We are a Managed Security Service Provider (MSSP) delivering Computer Network Defense (CND), Common Operating Picture (COP), System Engineering Technical Advising (SETA), Security Information and Event Management (SIEM), Information Assurance (IA), and IT Service Management (ITSM) based on industry standards such as ISO/IEC 20000, NIST Special Publications and ISO/IEC 27001.
Information Assurance and Computer Network Defense (CND) Services:
Information Assurance: IA Engineering and Management
The term Information Assurance (IA) has come into use in recent years to indicate security-related concerns that extend beyond the traditional scope of information security or network security. Effective security solutions don’t come in a box; maintaining firewalls and intrusion detection systems are not comprehensive security practices. We work with organizational executives from security assessment to continuous monitoring to stabilize and secure your information systems with policy, procedures and technology.
We offer various IA Engineering and Management services to meet your security needs:
- Organizational Security Assessments (Policy, Procedure and Standards)
- Network Profiling and IT Audit review for external and internal threats
- Vulnerability Scans to establish configuration management baselines
- Security Program Development and Governance
- Security Certification and Accreditation (C&A)
- Software Change Management Consulting
- Maturity and Compliance Reporting
- Penetration Testing
24/7 Network and Security Operations Management
Highly trained, certified and experienced security analysts are always on duty to monitor network and systems from threats that never sleep. That is why we work around the clock so you don’t have to. We provide log management and intelligence 24/7 to maintain vigilance and compliance to various security requirements.
We offer various services levels to meet your compliance needs:
- Network Security / Border Defense (Firewalls, IDS/IPS, etc.)
- Security Information and Event Management (SIEM)
- Enterprise Log Management and Intelligence
- Security Threat Intelligence
- Host IPS & White listing
- Incident Response
24/7 Network Support and Helpdesk Operations
Additional services we offer include Staff Augmentation, Network Health Monitoring and Alerting, Identity and Access Management, VPN Administration, Two-Factor Authentication, System Administration, Database Administration and a comprehensive ticketing system with Executive Level Dashboards.
IT Security Audit & Assessments
IDEFSYS's Audit and Assessment services offer assessments specifically tailored to address regulatory issues for defense, financial services, utilities and healthcare. We work with your executive and administrative teams to gauge the current business risks and threats to your mission critical IT assets, and to assess the current state of your security posture as compared to information security best practices and regulatory guidance. A gap analysis also allows IDEFSYS and your company sufficient control visibility to set objectives and priorities for remediation efforts. These assessments allow you to document and represent current control activities to regulatory auditors and examiners in the best context possible, as a proven best practice. We cover a wide variety of compliance audit and assessment needs:
- PCI Compliance
- GLBA Compliance
- HIPAA Compliance
- DIACAP Compliance
- NERC/CIP Compliance
- SOX IT Control Documentation
- ISO/IEC 27001/17799 Compliance
- ISO/IEC 20000/ITIL/ITSM Compliance
Temporary CSO/CISO/CRO
Organizations and Firms are realizing the emerging and critical need for a Chief Security Officer (CSO) that can analyze, communicate and resolve personnel security, physical security, information security, security governance, security risk management, IT audit and various compliance requirements. But many firms cannot afford to hire a full time CSO. We offer a temporary CSO or Chief Risk Officer to manage the development of a complete security program from the organizational security assessment to continuous security monitoring.
|