Sugar CRM  helps companies align marketing, sales, support and executive management. Marketing can manage all campaigns across channels in Sugar and feed qualified leads to the appropriate sales teams with the click of the button. Sales people receive the tools and information to prioritize and close more deals. Customer support can view customer assets and account information to better handle customer requests. And executives gain visibility into the return on investment of marketing campaigns, up-to-date sales forecasts, and customer satisfaction levels through advanced reporting functionality.

Advanced Sales and Reporting Features

Sugar Professional accelerates sales cycles and helps executives make better decisions by providing the tools and information needed to keep pace in today’s market. SugarCRM® Reports and Dashboards allow users to gain real-time insight into how your company is performing across key areas. Sales Forecasts allow sales representatives and managers to gain a cleared understanding of quote attainment and reduce surprises at the end of the quarter.

Greater Control over Information

As companies grow, it becomes increasingly important to ensure the right people get access to the right information and that sensitive data is protected. Sugar Professional offers the workflow automation and team and field-level security controls that streamline the flow of information through your company while ensuring that sensitive  information is protected.

From the Cloud to Your Browser

SugarCRM is accessed through a web browser with maintenance and updates managed by Symbiotic Media. This lets you focus on your business while we take care of the rest. Offered as an annual subscription, reduces the risk inherent with traditional software purchases and allows your company to adjust usage levels based on need as well as manage your IT support costs more effectively.

Openbravo is an award-winning developer of professional open source solutions for businesses, offering the industry’s first real alternative to proprietary enterprise software. The web-based Enterprise Resource Planning (ERP) and Point of Sale (PoS) solutions, the most popular in their market, have been downloaded more than a million times and are used in over 50 countries.

Openbravo’s growth is fueled by an ever expanding international community of users, partners and developers such as Symbiotic.

Openbravo’s professional web-based open source ERP solution provides a unique mix of high-impact benefits:

Comprehensive: Broad, streamlined functionality

• Rich Functional Footprint: Integrated Accounting, Sales and CRM, Procurement, Inventory, Production, and Project and Service Management
• Integrated ecosystem of add-ons: Benefit from Openbravo and 3rd-party modules and industry verticals for a best fit implementation
• Scale with Ease: Grow seamlessly from single-instance to multiple tenants, organizations, localizations, warehouses

Innovative: True web-based open architecture

• Easy to Use Web Application: Simple and secure browser access to all functionality, with web services for easy interoperability with other applications
• Simple to Extend and Upgrade: Codeless & model-driven, allowing non-programmers to easily add new functionality adapted to unique needs
• Flexible Deployment: On premise or on the cloud, single or multi-tenant, on Windows or Linux, there are options for every needCost-Effective

Cost-effective: High value at predictable low cost

• Minimal Upfront Investment: Subscription model allows “pay as you go” customer control, and avoids capital expense
• Transparent Pricing: Easy to understand, no hidden fees, no haggling over price
• Quick Start, High Return: Go live quickly with a standard, best-practices implementation, incrementally extend and grow the solution over time

A large and growing portion of some of the most valuable demographics are spending more of their time and attention on Facebook and less on other channels and media. Not only are university and high-school students and teenagers fully engaged in social media but adults, professionals, and people from around the world. For example today, over 250 million people worldwide are active on Facebook each month, including 411,660 people  in Kenya.

However, most marketers lack a comprehensive understanding of the vast array of explicit and implicit marketing channels Facebook offers – many of which have changed with the “new” Facebook designs – and most of which are “viral.” Our goal here at Symbiotic is to provide an introduction to what’s possible on social media to the spectrum of marketers – from brand advertisers to volunteer grassroots evangelists. Tactics are divided into four categories: tools for guerrilla marketers, tools for advertisers, tools for application developers, and tools for webmasters.

Social media offers many ways to get the word out and enable engagement with your brand in more compelling ways than were ever before possible on the web.

Through thorough and regular penetration testing, I. T. and security professionals like ourselves can take action to prevent true “black hat” hackers from compromising systems and exploiting proprietary information. A regular electronic intruder has to find only one hole into an organization’s computers, but a pen tester has to find them all. This is not only somewhat tedious and even boring at times, it is very important for the Bank IT team to render all help required. A malicious intruder probably does not care about such things as accidentally damaging systems, or wiping log files to hide his presence. The pen tester is trying to keep from disrupting normal business, preserve records and logs, yet still trying to move about unnoticed. That said, we will have to have not only all of the intruder techniques possible, but also understand system administration as well as corporate life in general.

System Vulnerability Detection

SYMBIOTIC offers organization a fully detailed, exhaustive and comprehensive report listing all the network services, their vulnerabilities and recommended fixes. In layman’s terms we “show you how hack-able your network is” from Internal and external attackers. 80% of all security breaches occur from inside a network, 15% from outside the network with internal help and 5% is done by outsiders.

