as the “compromised victim” along with typical APT cyber-kill-chain activities. Objectives for this testing are to evaluate the internal security controls, security visibility, detection capabilities, security team response to an adversarial threat, and to assess the overall security posture of the internal network. In some cases, specific objectives are set (e.g. retrieve a file from an elevated privilege file server). Objectives can be discussed in more detail prior to the testing.
  • External (Black Box) Network Penetration Testing
  • An External Black-Box Penetration Testing mimics the actions of an actual adversary by attempting to exploit weaknesses in network security without the dangers of a real threat. This test examines external IT systems for any weakness that could be used by an external attacker to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organization to address each weakness. It should be assumed that every actively listening device that is exposed to the internet will constantly be under attack. Examples of listening services that are typically exposed would be email, web, VPN, cloud authentication, cloud storage, etc. Harshwal & Company LLP uses the Penetration Testing Execution Standard (PTES) as well as NIST SP 800-115 as the guideline for all external penetration testing
  • Web Application Penetration Testing
    The manual web application / API penetration test shall cover methodologies based on OWASP Top 10 Most Critical Web Application Security Risks, OWASP Testing Guide v4, CWE/SANS TOP 25 Most Dangerous Software Errors and The Penetration Testing Execution Standard (PTES) and can include the following high-level categories where applicable to the application or API:
    • Injection (flaws and attacks)
    • Broken Authentication and Session Management
    • Cross-Site Scripting (XSS)
    • Insecure Direct Object References
    • Security Misconfigurations
    • Sensitive Data Exposure
    • Missing Function Level Access Control
    • Cross-Site Request Forgery (CSRF)
    • Known Vulnerability Testing
    • Unvalidated Redirects and Forwards
  • Network Security Device (Firewall) Configuration Audit
    The objective of a network security device audit is to harden the perimeter of your environment (firewall, VPN, etc.) as well as any common systems (e.g. routers, switches) that are instrumental in the operation of your organization. As part of this engagement, Harshwal & Company LLP will audit 10 network devices. Testing of this type does not require direct access to any targeted security devices. Harshwal & Company LLP will analyze the running configuration of the systems under test in an offline manner.
  • Vulnerability Scanning (Internal and External)
    Vulnerability Scanning of Internal and External Targets (where applicable) shall be included (using CVSS / CVE scoring methods).

Solution Details

This proposal is between the undersigned, Harshwal & Company LLP (“Harshwal & Company LLP ” and “we”), and VIP CUSTOMER (“VIP CUSTOMER” and “you”).

Statement of Work

This proposal provides for the build-out, project planning, ongoing management and Harshwal & Company LLP off-site efforts required to achieve the project goals.

Harshwal & Company LLP will perform the following Network Security Tests on the VIP CUSTOMER network.

There is physical location that will be part of this assessment. The main office location is in San Diego, CA.

Harshwal & Company LLP will assist VIP CUSTOMER and their vendors to remediate security issues that were found as a result of the testing.
  • Internal Penetration Testing
  • External Network Penetration Testing
  • Web Application Penetration Testing
  • Network Security Device (Firewall) Configuration Audit
    • Vulnerability Scanning (Internal and External)
  • Network Switch and Router Device Configuration Audit


PRIMARY PROJECT OBJECTIVES

  • Assess current VIP Customer infrastructure for Security Issues

To ensure a smooth project through its lifecycle, Harshwal & Company LLP will assign a certified project manager, who will stay the project through to its successful completion. Harshwal & Company LLP anticipates that it can start the project within two weeks of the acceptance of this proposal.

VIP CUSTOMER Responsibilities

To ensure a smooth project through its lifecycle, Harshwal & Company LLP will assign a certified project manager, who will stay the project through to its successful completion. Harshwal & Company LLP anticipates that it can start the project within two weeks of the acceptance of this proposal.
  • Work closely with Harshwal & Company LLP to schedule services.
  • Maintain close communication on all relevant project issues with the Harshwal & Company LLP project manager.
  • Ensure that you provide full-time, qualified staff to satisfy your obligations listed in this proposal, make the timely decisions that ensure the performance of services can move forward, collaborate and participate in this project as requested by Harshwal & Company LLP and reasonably assist Harshwal & Company LLP in the performance of the services in this proposal.
  • VIP CUSTOMER personnel should be available when they’re needed, if and when they’re reasonably requested by Harshwal & Company LLP. We look to your personnel for input, services review and feedback, answers to questions, signoff and approval and to generally help Harshwal & Company LLP gather and validate information, perform reviews and obtain other input.
  • We ask that, when off-site services are required, VIP CUSTOMER will provide Harshwal & Company LLP with an adequate appropriate system access, which can include media, licensing, PINs and passwords.
  • VIP CUSTOMER must perform a full back up prior to Harshwal & Company LLP’ access to begin the project. Harshwal & Company LLP cannot be held liable for the loss, backup or restore of any VIP CUSTOMER data.
  • Harshwal & Company LLP will need to be notified prior to scheduling engineers to begin work if any of these requirements cannot be met.

