How We Establish Our Business Through Meetups?


Meetups are a great means to meet local entrepreneurs and enhance business networking. When the best brains meet and discuss their ideas, the amount of knowledge, business opportunities, service offering, advisory, and connections that can be gained is unimaginable. Understanding the potential of participating in events, Vmoksha CEO & Director attended numerous meet ups throughout the New York to network with people of similar mind or interest. The business connections they acquired from attending such meetups have opened doors to different challenges and possibilities to work on.

How we managed to get connections?

We constantly search for Meetups through online tools like and Eventbrite on topics that match with our Industry and service offerings. For the past 3 months, we have attended over 20 meetups related to IoT, Networking, Big data, Women Entrepreneurs, Sports and Entertainment and Food Tech, Health, etc that were conducted throughout the New York.

Pioneers and leaders from different organizations had attended and discussed their views on the current business scenario. We have also introduced and discussed our service specialties and observed that many entrepreneurs were keen to know more about our organization. This enabled us to reconnect with those persons who have shown interest in our products through Emails & Calls. Around 200 new contacts were added to our CRM and through emailing, we were able to be in touch regularly with those contacts.

How Meetups Benefited Us?

  • Got a chance to exhibit our newly developed product, IONHACCP.
  • Discussed and shared knowledge on industry trends, technological advancements, etc.
  • Found opportunities in partnership programs
  • Met industry experts, reconnected with old friends and driven business opportunities from these connects.

Meetups helped in spreading our brand awareness and enabled us to understand the opportunities waiting for us and the channels that we need to focus.

5 Ways We Leverage Grammarly at Vmoksha

Even a perfect writer needs proofreading to avoid the embarrassing typos and grammar mistakes. At Vmoksha, we create plenty of content as a part of our daily deliverables especially blogs, emails, social media engagement, etc. Therefore, to minimize the hassle associated with proofreading, we have integrated Grammarly into our business process and leveraging its benefits for over a year.

Grammarly enterprise benefits

Here are few of our favorite features from Grammarly.

Grammarly for Blogs

As a part of our regular blogging process, our technical writers need to write or proofread several blogs for the company as well as for the clients. Sometimes, while proofreading the content, we overlook minor spelling or grammar mistakes as the context is more important. Grammarly, the most accurate grammar and spell checker is helping us in minimizing the grammatical errors in the content which may distract our readers from reading the blogs while allowing us to focus more on the context.

Grammarly makes blogging easier by suggesting mostly accurate and valuable corrections that we might have unnoticed. It checks for incorrect article usage, wordiness, passive voice, incorrect modifier usage, and other grammatical concerns. It also helps in Vocabulary enhancement by suggesting synonyms for words throughout the article.

Grammarly for Word

The Grammarly add-in for Microsoft Word assists us while preparing technical documents. Our business process includes several technical documentations, manuals, case studies, etc., which needs to be created in the word document for better depiction with images and graphical representation. The technical documentation contains plenty of content and needs a lot of attention and time to check every word and sentence. Grammarly simplifies our work with its precision in finding mistakes we ignored.

Grammarly for Browsers

The Grammarly extension to browsers such as Chrome, Mozilla, and Safari helps us in understanding any blogs, documents, etc., while reading online. The tool features such as thesaurus, and dictionary will provide meanings and synonyms of any word with just a double click and make the sentence more understandable. It also supports with spell and grammar checks on any text editor in your browser.

Grammarly for Emails

Grammarly extension allows us to send emails with confidence for effective communication. Sending error-free emails to clients and customers is the most important part of a business and we are achieving it efficiently through Grammarly.

Grammarly for Social Media

We also leverage Grammarly extension when we are posting and commenting on social profiles such as Facebook, LinkedIn, Twitter, Google+, etc. Grammarly proofreading for social media posts will help us to correct the mistakes before posting which rescues us from the limitations of Twitter and LinkedIn i.e., no edits after posting.

Overall, Grammarly is a tremendous tool that aids every blogger or technical writer with speed over accuracy. However, the premium version has more advanced features such as Plagiarism Checker, Vocabulary enhancement, and Finding advanced issues, which enables you to experience the full-fledged advantages from Grammarly.

