Company Profile

About Sami Tech Ltd.

Sami Tech Ltd. is an IT Enabled Services Company, established 5th September 2018. We
focused on Information System (IS) Audit, Information System (IS) Security Gap
Assessment, IS Security Risks Assessment, Vulnerability Assessment & Penetration Test
(VAPT), Compliance Validation, Cybersecurity Framework Implementation, Cybersecurity
Manage Services, Business Transformation, Enterprise Governance IT (EGIT). We also
deliver IT strategy and consulting, Cybersecurity consulting and managed IT services.

Mission

To be the leading global consulting company, focused on leveraging technology to add

tangible value for all stakeholders.

Vision
To help companies to be more successful through the use of information, systems and
technology. Our Aim is to make our organization strong and more competitive in the global
business.

Core Values
Excellence - setting and achieving high standards of Professional ICT Solutions

Integrity – displaying and practice the highest ethical and professional standards

Honesty - using truthful communications and trustworthy actions.

Commitment - engaging willingly and completely in the fulfillment of our mission.

Respect - showing courtesy and understanding for all with whom we interact.

Collaboration - maximizing relationships so collective efforts surpass those of the individual.

Stewardship - prudent use of human and financial resource

Cybersecurity Service
Information Systems (IS) Audit
Information systems (IS) audit is a part of the overall audit process, which is one of the
facilitators for good corporate governance.

IS Audit determines whether a computer system (information system) safeguards assets,

maintains data integrity, achieves organizational goals effectively and consumes resources
efficiently.

IS Risk Assessment
Organizations use automated information technology (IT) systems to process their
information for better support of their missions, risk management plays a critical role in
protecting an organization’s information assets, and therefore its mission, from IT-related
risk.

Digital Forensic
Our digital forensics services cover complete spectrum of possibilities to look for the
malicious actor from memory analysis, disk analysis to network forensics. We offer
extraction of necessary artifacts for further investigation, provide expert advice on what can
and what cannot be retrieved and provide evidence well intact which can be used in legal
proceedings if required.

Business Impact Analysis (BIA)

The goals of the BIA analysis phase are to determine the most crucial business functions and
systems, the staff and technology resources needed for operations to run optimally, and the
time frame within which the functions need to be recovered for the organization to restore
operations as close as possible to a normal working state. The analysis may be manual or
computer-assisted.
Business Continuity Plan (BCP)
Business continuity planning (BCP) is the process involved in creating a system of
prevention and recovery from potential threats to a company. The plan ensures that
personnel and assets are protected and are able to function quickly in the event of a
disaster. The BCP is generally conceived in advance and involves input from key
stakeholders and personnel.

Our industry leading certified experts helps our clients to develop Business Continuity
Plan (BCP)

Disaster Recovery Plan (DRP)

The overall idea is to develop a plan that will allow the IT department to recover enough
data and system functionality to allow a business or organization to operate - even possibly
at a minimal level.

We develop business continuity and disaster recovery programs

that meet the unique needs of your organization.
Vulnerability Assessment & Penetration Test (VAPT)
Vulnerability assessment (VA), includes the use of various automated tools and manual
testing techniques to determine the security posture of the target system. In this step all the
breach points and loopholes are found.

In Penetration testing (PT) Sami Tech Ltd simulates the activities of a malicious attacker who
tries to exploit the vulnerabilities of the target system. In this step the identified set of
vulnerabilities in VA is used as input vector.

Managed Cybersecurity Service

It is incredibly difficult and expensive to both find and then retain the right security
expertise to keep your business secure. The best way to overcome the struggle of staying
secure is to outsource your cyber security to an IT Partner with a knowledgeable and
experienced security team who are on hand to keep your business secure.

As part of our Managed Cyber Security Services, we offer:

Regular software
Threat management. Access management.
patching.

Vulnerability Security incident User education and

management. response. training.
IT Governance
IT Governance (Information Technology Governance) is a process used to monitor and
control key information technology capability decisions - in an attempt - to ensure the
delivery of value to key stakeholders in an organization. The process therefore monitors
and control key IT decisions that might have an impact - positive or negative - on
business results.

We have experts who will work with our clients to ensure the IT Governance in their
organization.

Strategic
Alignment

Performance
Value Delivery
Management

IT Governance

Resource Risk
Management Management
Cybersecurity Framework Implementation
The Framework is voluntary guidance, based on existing guidelines, and practices for
organizations to better manage and reduce cybersecurity risk.

Using the framework could improve the critical infrastructure of an organization. The
Framework can be implemented in stages and hence can be tailored to meet any
organization’s needs. The Framework is intended to supplement, not replace, an
association’s cybersecurity program and risk administration forms. Our expert team help
our clients to implement any cybersecurity framework.

