Information Assurance and Security

An information assurance and security solution encompasses risk definition and a threat assessment to develop a complete Information Assurance and Security program. People, process, and technology work together in order for the plan to be effective. ASM provides full life cycle systems security engineering services and information assurance solutions.

These services include security architecture design, risk analysis and assessments, security policy development and compliance with DIACAP, NIST 800 Series and ISO standards.  We also offer integrated security solutions, security administration, and tools-based monitoring and audits. ASM incorporates information assurance and security in the initial stages of all projects to ensure that projects are developed compliant and that budget considerations are addressed during the initial project stages.

As required, we minimize physical security risks by placing our applications and our infrastructure in hardened installations with redundant power, armed guards, and access security. We mitigate cyber security risks by placing our information assets behind a hardware network and application firewalls and through regular patches management, audit and security log reviews, and a “least-privilege” security model. Data security extends beyond application security, including issues of personal privacy, HIPAA and sensitivity. ASM maintains a high level of training for our personnel in all areas of IS.

ASM is a superior choice through our extensive experience performing a wide range of information assurance services.

• Risk Assessments
• Certification and Accreditation  (DITSCAP/DIACAP/NIST 800-37)
• Network Vulnerability Assessments
• Web Application Vulnerability Assessments
• Security Control Implementations
• Network Security Implementations
• Security Incident Response
• Continuity of Operations (COOP)
• Privacy Impact Assessments (PIA)
• E-Authentication Risk Assessments
• FIPS/NIST/ISO Compliance