Harshwal & Company LLP Assumptions

In addition to any other assumptions described in this proposal, Harshwal & Company LLP assumes the following:
  • On-site services will be performed during normal business hours (8 am to 5 pm Monday through Friday, excluding holidays).
  • To ensure on-schedule completion of the project, its scope and objectives will be jointly managed by VIP CUSTOMER and Harshwal & Company LLP.
  • Together, VIP CUSTOMER and Harshwal & Company LLP will:
  • Specify roles and responsibilities
  • Create project and test plans
  • Pinpoint risks
  • Establish and enforce change management methodologies
  • Perform ongoing open issue management
  • Additional charges may be incurred for services requested that are outside the scope of this proposal. VIP CUSTOMER will sign off on a change order before those tasks begin.
  • Services not specified in this proposal are considered outside the scope of the project. They will be established with a separate proposal or change order.

Professional Services Fees

The fees stated under this proposal include both fees for Harshwal & Company LLP personnel’s time and all related costs and fees (these are stated in the Bill of Materials section and the Expenses section of this proposal).

FIXED FEE


Security Fees (Fixed Fee)
Fixed fees of
$ 0

EXPENSES

Harshwal & Company LLP will invoice VIP CUSTOMER for reasonable and direct costs incurred during the performance of the project. These expenses include, but are not limited to airfare, lodging, mileage, meals, shipping, tolls and parking. Harshwal & Company LLP will charge actual costs without markup for these expenses. Expense costs projected in this proposal are estimates only.

Harshwal & Company LLP requires at least two (2) weeks’ advance notice for travel by Harshwal & Company LLP personnel.

Project Specific Terms and Conditions

Contact Person(s)

Harshwal & Company LLP and VIP CUSTOMER will designate a primary point of contact (“Contact Person”) before project start. The parties will share their Contact Person’s name with each other. The VIP CUSTOMER Contact Person can approve the materials and services provided by Harshwal & Company LLP. Harshwal & Company LLP will act on the decisions and approvals made by the VIP CUSTOMER Contact Person. (Harshwal & Company LLP understands that change orders may need to be authorized by a different person within VIP CUSTOMER). The VIP CUSTOMER Contact Person is the manager of all communications with Harshwal & Company LLP. The Contact Persons for both companies are authorized to approve personnel changes and services rates.

Expiration and Termination

The terms, conditions and services stated in this proposal expire in two weeks from the date on this proposal cover page. For it to be valid, it must be signed by VIP CUSTOMER and delivered in its entirety to Harshwal & Company LLP within that two-week period, unless otherwise agreed to by Harshwal & Company LLP.

Change Orders

This proposal may be changed only in writing and only by Harshwal & Company LLP. VIP CUSTOMER will generally use the change order form provided by Harshwal & Company LLP. The change order must be signed by both VIP CUSTOMER and Harshwal & Company LLP. Change orders will not be valid until they are signed by VIP CUSTOMER. If there is a conflict between an executed change order and the terms and conditions of this proposal (or an earlier executed change order), the most recent executed change order prevails.

Latest Blogs

20
May-2020
The software is used by professionals engaged in the process of accounting. The introduction and use of the softwareapplication have made significant revolutions in the accounting world. It has made the process of financial transactions efficient and fast...
19
May-2020
Part of what Harshwal & Company has always been about is applying the most advanced technology solutions available to the challenges essential to accounting and the client’s individual business, corporate, governmental, or tribal challenges...
18
May-2020
It often put the business models and customers in a dilemmatic situation whether their information is in safe hands or it is in on the edge of threshold to get stolen or at the risk of getting attacked digitally...
15
May-2020
To meet the challenges of post-pandemic era, companies should emphasize on crafting a talent strategy that develops team players’ critical digital and cognitive competences, their adaptability and resilience and their social and emotional skills...
14
May-2020
Accounting in wider perspectives is referred to as the maintenance and recording of every financial transaction a business enterprise undertakes during its course of performance...
13
May-2020
Tax is a crucial and inevitable part of business, and all the business owners, either big or small, need to pay the stipulated amount as per the local tax governing authority or IRS. We all are aware of the complexities of the tax world and know handling tax filing complexitiesis not everyone’s cup of tea...

How Did We Do?

Share Your Thoughts With Others Give us a review!
Harshwal & Company, LLP Reviews

download our app

Harshwal & Company, LLP has Mobile App to provide you with business insights, send RFP for Accounting, Auditing and IT services, register for training, send resume, keep up to date with news articles and events.

Southern California Office !

16870 W. Bernardo Drive
Suite 250
San Diego, CA 92127

View Map

Call Us Now !

858.939.0017

Bay Area Office !

7677 Oakport Street
Suite 460
Oakland, CA 94621

View Map

Call Us Now !

510.452.5051

New Mexico Office !

6565 Americas Parkway NE
Suite 800
Albuquerque, NM 87110

View Map

Call Us Now !

505.814.1201