Identify
Business Environment Risk Management
Asset Management Risk Assessment
Governance Strategy

Protect
Awareness &
Access Control Data Security Maintenance Protective Tech
Training

Detect
Security Continuous
Annomalies & Events Detection Processes
Monitoring

Response
Response
Communications Analysis Mitigation Improvements
Planning

Recover

Recovery Planning Improvements Communications

Certification Service
ISO 27001

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining

and continually improving an information security management system within the context
of the organization. It also includes requirements for the assessment and treatment of
information security risks tailored to the needs of the organization.

Audit Certify
Asses Implement
Education

Webiner Gap Analysis Context of Internal Audit Certification

Seminer Executive Organization Fix Non- Audit
Training Summary Leadership conformities Annual
Project Plan Planning Surveillance
Audit
Support
Operation
Performance
Evaluation
Improvement
PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards
designed to ensure that ALL companies that accept, process, store or transmit credit card
information maintain a secure environment.

• Select QSA
• Define Methodology
• Perform Data Discovery
Preparation
• Map Data Flaws
• Identify Current Scope
• Gather Documentation

• Risk Assessment
• Scan & Pen Test
Gap Analysis • Identify Technology Issue
• Identify Documentation
Issue

• Optimize Scope/
Segmentation
• Remediate People, Process,
Remediation Technology
• Awareness Training
• Obtain Clean Scan & Pen
Test

• Disseminate Policies
Assessment/ • Perform Recurring Task
Maintenance • Collect Evidence
• Plan, Do, Check, Act
SWIFT Security

The SWIFT Customer Security Controls Framework describes a set of mandatory and
advisory security controls for SWIFT customers.

27 Controls

8 Principles

3
Objectives
Consultancy Services
Business Process Re-engineering
Business process reengineering is the act of recreating a core business process with the goal
of improving product output, quality, or reducing costs.

Typically, it involves the analysis of company workflows, finding processes that are sub-par
or inefficient, and figuring out ways to get rid of them or change them.

Identify
Processes

Review,
Test &
Update,
Implemen
Analyze
t to-be
as-is

Design to-
be

Business Transformation
Business Transformation is the process of fundamentally changing the systems, processes,
people and technology across a whole business or business unit, to achieve measurable
improvements in efficiency, effectiveness and stakeholder satisfaction. As such, a business
transformation project is likely to include any number of change management projects,
each focused on an individual process, system, technology, team or department.

Systems

Technology Processes

People
Cloud Consultancy
The Cloud Consultancy provide a comprehensive, boutique IT service to Small and Medium
sized businesses (SMB’s), sole traders and start-ups, provisioning and supporting their core IT
business services.

We help our customers understand the different capabilities of the Cloud solutions available
and look to match these to their technical and business requirements.

Our experienced Cloud Consultants can help you determine the efficacy of and implement
these popular cloud solutions:
➢ Digital Transformation
➢ Converged & Hyper Converged Infrastructure
➢ Software Defined Data Centers (SDDC)
➢ Virtualization
➢ IaaS and SaaS Solutions
➢ ...and many other cloud solutions.

Data Analysis & Big Data

Data analytics (DA) is the process of examining data sets in order to draw conclusions about
the information they contain, with the aid of specialized systems and software. Data
analytics technologies and techniques are widely used in commercial industries to enable
organizations to make more-informed business decisions.

Data
Data
Define the Data Data Field Level Analysis &
Consolidat
Objective Gathering Cleaning Analysis Business
ion
Insights

• Missing • Merging
Value Data From
Treatment Different
• Handling Source
Outliers • Defining
• Data Type Unique Key
Analysis • Defining
Relationshi
p in data
Post Implementation Review
Post-implementation review is a process to evaluate whether the objectives of the
ERP/Software were met. We can also use it to see how effective the software was managed.
This helps to avoid making similar mistakes with future projects and learning how to run the
project better.

Gap Stakehold
Analysis ers Benefits Report

Project Costs Lessons

Goals
ICT Infrastructure Service
Our ICT infrastructure experts can assess, plan, design, implement and optimize services to
increase the reliability, availability, security, and scalability of your ICT infrastructure. Our
professional consultants can engage at any stage of your ICT infrastructure lifecycle.

Server & Storage

Sami Tech Ltd provides a range of storage solutions, from all-flash and hybrid storage,
storage area network (SAN), network attached storage (NAS), cloud storage for off-site back
up, to solid state drives (SSD).

Network
Our consultants have decades of network design, implementation and operation experience
working with industry leading technology vendors. Our services coverage includes LAN,
WAN, Security, Remote Access, Video/Voice, and structured cabling.

Virtualization
Sami Tech Ltd. implements integrated virtualization strategies that align virtual infrastructure
to IT policies in order to optimize the environment, increase efficiencies, reduce risk and
costs, and deliver the highest return on investment.
 Data Center

Our data center solution takes a three-pronged approach:

Design:
Our multi-disciplinary team offers a full portfolio of design services, from professional
consulting, through design, to engineering services. It considers the core elements of
space, power and cooling. The design includes the network infrastructure (LAN and WAN),
IP telephony, power and cooling requirements, and patch rooms with network, access and
core switches.