Challenges without External Hardware

With the world moving towards Mobility, there are umpteen applications available in the market to capture data. However, businesses have to still largely depend on external hardware scanners to capture data related to identity. Recently, at Vmoksha we developed an application that required barcode scanner integrations. We decided to develop the application using in-app barcode scanners and initiated the project.

Let’s discuss some of the challenges we faced while using the in-app barcode scanners.

in-app barcode scanner


Barcode-scanning applications on mobile devices rely on “display aiming,” which requires a user to find the barcode when it appears on a device screen; align the barcode with a virtual aimer, and keep still long enough for the device to focus, capture, and decode the barcode. This can delay the time taken to decode.

Integration with internal applications

Integration of application with available barcode readers can be tricky especially when customization is required. We tried integrating barcode readers in the app, where a front camera is needed for scanning. Initially, it was difficult to find readers that allow reading barcode from the front camera; but to achieve the required response time was a roadblock due to the quality of the front camera.

Quality of barcode

Almost all the in-app barcode readers fail when the barcode is damaged or distorted. The quality of the barcode degrades as the product moves along the operations or due to wear and tear. The risk of no reads can be reduced with some of the external barcode scanners, which are equipped to read the damaged barcodes.

User Experience

The speed of delivery and ease of use plays a very important role in user experience.

The above-discussed issues will impact the acceptance of the application by the customer. In-app readers would be a good choice from cosmetic aspect but external hardware scanners that can be seamlessly integrated with the application and with better speed are still better suited to bring about positive user experience. Hence, eventually, we delivered the project using external hardware scanners and successfully implemented at the client side.

Role of Scorecard in Prioritizing Feature Set & Positioning our Product among Competitors!

Vmoksha is going to launch a comprehensive Food Hygiene & Safety Management System to assist Food Manufacturers and Processors in maintaining their food safety and quality. We named it Ionhaccp to convey users that our product ensures HACCP compliance, which is a fundamental requisite for food businesses.

We thoroughly understood the requirements from the global food market and designed ionhaccp with advanced features to compete with the current key market players. Considering future trends in food safety, we also integrated IoT technology to our product, which can capture Critical Control Points to prevent food safety hazard. IoT not only simplifies the task of capturing critical data but also gives valuable infographics and sends alerts to user’s mobile devices if anything goes beyond the predefined limits.

Prior to designing our product we have analyzed different feature sets available in the market. During the process of analysis, we have given scores to each and every feature based on the feature significance and availability, which helped us in understanding the weightage and priority of the features.

Let’s see how Scorecard has helped us in prioritizing ionhaccp features & competitively positioning of our Product.

Before we start, let’s know the basics –

What is a Scorecard?

Scorecards have scores (Weights) given for each product features on the basis of their priority. The scoring method helps to rank your features and understand which features are crucial to include in your product. While there are many inputs that ultimately go into a product decision, a scoring model can help the team have an objective conversation.

Why to calculate weightage and scoring?

To have a comprehensive view of major competitors’ products, their feature set, and to identify the potential gap. Arrive at an optimum feature set to gain market share.

What is our approach to achieving that?

  • Identify the key players
  • Identify the key features
  • Comparative analysis of features
  • Develop scorecard

How we Prioritize our Product Features?

Our team has conducted a thorough research online and offline and came up with all possible set of parameters (Features) and top market leaders (Competitors). Next, we have created a table with Competitors Products and listed all features available from all the competitor products.


As shown in the table above, we categorized the features into different heads. Narrowing the features was based on factors that impact Operational Efficiency. Following are the factors that determine the success of an effective product.

  • Functional
  • Technical
  • Architecture
  • Support
  • Licensing & Documentation
  • User Experience
  • Pricing
  • Security
  • Market Share


Figure 1 – Feature & Competitors Representation

Next Step in the competitive analysis is to figure out the list of features available or missing in all the products. Then, we have to identify the list of important features and give them scores. Scores are weightage given to each feature listed based on its operational efficiency or significance.

First, we need to give maximum values to the score column; here we have given value 5 for the features that are inevitable. This means, for any feature which is given a score of 5 is considered of high priority (5 being the maximum score). If a product feature seems of least significance, we gave it a weight of 1 (1 being the lowest score). Based on the maximum values given in the Score column, we gave weights for our competitor’s products as well as our own product for each feature listed under the head. It must be noted that a product expert team after detailed analysis of competitors should give the weightages.

