IT Security and Information Assurance

 

Protecting a company’s assets, as well as a customer’s personal identifiable information (PII), is our top priority. We strive to provide our clients with the peace of mind that their business is operating within a secure environment. We offer the following consulting and technical services:

Security Architecture & Engineering

 

We provide technical security guidance and analysis in Information System Security Management, Security Architecture, Security Engineering, Disaster Recovery, and Security Policy to proivde consistent security perspective and recommendations to federal and commercial businesses. 

 

ATA provides disaster recovery technical assessments and plan development support; security analysis and advisory services to business owners; security perspective to the evaluation of an organization's enterprise architecture change requests; and secure design templates and support in an organizations System Development Life Cycle. 

Vulnerability Management to identify weaknesses on your systems

 

Organizations must be proactive about assessing their security posture on a regular basis, since hackers and intruders are constantly improving their abilities to conduct cyber attacks. This, coupled with the number of vulnerabilities present in both software and web applications, increases the probability of your information systems being compromised.

 

Our Vulnerability Management Process includes automated testing, manual validation, and reporting. This approach identifies weaknesses on your information systems and reduces false positives. Once the automated testing is complete, we will review, analyze, and report the impact of each finding.Finally, we will provide recommendations on how to mitigate and remediate the threats.

Penetration Testing to validate vulnerabilities identified on your systems

 

We have extensive experience in penetration testing of networks and applications. During the penetration testing process we will:

 

  • Take the vulnerability scan results and attempt to validate those findings, or we will manually assess an information system based on requirements.

  • Develop specific test scenarios based on the infrastructure being tested.

  • Test the effectiveness of your security measures and examine your high-risk components in IT environment (e.g. public facing websites, remote access, email, wireless).

  • Conduct an on-site debrief and provide you a clear a comprehensive report.
 

Your technical staff will have the information necessary to mitigate the weaknesses identified in your environment.

Security Controls Assessments to measure the effectiveness of your enterprise

 

We will assess your organization’s management, operational, and technical security controls in the enterprise. This assessment will determine the extent to which the controls are implemented, operating as intended, and producing the desired outcome. When performing this service, we will make certain that your security controls are compliant with the following: FISMA, ISO, FISCAM, COBIT, NIST, and PCI. ATA is conducting assessments that map to CIS Top 20, OWASP Top 10, and 800-171.

Policy, Procedures, and Security documentation review
 
We employ certified information security professionals that will travel to your business to review your policies and procedures. We assist in updating and developing policies and procedures to reflect your current business needs.

Contact us today for more information on these services.