Build:
Our project specialists ensure that construction projects are carefully planned, managed
and executed from start to finish. Professional project management and turnkey project
implementation methodologies ensure timeous projects with as minimal disruption as
possible, whether it is building a new data center, upgrading equipment, or modernizing a
power system.

Construct:
Construction takes a phased approach. Data center construction includes the walling,
raised flooring, cabling and electrical reticulation. The final phase involves integrated
system testing for the highest availability, optimal performance and ideal environmental
conditions.
 Surveillance System

Access Control
Enables integrated security, physical access
control and attendance solutions, involving
touch and touchless devices as well as CCTV
intelligent access logs. The integration of the CCTV system with the
interior and perimeter security and access
control systems delivers a holistic security
solution. These systems enable on-site or
remote monitoring, any time of the day or
Face Recognition night. Analytics, powered by artificial
Facial recognition technology offers intelligence, provide valuable information for
unparalleled security, reduces health risks, identifying trends and reducing false alarms.
and improves the convenience and.
efficiency of access control and attendance

Building Management System (BMS)

Automated building management systems (BMS) are the entry point for systems integration and
encompasses automation, security and management solutions for the property portfolio across
various industries.
These solutions are customized for the specific building requirements of the commercial,
residential development, hotel, retail and healthcare industries, apartment & home.
 INFORMATION TECHNOLOGY SOLUTIONS
THAT WORK FOR YOUR BUSINESS
•Next Generation Firewall •IT compliance and log •Browse management and
•UTM management security software.
•Wireless Security •SIEM •Mobile Device Management
•Database Protection •PAM & IAM (MDM)
•Email Security •SSH key and SSL certificate •Enterprise vulnerability
•Secure Web Gateway management management software
•Storage •Active directory change •Asset management suite
•Backup Solutions auditing and reporting. •Content and malware analysis
•Intrusion Prevention (IPS) •Exchange Server Change Audit •Data Loss Prevention (DLP)
•Intrusion Detection (IDS) and Reporting. •Malware Analysis Service
•Advance Threat Protection •Network Configuration •Managed Security Services
•Endpoint Security Management •Messaging Gateway
•Network & Server •Cloud Seceurity & Log •Service Desk
Performance Management Management • VAPT Tools
•Firewall Analyzer •File Server Auditing & Data
•ATM Security Discovery
•Data Center Management
Client List
IS Audit & Cybersecurity Services

Berger Paints Basic Bank Ltd. Prime Bank Ltd Habib Bank Ltd NRB Bank Ltd
BD Ltd.

Pioneer Rupali Eastland Trust Bank Ltd.

Insurance Co. Insurance Co. Insurance Co.
Ltd. Ltd. Ltd.

Implementation Services

ACNABIN Aziz Halim Khair Dushtha Shasthya Ahsan Manzur &

Chartered Choudhury Kendra (DSK) Co.
Accountants

Eli Lilly (Interantion

Agencies (Bd.) Ltd.
Software, Web & Mobile Apps Development

Bloomeco, Thermotech ISAS Consulting Signet TRS

Australia Green Products Services

Shokher Khamar Boots

Bangladesh

Other Services

Al-Arafah Islami Bank Ltd

Team Combination
Project Management Professional (PMP) 1

Certified Information System Auditor (CISA) 3

Certified Information System Security Professional (CISSP) 1

Certified Chief Information Security Officer (C|CISO) 2

Certified Lead Pen Test Professional (CLPTP) 4

EC Council Security Analyst (ECSA/LPT) 2

License Penetration Tester (LPT) 1

Certified Ethical Hacker (CEH) 5

ISO 27001 Lead Auditor 5

Team Experience
• Bangladesh Bank
• Sonali Bank
• Janata Bank
• Exim Bank
• Premier Bank
• Prime Bank
• Basic Bank
• Habib Bank
• Trust Bank
• NRB Bank
• Social Islami Bank Ltd (SIBL)
• Al-Arafah Islami Bank Ltd. (AIBL)
• One Bank
• Shahjalal Islami Bank Ltd.
• Islami Bank Ltd
• State Bank of India
• Woori Bank
• AB Bank
• DBH
• IPDC
• BIFL
• Information Technology Consultant Ltd
(ITCL)
• Silkways Ltd
• Dhaka Stock Exchange (DSE)
• eGP
• Grameen Phone (GP)
• ICDDR,B
• Biman Bangladesh
• SOS Children Village
• Asa International
• Power Grid Bangladesh Ltd (PGBL)
• Titas Gas Transmission & Distribution
Company Ltd
• Walton Hi-Tech Industries Ltd
• Eli Lilly (Interantion Agencies (Bd.) Ltd
• Delta Life Insurance Co Ltd
• Rupali Insurance Co Ltd.
• Eastland Insurance Co Ltd.
• etc
Contact Us

House # 27, Road # 9/E,

Block # E, Dolipara,
Uttara, Dhaka – 1230
Bangladesh
Phone: +881911156414
[email protected]
www.samitechbd.com
/company/samitechbd
/samitechbd