Once all features are given weight on 1-5, our Scorecard table was looking like this. (The data represented in the picture are completely based on our analysis and not taken from any outside sources)


After allocating the proper scores, it’s time to see the total scores obtained for each product listed. Summing up all the scores vertically gave us the total scores obtained by each product. Once it’s done, we were able to find out which player has obtained the maximum scores and see the ranks obtained by each player. This is how our scorecard total looks like after summing up.


Now based on the total scores obtained, we could easily determine the ranks for each product. Hence, we were capable of finding our product’s rank & thereby where our product stands among the competition. Representing scorecard details graphically or tabular format is much easier to understand. Let’s see how we showcased our scorecard details.




Based on our competitive analysis and the scoring, ionhaccp will be able to offer the must-have features as identified in the scorecard and will become one of the top 3 key players in this segment.

Why Vmoksha Switched to MailChimp for Internal Corporate Communications?

Like all Marketers, Vmoksha has become aware of Mailchimp through its high reputation in providing Email Marketing services to clients worldwide. Mailchimp is regarded as one of the top players in Email Marketing services and is a secure platform that allows you to send marketing emails, automated messages, and targeted campaigns. Mailchimp user experience was so great that we familiarized with the tool and conducted campaigns for our clients in no time. The tool helped us to create newsletter designs for our clients and also automate the emailing process, helping us convey the right message for our clients at the right time.

Impressed with the outcome of our campaigns, our management came up with this idea “Why don’t we use it for our internal corporate communications as well?’’

At that point of time, Vmoksha depended on Google Mail Services (Gmail) to send any communication internally, be it New Joinee information, Wishes for Birthdays and Special Occasion, Holidays, Product Launch or other vital information. We sent these emails through a group with all Email IDs of our employees and named it Vcommunique. We follow an approval procedure for Vcommunique requests through our internal ERP and once approved the content is posted in the mail body of Gmail (platform) and sent. There was no option for us to design the template or track the emails sent. Gmail Platform was reliable, but tracking, analytics, and reports on emails sent were not available, at least yet. We moved soon to Mailchimp and are happy that we did because the capabilities and potential of this tool were beyond our imagination. The basic plan has most features suitable for internal communications.

Let’s see how we made the most of this tool.

How Mailchimp transformed our business?

Email Templates

Designing an email template on Mailchimp is complacent than ever before. The wide ranges of themes available and the options to design our own template with images and CTA buttons helped us in reaching our employees with the most alluring design templates that probably increased our number of views than earlier. Thanks to MailChimp! Now our internal newsletters are a way appealing. Here is a template designed for one of our product launches.


Email Tracking

While using Gmail we were not sure of how many opened, read, and subscribed to emails. Again, Mailchimp helped us in tracking details of particular campaigns in the means of delivery status, how many opened, subscribed, click rates, click maps, etc. The tool also allows us to capture geographical information of recipients who opened the mail, as well as the bounced email details.

Mailchimp Campaign


Mailchimp provides detailed reports of campaigns such as number of recipients, delivered date, bounced, open, clicked, unsubscribed, last opened, forwarded, etc. From the reports, we can understand the top clicked URLs, top opened locations, most opened subscribers, and social shares. The tool also has provision to print, email, download or share these reports, allowing reports and statistics to be communicated quickly. The generated reports help us in understanding the enhancements needed to achieve our goals.

Mailchimp Reports


Automation/Scheduling Emails

MailChimp automation allows us to create a targeted series of emails that will be automatically sent when triggered by a specific date, event, or subscriber’s activity. This feature saves us huge amount of time and efforts for sending out recurring or periodical emails. Also, if a particular mail has to be sent during a specific time of the day, Mailchimp will allow us to schedule it.

Dashboard View

The Dashboard view of Mailchimp is very informative as it gives us an overview of the Overall audience for our campaigns in terms of Subscriptions, Bounces, Unsubscriptions, Subscriber growth, and Subscriber sources.

Mailchimp Graphs

Graphs Mailchimp

Dashboard also features Overall campaign Engagement by representing Total Mails Delivered, Opened and Clicked data graphically. It helps us understand our overall campaign details for the past week, a month or even a year.


Mailchimp can be integrated with numerous applications like Facebook, Twitter, Gmail, SalesforceCRM, SugarCRM, Drupal, Analytics and much more, allowing to get leads and share and to track our efforts.