The importance of Internet security in an organization can never be overemphasized. The worst awakening for the IT personnel, management or clients is that of a day when they will get all their data for the last five or so years, gone.

At SYMBIOTIC we preempt such mishaps and give clients consultancy services to prevent the occurrence. We scan your network based on what you will authorize after a briefing from us. Based on the authorized tests, we give the clients a summary detailing intelligence of their working methodologies, as a hacker would collect it.

Intended Audit Scope

The proposed eSoftHack™ audit will cover the following areas of network concerns:

• Primary OSes

The primary rule of security is being with the most up to date and stable (not necessarily latest) Operating Systems and/or firmware running on critical network equipment e.g. routers, servers will be audited. We will test the devices for default insecure configurations, service packs and patch levels.

• IDS / IPS

If one is in place, we will test the IDS on its effectiveness to deduce and/or protect when the network is under attack either externally or internally. Any existing IDS will be put to test against spoofed and legitimate SYN, FIN, RST, XMAS and ACK packets from UPD or TCP connections.

• Internal Firewalls

Any existing access control firewalls or stateful packet inspection firewalls will be subjected to fire-walk, hping, netcat, cryptcat and other firewall evasion techniques. The firewall tests will also comprise the ability of the firewall to detect and stop SYN floods, tear drop attacks, ping of death, smarf amplification, DoS, DDoS, DrDoS and fDoS.

• Network Computers

We will check that the network complies with the rule that users access information on need-to-know basis only. Machines will be checked for Viruses, Trojans (especially RATs – Remote Access Trojans like Sub7 or DeepThroat), Malware and AdWare.

• Web Services and Applications

We will test the security of your web server (internal and corporate website servers) for security concerns. Internal machines will be tested for browser types and versions. Also machines connected to the Internet will be checked.

• Network Cabling and architecture

The network topology, ports and connectivity will be tested. The network will be checked against a number of security issues related to DHCP, transparent proxying, non-stateful packet inspection etc. The network will be checked for minimum access rights given on guest connection and also checked for availability of DMZ.
Network devices like Wireless Access Points, Network Switches etc will be tested for basic related hacks.

• Social Engineering

Complete network harmony in any organization is achieved when the IT staff and security policies complement each other. Hackers use the “Art of Deception” to get privileged information or get some tasks done unwittingly by receptionists, Junior IT staff and/or other staff.

• Internal Security policies

Policies for processes like server room access, IT staff termination, DHCP, Proxying, LAN access etc will be placed under scrutiny. Also processes like office stationery disposal, Quotas, Email Scanning will be checked.

Anatomy of the Hack

A degree of success in one or more of the methods above will either lead to a remote network access or just a step closer to a hack. For the success of this process, no unscheduled network changes should be done before and during the pen testing.
The whole idea of pen testing is to answer the following questions:

• How much data about CLIENT-X can a hacker get from external non-CLIENT-X sources?
• How much data about CLIENT-X can a hacker get from Internal IT sources?
• How much data about CLIENT-X can a hacker get from Internal non-IT sources?
• What internal network devices/resources are available to external users?
• What internal network devices/resources are available to internal guest users?
• What internal network devices/resources are available to internal legit users?
• What is the RAV of a hack?

This is very important for management and stake holder and helps answer a very sleep-depriving question: “how safe is the network?”. A very big percentage of ISPs, Companies and Corporate firms in Kenya, Uganda and Tanzania, whose network we have scanned randomly, live under “Security through obscurity”. They are in business because no one is bothering to hack them.
The anatomy of a standard non-destructive hack is:

Information gathering

• Getting as much network information as possible. This is done by using Social Engineering attacks to staff, port scanning, AFRINIC records, dumpster diving etc.
• Using information gathered to get more information.

Gaining Access

• On a minimum, a would-be hacker needs guest access to network equipment to be able to ‘look around’ the network.

• Privilege Escalation

• a. Once some form of access is got, a would-be hacker needs to be able to promote their account to a more privileged one or get another higher account.

The Hack

The hack is the ‘reason’ or ‘goal’ for the hack. It could be:

1. Get access to DB server.
2. Get access to Storage server.
3. Get access to email server to perform a MitMA or eavesdrop on emails.
4. Deface the organization’s corporate website.

Covering tracks

A hacker will do the following after a successful hack.

• Make sure there is a back-door in the network to allow access even if the initial hack account is changed or disabled.
• Patch the hacked server to make sure that another hacker does not get in using the same method for trophy purposes.
• Alter and/or Delete all log files to avoid detection.