IT System Security

Applying our IT system security capabilities to our clients’ environments, we help them identify vulnerabilities, manage risk, and implement security processes that improve the protection of their IT systems and critical resources.

Data Sensitivity Analysis – This process begins with the identification of an organization’s critical data and how these data are used. A determination is then made regarding the sensitivity and classification of the data.

Security Assessments – Examining computer systems, networks, information flow, administrative procedures, and security mechanisms to determine compliance with existing security policies and requirements. Assessing threat, providing identification and vulnerability analysis, and performing security functional and penetration testing.

Intrusion Detection and Audit Analysis – Designing an audit analysis capability that provides the appropriate level of detection for an organization, including identifying audit analysis and intrusion detection requirements and operating environment. Performing a vendor survey of existing COTS products, developing an implementation plan, building a prototype or pilot of necessary and integrating and implementing the selected solution

Security Awareness Training – Providing computer security awareness and training; including development of training modules and instructor’s guide and performance of the appropriate level of training.

Security Solution Integration and Implementation – Selecting appropriate security solutions and integrating these solutions into the client’s environment. Prototype and pilot development in our Information Assurance Center is frequently done before an enterprise-wide implementation.

Security Architecture and Engineering – Working with the client to define solutions that are non-intrusive, provide access to those who need it, and protect high-value, critical information.

Disaster Recovery – Providing disaster recovery, continuity of operations, and contingency planning support, including those for software applications, which are processed on various computer platforms. Assistance in this area includes reviewing and critiquing existing disaster recovery and continuity of operations plans, developing disaster recovery and continuity of operations plans, performing a disaster risk assessment, and recommending ways to increase the effectiveness of the plans and the continuity of service.