Integrations Mailchimp

These are just a few of our favorite features of MailChimp. It has the power to personalize and automate the marketing and is one of the simplest and easiest ways for better internal corporate communication.

Design Journey of ionhaccp

Logo Design

Designing a strong, coherent product identity is one of the most challenging tasks in graphic design. It is a unique opportunity to create something that will go on to be used in many different places, applications, and designs.

Almost two months back, I was approached by a company to design a promotional website and logo for their new product. This was an exciting and challenging new design project for me.

Product Brief

The initial brief did not fully encapsulate what the product or the business is about. Client indicated that he wanted something that reflects professionalism, quality, uniqueness, and innovation. As a further explanation of what product does, the client wrote, “The product is food safety compliance solution called ‘ionhaccp’ to streamline the process of food and hygiene safety management from farm to fork” and a crisp list of bullet points about product and brand.

Wire-framing and Initial Sketches for Website

With the brand boundaries established, I could move onto getting my fingers dirty. The first step was to create the wireframe of the website. I started with a vertical layout with around five sections in my mind from the story, features, and solutions that product provides. After a couple of iterations and experiments, I finally had the first prototype, which I showed to the client.

ionhaccp logo designwireframing-illustrator

For collaboration, we used invisionapp as all the persons involved can have a look and comment on each element, it makes discussion on project assets really easy and safe at the same time. The first response I got from client, said,

Great job. This is very close to what I am thinking.”

And like with any good design process, tweaks had to be made. Once the website design started coming together, I went ahead with icons, images, typography, other sections and color scheme for the website.

Website Assets

I created a custom icon set for the website and for the color scheme I went with blue as hero color because of its professional, loyal and pleasing nature. Choosing the shades of blue was the fun part and of course created some other palettes too for variations.


and for the color scheme I went with blue as hero color because of its professional, loyal and pleasing nature. Choosing the shades of blue was the fun part and of course created some other palettes too for variations.

ionhaccp design

For typography, the first option given by me was Niveau Grotesk. The fonts are based on geometric forms and because of its straight architecture; it has a “punch” in big sizes but is very legible in smaller sizes and longer texts—in print or on screen.

Logo Design

The next stage was creating the logo. The challenge that I had when creating the ionhaccp logo was trying to incorporate different modules of the application and trust me, there are so many starting from IOT, data analytics, big data, machine learning and auditing to food hygiene and much more, other than a just a tablet application.

So the big question was what symbol is going to represent this product?

I started with rough sketches on paper and then experimented with them on the computer.

ionhaccp logo designEastern 0%

Eastern 0%

There were multiple iterations for logo unlike website design as the client’s idea of how the logo has to be was not in-tune with my perception. To work around these challenges, I decided to go for a minimalistic approach of using wordmark instead of symbol. Again, I started to scribble down ideas and then booted up Adobe Illustrator to test out a range of type treatments, ranging from thin and modern sans serif to cursive and slab serif fonts.

logo options1 logo options2

Continuous ideas and concepts developed the logo into five possible concepts, which were then sent to the client. The client seemed to have liked one of those but not completely satisfied. I created color variations of it for darker and lighter background to put on the website as it was going to be live soon.

ionhaccp logo design

Even if you have a strong concept, if you cannot execute the design well according to client’s expectations, then the logo can and will be a failure. Hence, the process of logo creation goes on…

Business Continuity Plan (BCP)

Business Continuity is crucial to surviving in this highly competitive world. A single downtime can cause disasters to the businesses today. Therefore, the organization has to be prepared to respond to the events that may happen in order to minimize the losses and remains viable as usual.

An effective Business Continuity Plan (BCP) must include a collection of procedures and information that is maintained in readiness for use in the event of a disaster.

What is Business Continuity Plan?

BCP primarily deals with the recovery of Services, Operations, and Systems that are able to return to acceptable service levels when disrupted by natural disasters such as Tornado, Flood, Electrical Storm, Fire, etc.


The process of restoration (i.e. returning to normal levels of services) at the site of disaster will be carried out depending on the type of disaster and the level of damage to the assets at the site, after analyzed by BCP committee and other stakeholders.

