Secure IT

To Secure Customer Information and IT Infrastructure from Threats
The Datawiz Corporation C&A methodology is based on National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems, and is easily adapted to meet agencies' own internal C&A process.
Cyber Security Assessment and Planning (C&A)
Datawiz was among the first Cyber Security professionals to perform a Security Assessment on a Cloud Computing service provider for the Federal Government (Certification and Accreditation (C&A)). What we learned from this exercise, is that having a public knowledge of Cyber Security is crucial in securing individuals and our Nation.
Cloud Security
Datawiz Corporation offers a portfolio of professional Cyber Security management services that can be tailored to meet your specific needs. Whether it is a one-off gap analysis or a full cycle of implementation and certification, we guarantee to identify your critical and other business assets and to deliver appropriate management reports and recommendations.
Cyber Security Management & Support
Datawiz’s Enterprise Risk Management enables an organization to change from a fragmented and compartmentalized risk management solution to one that is strategic in overall scope, viewing controls and risk initiatives in a coherent framework, thereby enhancing decision making and analysis to support growth and high performance.
Risk Management

Information is central to our customer’s mission. Therefore any amount of data loss, network failures, malicious intrusions or mishandling of data can result in far-reaching damage. The Datawiz IT security program protects the confidentiality, integrity, and availability of enterprise information, computers, and networks. Datawiz’s IT Security Program strategy is to apply security countermeasures in layers working together with our clients to reduce risk. These layers include detection and response capabilities, user awareness, desktop security, network security and compliance monitoring.

Services and Results

Detect, prevent and respond to IT security events
  • Expanded Computer Incident Response Team operations to provide vigilance over systems
  • Implemented additional intrusion detection/prevention systems to thwart hackers
  • Implement Internet content filtering to protect employees from web based attacks and scams
Increase user awareness and training
  • Published data handling guidance to improve security awareness across enterprise
  • Conducted additional focused user security awareness and rules of behavior training to increase user commitment to sound IT security practices.
Protect the end points in the IT infrastructure
  • Ensure continuous monitoring of potential vulnerabilities
  • Defined enterprise patch management processes
  • Secure enterprise applications to protect data and public services from compromise and loss
Improve network security
  • Initiated HSPD-12 access privileges with identity management
  • Implemented firewall and network management
  • Leveraged the Department of Homeland Security Cybersecurity Initiative
Monitor compliance
  • Standardized implementation of Federal Desktop Core Configuration to secure user desktops
  • Continued enterprise implementation of the Cyber Security Assessment and Management system for enterprise compliance with FISMA standards
  • Expand Certification & Accreditation (C&A) compliance review program to facilitate removal of material weaknesses, increase FISMA grade and improve the availability, accuracy, and timeliness of processes and products
Improve preparedness and response
  • Conducted quarterly CIO COOP Table-Top Exercises that address a full range of issues that may impact IT responsibilities
  • Incorporate contingency planning into customer’s continuity of business planning efforts
   

Satisfied Customers

  • Department of Labor - Mine Safety and Health Administration, Office Inspector General, Job Corps
  • Department of Agriculture – Food Safety Inspection Services
  • Committee to Purchase from Severely Blind and Disabled – CBSD

Achievements / Accomplishments

  • Established an Information Assurance Plan and security layer within the MSHA Enterprise Architecture to ensure proper consideration of security requirements in all phases of the IT life-cycle.
  • Made dramatic improvements in terms of compliance with Federal Information Security Management Act (FISMA) standards, accrediting (100%) percent of MSHA IT Systems
  • Initiated a formal process and common controls to expedite the certification and accreditation of all MSHA systems and developed a (3) year plan to ensure future accreditation
  • Substantially reduced the number of preventable security incidents to 50% in 2008 for MSHA.
  • MSHA received award for accomplishing 100% security awareness and Role base training during the year of 2008.