Securing online assets and supporting regulatory compliance by exposing the vulnerabilities on the network
ITL’s Risk Management Service provide a thorough assessment of the risks on your environment by our information assurance experts who build and deliver a comprehensive package. The Risk Management Service includes all the required documentation and reports detailing the system/application and assessment results. It is prepared in accordance with agency needs, applicable standards such as NIST or DIACAP and best practices.
The ITL Information Assurance Team consists of IT security experts, many of whom are Certified Security Professionals (e.g., CISSP, CRISC) as well as certified IT product specialists. Our senior project leaders have been working in the information assurance industry since its inception. Benefits of ITL Security Assessment services include:
• Simplify and standardize NIST, DIACAP and DoDIIS compliance
• Meet FISMA requirements and improve FISMA scores by providing comprehensive, standardized, quality system/application security assessment documentation
• Improve security posture by incorporating risk evaluation and risk mitigation recommendations
• Quickly comply and build a sustainable, affordable Security Assessment program for ongoing risk management/continuous monitoring
Business continuity planning is the process that helps organizations prepare for disruptive events—whether those event might include a hurricane or simply a power outage. ITL’s involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency.
Business, security and IT leaders should work together to determine what kind of plan is necessary and which systems and business units are most crucial to the organization. Simply put a strong organization with the right continuity capability solution, also known as Continuity of Operations (COOP). The ITL continuity service has the proven continuity capability that can help you plan, react, and adapt to almost every kind of disruption and emergency.
Our plan works on 4 key components:
• Planning: The first key element of your organization’s security is its planning and program management.
• Staff Training: Extensive training that equips the organization with well-informed people in case a disaster strikes.
• Facilities Preparedness: The protection, availability, and recovery of mission-critical assets and information. Some of our strategies include data links, and tele-work capability.
• Technology Implementation: Our team of continuity professionals helps you stay communicating during and after a disaster.
Policy compliance is a responsibility of any organization. Maintaining a compliant position that compromise both local specifications and ever-changing state and federal laws and regulations is challenging and time-consuming.
The services we provide at ITL can give access to a range of independent & cost effective support services to help you meet or exceed your regulatory obligations & by doing so improve your business performance & profitability. We have developed a broad range of expertise and experience in compliance support and can provide the following services:
• Perform compliance with industry laws and codes assessments
• Perform security compliance assessments
• Ensure security policies and practices comply with relevant regulatory authorities
• Provide guidance and assistance in relevant compliance issues
• Develop policies/guidelines and checklists for adherence to regulatory requirements or to address risk issues
Policy Development & Training
Policy making is a mandated responsibility of any organization. Developing and maintaining effective policies that compromise both local and federal laws and regulations is a difficult task.
Our staff has expertise in various areas of knowledge, standards, and regulations, and we employ our tools and skill-sets to quickly and correctly recommend actionable policies that are specific, realistic, and time-framed.
Agency leaders use our Policy Analysis and Development expertise to design operational and programmatic changes, to set performance goals, and to put viable results metrics into place. Our experiences staff can help your organization develop and implement policies from information security performance operations benchmarks needed to meet agency and regulatory standards.
Our training staff can help your organization’s staff comply to new and existing policies. The training can provide you with the following features:
• Provides guidance for allocating department resources such as trainers, money, and time
• Gives a broad direction to training activities
• Outlines the authority given to the training department, as well as the limits to that authority
Continuous vulnerability assessment of your IT assets, including web applications and databases, is essential to effectively managing your infrastructure and avoiding policy violations. ITL’s Hosted Vulnerability Assessment Service provides cloud-based internal and external infrastructure scanning through a single portal helping clients easily manage vulnerabilities, remediation, and compliance requirements.
ITL offers Comprehensive life cycle-based approach toward vulnerability assessment with advanced scanning technology using best-practices and leading techniques. We leverage temporal risk reporting, which factors in how long vulnerabilities have existed and whether they have been exploited elsewhere.
• Cloud-based scanning service for large and small businesses that need to implement vulnerability scanning to comply with internal policies or external mandates and be proactive in securing their Infrastructure against increasing threats.
• Reduces false positives and provides prioritized remediation steps and data to help you more effectively manage risk and reduce threat exposures.
• Reporting is detailed and customized. Scan results can be analyzed on a per scan or an aggregate data set to accurately report current security posture.
• Helps achieve industry compliance standards and regulatory policy.
• Reduce cost and complexity of security maintenance through ITL managed cloud-based services.
• Classifies IT assets and vulnerability data to assist client in understanding security posture.
• Effectively manage risk and save staff time by providing instructions on how correct vulnerabilities.
Securing company assets and maintaining regulatory compliance is an ever-increasing, ever-changing challenge for organizations. ITL’s penetration testing (PT) services leverages the IBM platforms to help determine the holes or vulnerabilities on your network while demonstrating how attackers can negatively impact your business. Our PT services are a safe and controlled exercise performed by security experts. The result is a detailed security roadmap that lists the findings in order of criticality and provides specific guidance and recommendations for reducing exposure.
• Provides a detailed analysis of infrastructure security
• Delivers a safe, quality service by a security professional
• Conducts real-life demonstrations of covert and hostile activities typical of malicious attackers’ attempts to compromise perimeter devices and security controls
• Provides a detailed impact analysis of the demonstrated attacks
• Prioritizes the discovered risks and defines immediate actionable items to improve security posture
• Identifies vulnerabilities and risks on your networking infrastructure
• Validates the effectiveness of current security safeguards
• Quantifies the risk to internal systems and confidential information
• Raises awareness of corporate liability
• Provides detailed remediation steps to prevent network compromise
• Validates the security of system upgrades
• Helps protect the integrity of online assets
• Supports efforts to achieve and maintain compliance with industry and government regulations
Legal, regulatory and compliance mandates, dynamic and complex operating environments, growing remote and mobile workforces, and an increasingly hostile threat environment are challenging organizations to effectively manage information security risks. ITL can provide PT services that help you meet and surpass all these requirements.
Intelligent Technologies Labs 3213 Duke Street, Suite 608 Alexandria, VA 22314