Business Continuity Life Cycle

The continuity plan must be specific and render clear action points and goals during every possible scenario. The business continuity life cycle includes components such as Identify, Analyze, Design, and Execute.


a)    IdentifySignifies the products and services that need to be delivered in relevance to the mission of the organization

b)       Analyze – Analyses the current recovery capabilities in the organization with continual tracking mechanism

c)     Design – It is the cost-effective disaster recovery tool where the minimum application and data requirements are available during a disaster

d)     Execute – With Plan, Do, Check, and Act, a model for continuous improvement, the design of Disaster Recovery plan needs to be oriented towards Business recovery

Planning Business Continuity

1.       Risk Assessment

Risk is a possible event that could cause harm or loss, or affect the ability to achieve organizational objectives. The risk is assessed by the probability of a threat, the vulnerability of the asset to that threat, and the Impact it would have if it occurred.


The process of Risk management involves in identifying action items, prioritizing, evaluating, and eventually mitigation. Risk mitigation strategies namely, Risk Acceptance, Risk Avoidance, Risk Limitation and Risk Transference play a pivotal role in Risk Management

2.       Business Impact Analysis

Business Impact Analysis (BIA) is a streamlined process, which determines and evaluates the potential effects of an interruption to critical Business operations as a result of Disaster, Accident or an Emergency.


a)      Identifying  vulnerabilities – Vulnerability is a weakness that is exposed to the threat. It can be Internet browsers, Email client programs, Web application, Antivirus and DNS software vulnerabilities, Database vulnerabilities, and configuration mismatch in networking products such as switches, routers, and firewalls, outdated security policies and procedures

b)      Analyze potential loss - Human Resources, hardware or software malfunctioning, and physical disaster damaging the security network, are few of the potential loss in an Organization.

c)       Recovery plan – Adapts Plan, Do, Check and Act (PDCA) cycle, Implementing Business Continuity / Disaster recovery plan and periodically upgrade security policies and procedure adhering to organizational goals

d)      Implementing solution – They include system maintenance i.e. applying software patches, adopt best practices in deployment i.e. use of Firewalls and access controls

e)      Document reports – Document evidence will be a blueprint adhering-to continual improvement by periodic IT security audits and Risk Assessment maintenance


 3.       Design Strategic Solution

Strategic Business Units (SBU) adapts recovery plans ensuring that there is no downtime that impacts the business.


Triggering assets

Recovery Strategy

Fire / Flood Damage of Premises,                      Loss of Systems Mirrored data center and secure workplace
Bomb Threat Denial of Access to Premises Work from home or fall back to Recovery site
Supplier Failure Loss of Systems Deploying high availability Hardware in production environment with systems falling back to recovery site and with users stationed in usual premises


4.       Measurement – Plan, Testing, and Maintenance

The objective of Business Continuity Disaster Recovery is to provide an alternate processing site and return to the primary site within a minimal time frame whenever any disaster occurs in the secured systems.

Steps in Business Continuity Recovery


It is a comprehensive approach to dealing with the Restoration (Time of Recovery) of computer systems (Data availability) with all attendant software, with full functionality, under a variety of damaging or interfering external conditions that Businesses face from time to time.


Business Continuity Plan (BCP) connects Disaster Recovery (DR) and System recovery with-in the time frame that processes should be recovered (Maximum Tolerable Outage) for uninterrupted functioning of the business. It is a combination of technology associated with business.


Defect life cycle, a.k.a Bug life cycle is the journey of a defect cycle from its identification to its closure. A defect undergoes different states during its lifetime. But before going deep about the defect life cycle phases, it is important to know few fundamentals.

Error – Defect – Failure

Finding flaws in software has never been easy. Rather, it has always appeared to be challenging for the entire team, who are working on its successful completion. The words Effect, Defect & Failure seem to be same, but their meaning varies depending on the context/situation. Error leads to Defect, which further leads to Failure. It is a chained process which has to be rectified in a little while to avoid business impacts.

Defect Life Cycle


The term ‘Error’ means human-made mistake/misconception related to design or a deviation from the actual business requirement. If the authorized person gathers client requirement erroneously, it is referred as Error.


The error in coding or logic part is referred as Defect/Fault/Bug. If the development team coded the mistakenly gathered requirement, it results in a fault.


Failure means any deviation from the desired result. The fault made in coding leads to unexpected results that are different from the end user expectation. In that case, we say the project landed in ‘FAILURE.’ 

