Security Operations
The ability to house, transmit, and receive data is critical to any organization, regardless of whether it is in the public or private sector. Success is measured by the demonstrated delivery of services and capabilities against the processes of data protection.
But as new threats and tactics emerge and security practices of yesterday become outmoded and irrelevant, new methods – including managing security by trends, signatures, and anomalies – are propelling security practices into a modernized capability.
TWD has decades of delivering services to the federal government. This deep experience has driven our acute awareness of the security requirements that are woven into the very fabric of our economy.
Astute in the dynamics of cybersecurity, TWD understands – and possesses – the technical breadth and depth required to evolve security practices in order to maintain data integrity and keep data secure. These capabilities are offered under our set of IT Support Services. Our security operations also include the capabilities and experience to assess, authorize, and continuously monitor threats to the mission-critical technical infrastructures of the organizations that serve our nation and its citizens.
Security Fundamentals
The effectiveness of an overall security strategy is dependent on the individual strength of policy, people, and technology. TWD understands the interplay of these drivers. As a result, we take a holistic approach with our IT security services to:
- Partner with industry leaders to stay tuned to emerging technologies and capabilities
- Train and employ staff that are experts in their career field
- Ensure that security policies are refreshed/updated on a continuous basis versus remaining stagnant after creation
- Ensure our personnel remain relevant through ongoing training and certification
TWD employs industry-certified personnel with specializations in network security:
- Cisco Certified Internetworking Experts (CCIE) – Such certifications are the cornerstone of IT networking. Our CCIE professionals architect and implement secure solutions for our clients.
- Certified Information Systems Security Professional (CISSP) – This certification represents tier-level 3 expertise in all elements of cybersecurity ranging from physical security to complex security algorithms.
- Cisco Certified Security Professionals (CCSP) – The watchdogs of network security implementations, CCSP professionals’ skillsets are centered on enhanced security inclusive of Internet Protocol (IP) Sec 3DES MD5 256bit encryption, SSL-VPN, Kerberos, CHAP, MS-CHAP, Access-Lists, and other security-focused protocols and technologies.
- Certified Information Security Manager – This certification qualifies the individual to manage security practices and ensures that an expert level of proficiency is present to manage and develop an information security program.
Information Assurance
TWD has more than 25 years of extensive, demonstrated experience in security solutions that protect our customers’ network infrastructures, information assets, and data.
As an example of our capabilities, we assisted one of our primary Department of Defense (DoD) customers with the transition from the outdated, static DIACAP framework to the continuous monitoring-based Risk Management Framework (RMF). Throughout this process, we successfully navigated applying more stringent information assurance controls to the infrastructure and received Approvals to Operate from the accrediting authority. We passed DoD-level security inspections including the Cyber Command Readiness Inspection (CCRI) with exceptional results that confirmed our delivery of service — to a command with more than 5000 users – had the processes and procedures in place to secure DoD data with a classification that meets or exceeds “Secret” level. We also demonstrated our Continuity of Operations (COOP) capability and moved the DoD 5000+ user base to a COOP facility within a one-month timeframe.
Ask us about this project, and learn how TWD can provide the specialized security operations you need to protect your mission-critical assets.
TWD IT security subject matter experts provide a full range of network defense tools and services to minimize risk, increase your visibility and control, and secure your network systems and information. The team’s experience encompasses a broad range of security areas, including:
- Firewalls TWD network engineers are trained and experienced in the implementation of industry-leading technologies such as Palo Alto Networks and Cisco firewall technologies. TWD engineers secure border networks from threats by analyzing anomalies and setting triggers to alert for unexpected data conditions.
- Network Defense Our highly scalable deployments of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) systems have blocked countless unauthorized attempts to access DoD data. TWD is partnered with Cisco, and utilizes Cisco technology to modernize defense capabilities with primary operations that span the seven-layer Open Systems Interconnection (OSI) model.
- Anti-Virus/Anti-Malware TWD has an expansive skillset for both client-based and clientless deployments, and expertise in policy that has delivered security features to our DoD customers. Technology partners include, but are not limited to, DISA, McAfee, and Symantec.
- Monitoring We provide proactive monitoring services and have deployed technologies that centralize the infrastructure into a GUI-based monitoring implementation. We have expertise with SNMP which is the primary protocol supporting monitoring activities with vendors such as SolarWinds, Cisco, and Hewlett Packard.
- Adherence to Policies TWD conforms to the requirements of DoD 800-37 and 800-53 IA controls. We ensure that deployed systems and networks meet the stringent requirements placed by these policies and utilize tools that are inclusive of vulnerability scanners and NIST-certified Security Content Automation Protocol (SCAP) monitoring tools.
Today’s organizations have a multitude of reasons to protect information due to the sensitive and proprietary nature of the data that they hold in their systems. Some – including government agencies and financial institutions – must adhere to strict laws and regulations that codify their obligation to protect information with substantial penalties for security failures and data breaches.
TWD’s team of certified security professionals has deep knowledge and experience in designing and implementing industry-leading innovative cybersecurity solutions. We ensure compliance on systems and areas that range from “unclassified” to “Top Secret” security levels:
- For more than 25 years, TWD has provided GRC support for our DoD and federal civilian agency clients, ensuring that they meet the critical requirements issued by the Federal Information Security Management Act (FISMA) and comply with Assessment and Authorization (A&A) processes.
- TWD IT personnel are well-versed in security repositories/systems of record such as E-MASS. TWD partners with our customers to deliver capabilities and ensure that workflows are streamlined, processes are repeatable, and need-to-know data access is baked into service delivery.
- TWD has successfully implemented more than 80 system and network Authority to Operate (ATOs) that allow a system to be connected to a DoD network.