Security Automation

Cybersecurity Compliance & Evidence

Automation for Scale

MANAGED

Endpoint
& Network
Controls

Managed Endpoint
Security & Controls

  • Data loss prevention
  • Antivirus and antimalware
  • Full disk encryption and key management services
  • Multi-factor authentication
  • Tamper protection
Endpoint Security

Managed Network
Security & Controls

  • Firewall installation, configuration and updates
  • Remote management
  • Offsite log retention
  • Gateway VPN for remote users
Network Security
Screen Shot 2021-05-15 at 10.54.27 PM

Office, BYOD, Home, Remote, Travel...

MANAGED

Cybersecurity
Policy
Enforcement
System

Level 1 - Enforcement of Cyber Settings & Cyber Software

  • Automated Installation, configuration, update, etc.
  • According to Written Information Security Policy (WISP)
  • To meet specific cybersecurity regulations standards
  • Leveraging FCI cybersecurity expertise and best practices

Level 2 - Integration with Web App Identification Gateway

  • Automated deployment of cybersecurity software agents
  • Evidencing compliance of technical controls at the time of access to Systems of Private Data
  • Username and device match
  • Blocking unknown devices from accessing private data
MANAGED

Cybersecurity
Policy
Violation
System

Policy Violation System

  • For Enterprise cybersecurity policies
  • Related to Data Leakage Protection, authorized apps, etc.
  • To gain visibility, monitor and control over policies
  • Includes alerts and reports
CYBER POSTURE

Evidence of Compliance

Persistent Audit Trails

  • Endpoint and network cybersecurity event logs
  • Perpetual retention

NIST-Based Asset Inventory Report

Report

  • Enables faster responses to security alerts
  • Automatically sent over public network (time stamp)

Content

  • Single-row spreadsheet report
  • Cybersecurity posture for compliance
  • Device and user identification
  • Security settings and software
  • Organized by field offices

Frequency

  • Weekly or monthly
  • On demand before audit or at time of incident

Security Risk Assessment

  • Technical Controls Assessment
  • Network penetration testing
  • Vulnerability scans
  • Evidencing compliance of environment and systems
  • Recommendations and report
Security Risk Assessment