Defect Life Cycle

Defect life cycle has many stages from open/new until closed or re-opened and it varies from project to project.

Defect Life Cycle

It looks arduous, but if you consider these significant steps, it is quick and easy to find and eliminate a bug/defect. The whole process is explained with different scenarios:


Scenario One

             NEW                                                                                              ASSIGNED


The moment a Test Engineer finds a bug, he should raise the defect with the status ‘Open/New.’ The development team will validate the defect and assign it to a developer changing the status to ‘Assigned.’ The developer will fix the issue and changes the status to ‘Fixed.’ The test engineer performs testing, and if the issue is resolved, he will change the status to ‘Close’ otherwise to ‘Re-open.’

Scenario Two

             NEW                                                                                           DUPLICATE


Sometimes the defect status is mentioned as ‘Duplicate.’ Duplicate defect means the same issue is raised by person A and person B.

NOTE- There is a contrary to this scenario. If a defect has been raised and closed in the past and if the same defect arises in the future, then it is called as ‘New Defect.’

Scenario Three

             NEW                                                                                              INVALID


Invalid/Rejected are nearly similar words. If the developer team finds that when a defect raised by test engineer is invalid, then the developer will change the status as ‘Reject.’

Scenario Four

             NEW                                                                                             PCR/RFE


Product change request or Request for enhancement is considered when there is a need for enhancement type. This may not be determined as defect. For example, let’s consider Gmail application. It has multiple features, and one of that is deleting multiple emails at a time. If this feature is not there, the test engineer should raise a request for enhancement not as a defect.

Scenario Five

             NEW                                                                                          POSTPONED


If a defect is decided to be fixed in the next release, it is stated as ‘Postponed/Deferred.’ The reason to postpone the bug may be like low priority bug, lack of time or the bug may not have a major impact on the software.

Scenario Six

             NEW                                                                                           CANNOT BE FIXED


The possible reason for this situation to arise is more of technology related. Each and every language (JAVA, C, C++, .NET……etc) has their own limitation. So, due to these limitations, this kind of scenario may arise. The other reason may be, the cost of fixing the defect is more than moving with the defect.


Defect tracking and management are the important aspects of Testing/Development. If dealt properly within time, it saves a lot of time and also increases the productivity.

Information Security


International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) form the specialized system for worldwide standardization. In the field of information technology, ISO and IEC have established a joint technical commission, ISO/IEC, to preserve the confidentiality, integrity and availability of the information.

ISO standards in action

The International Standard is designed for Organizations to customize as a reference in selecting controls within the process of implementing Information Security Management System (ISMS) and acts as a guidance document for organizations to execute commonly accepted information security controls.

Information Security

Image Source

For businesses, International Standards envisage that the standards are the strategic tools in reducing costs by minimizing inaccuracies and increasing productivity.

Information security requirements

The process of creation and origination through storage, processing, use, transformation until destruction is known as information Life Cycle. Information security remains crucial at all the stages of the life cycle as the unauthorized disclosure or theft of information may impact the core business.

The three main components of Information security requirements are Confidentiality, Integrity, and Availability.

Information Security

Image Source

Confidentiality is the set of guidelines that confines access to information (piracy)

Integrity is assurance that the information is reliable and precise

Availability is a guarantee of consistent access to the information to the authorized stakeholders

Controls selection and implementation

The controls are the guiding principles for Information security management, and their selection is dependent on organizational decisions, based on risk acceptance, risk treatment options, and generic risk management approach pertinent to the organization.

Information Security

Image Source

Information security management system process and Audit cycle 

Audit Cycle

Gap Analysis and Risk Management Analysis are crucial in the ISMS process.

Gap analysis

Gap analysis is obligatory for an organization as it provides a comparison of your security program to the overall security best practices to find out where the vulnerabilities and risks are lurking. This analysis is mandatory in ISO27001 while developing Statement of Applicability (SOA), and is performed subsequent to the risk assessment implementation and risk treatment plan.

Gap Analysis

Image Source

Risk management methodology and framework in ISMS

Risk management is a fundamental part of a company’s management process that deals with the identification, communication, treatment, and acceptance of security risks.

Risk Analysis

Image Source

ISMS provides a framework to simplify the process of risk assessment and treatment. The Threat & Risk Assessment (TRA) and Risk Treatment are two important components of the ISMS framework.

TRA – Identification, analysis, and evaluation of risks together comprise the TRA

Risk Treatment – Development of a risk treatment plan to address the risk exposure to the assets that are identified in the threat and risk assessment process

Risk treatment

Image Source

Evaluating risk

Risk exposure values in terms of likelihood of occurrence and level of impact can be determined using the below risk matrix table.

Matrix Table

Risk treatment plan and Mitigation analysis

The Risk treatment includes:

a)      Accept  – do nothing and accept the current level of evaluated risk

b)      Avoid – cease doing the business activity that brings the possibility of the threat occurrence

c)       Transfer – pass the responsibility for implementing mitigating controls to another entity.  Responsibility for threat and risk management remains the liability of the organization

d)      Reduce – implement controls to reduce risk to an acceptable level

Mitigation is elimination or reduction of exposure to risk.


Business Continuity Plan (BCP)

Business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to the company. BCP plan will include any incident that could negatively impact operations damaging critical infrastructure services. Risk Management is incorporated as part of Business Continuity Plan.


Image Source

Disaster Recovery

Disaster recovery planning begins with a Business Impact Analysis (BAT).

BAT works on two key metrics

  • Recovery Time Objective (RTO)
  • Recovery Point Objective (RPO)


Image Source

Recovery Time Objective (RTO), which is the maximum acceptable length of time, a business process can be restored after a disaster.

Recovery Point Objective (RPO), which is the maximum targeted period in which data might be lost from an IT service due to a major incident.

Please click here, to know more about Disaster Recovery.


Information Security is the practice of defending information from unauthorized access, disclosure, disruption, modification, recording or destruction.

ISO27001:2013 certification analyzes information security as a blueprint for Information security requirements, Control selection and implementation, Audit cycle, Risk Management, Business Continuity Plan and Disaster Recovery.

Vmoksha Technologies is an ISO27001:2013 certified company, which gives added reassurance to the customer’s data security.

Deploy Applications to AWS Cloud in a Jiffy!

Amazon Web Services (AWS) is the most favored cloud provider for Dot Net developers because of its flexibility, scalability, and reliability. It is a cost-effective computing resource solution that is designed to assist application developers to host their applications quickly and securely. AWS helps businesses to reduce capital expenses and administrative costs and retains the security, performance, and reliability requirements your business demands.

Here, I have provided a detailed step by step procedure for deploying your applications to AWS cloud. Before moving to the procedure, check out the basic prerequisites.


  • Add AWS SDK Package to Visual Studio. (To explain, here I have used Visual Studio community edition. This is the most preferred approach for the first time deployment users).
  • To add AWS SDK Package, click here and download the AWS Toolkit for Visual Studio.

Steps to Deploy

#1. Open your application using Visual Studio. Click Build from the menu and select Publish to AWS.

AWS Deployment

#2. Once you click on the Publish to AWS, a popup screen will open as shown below.

AWS Deployment

#3. Select the account profile if it is already created or create a new profile. To create a new profile, click on the Profile icon. A popup screen will display as shown below.

AWS Deployment

#4. You can get the account ID and the Key information from AWS management console. Click Account Identifiers to get account ID and Access Keys to get the Key information. Fill in all the fields for profile creation and click OK.

AWS Deployment

#5. If you are deploying first time, chooseCreate a new environment under deployment target. Also, choose your required Region for deployment. Click Next to proceed further.

AWS Deployment

#6. Select the environment tag and enter the details to create a new environment. Check the availability of your URL, and if it exists, modify URL to a different name. Click Next to proceed.

AWS Deployment

#7. Configure the environment as per the requirement and click Next.

AWS Deployment

#8. Select service roles granting permissions to your application and click Next.

AWS Deployment

#9. Specify the build configuration, app pool runtime, and app path.

AWS Deployment

AWS Deployment

#10. Review the environment configuration and click Deploy to start the deployment.

AWS Deployment

#11. The deployment event details will be shown in your visual studio window as shown below.

AWS Deployment

Now click on the URL shown after the successful deployment.


Migrating applications to AWS cloud is simple and fast as mentioned above. Whether it is an existing application or a new SaaS-based application, AWS eases the migration process and helps dramatically increase both the effectiveness and efficiency of your business process.