Security Services

Cyber security is one of the core service lines within Business Integra (BI) and our company’s security service portfolio covers the full landscape of information security needs of our clients. We have the very best information security resources in the business that have supported just about every industry imaginable. We are currently supporting the Internal Revenue Service (IRS), the Centers for Medicare and Medicaid Services (CMS), the National Association of Child Care and Resource and Referral Agencies (NACCRRA) and the District of Columbia (DC) government with various aspects of their information security objectives. In addition, Business Integra was selected as a prime cyber security provider for Navy SPAWAR. The support provided for these clients ranged from penetration testing; enterprise security architecture and implementation services; federated identity management and establishment of secure gateways to exchange information in this interconnected world we live in. In addition, we have supported these same client’s with security policy development as well as certification and accreditation, and solutions to achieve security governance within a larger IT governance construct. Our primary cyber security services focus on the following areas, but can be tailored to meet the needs of a specific initiative:

Security Architecture and Engineering

Our hallmark security service revolves around assisting our clients to design and implement cyber security architectures tailored for their specific need and regulatory landscape. This set of services is offered in various flavors that meet the objectives of securing service-oriented architectures (SOA), cloud deployments and all types of application-based systems. We have been on the ground for all sizes of engagements providing security architecture and engineering services and have demonstrated that we are a thought leader in this space. Our SVP of Cyber Security & CISO, Bernie Thomas, is a well-known security architect who speaks extensively on this topic at industry events for well renowned information security organizations.

Security Analytics

The next step in security is for people to be able to specify security policies at the management level and have those same policies run in their operational environments with the flexibility of changing the behavior of the security solution as the business policies and guidelines evolve. Oftentimes, information security architectures are product-based which results in limiting what you can do in the security space to the capabilities available in a COTS product. This is not always a bad thing but it does not usually offer flexibility in adapting the security architecture regardless which direction the organization would like to go in. Our security analytics offerings provide our clients with a means to approach automated policy enforcement the way it was meant to be, unconstrained and limitless. Our approaches are rule-based and allow for leveraging any data available to the solution contained within the enterprise data model. The sky is the limit!

Identity and Access Management

BI has successfully designed and implemented multiple identity and access management initiatives for our clients. We have implemented these solutions for both small and large scale environments and each time, we tailored a solution that factored in all of the important elements such as use cases, user experience, identity proofing, two-factor authentication, PKI and attribute-based access control (ABAC). Most recently we are implementing a federated identify management solution for a CMS program. Identity and access workflow development and role establishment are also key aspects of what Business Integra brings to the table in this service area.

Certification and Accreditation (C&A) Services

Our Company has a wealth of experience successfully implementing C&A solutions and providing the associated support for our past and present clients, both on the federal civilian side using FISMA as well as the DoD community using DIACAP. Business Integra also has extensive experience in creation of all required C&A artifacts as well as working knowledge of the automated and centralized C&A management tools in place at most agencies.

Penetration Testing

Business Integra has a very mature methodology which we use to perform security assessments, which includes penetration testing. We are currently supporting the IRS with the planning and execution of penetration testing activities to assess the security posture of their core business systems and design remediation steps for further hardening of the subject environments. As a part of planning for a penetration test, our resources gather all of the appropriate information that informs the testing plan and that will assist in executing the testing. Following the testing, we work with our clients to address all findings and achieve a more secure system every time.

Security Governance

Business Integra has successfully developed information security governance frameworks that have significantly improved how security requirements and guidelines are disseminated throughout and organization and establishment - which influence the creation and implementation of the downstream technical guidelines, processes and procedures. This ensures that when management makes changes to the security approach for the organization, the stakeholders follow by being governed by a set of artifacts that are aligned with the top level policy change. The majority of our information security governance professionals possess the Certified in the Governance of Enterprise IT (CGEIT) credential and have several past years of experience implementing these frameworks.

IT Auditing

In order to establish compliance with the security requirements and guidelines that are in place, organizations have to proactively assess the security posture of their environments initially, and then periodically alter that. Assessing the security posture is not a check list that someone uses to say whether something meets the requirement. Auditing is an activity that uses requirements as a baseline, but seeks to identify any weaknesses/deficiencies/enhancements that would lead to strengthening the overall security posture of an organization. In order to do this successfully, you must have a repeatable auditing methodology and resources that can apply the appropriate context to both the requirements and how well the as-is system meets those requirements after they have been rationalized. This is where BI can assist with our comprehensive auditing methodology and Certified Information Systems Auditor (CISA) certified resources.

U.S. Department of State

supportBusiness Integra (BI) provides IT expertise to the Department of State...Read More

U.S. Small Business Administration

supporting-veteran-owned-small-businesses-at-bae-systems-we-are-committed-to-helping-2Business Integra (BI) primarily provides web-based informationsystems...Read More

National Association of Child Care Resource and Referral Agency (NACCRRA)

sir-roger-carr-to-join-the-board-as-chairman-designate-we-are-pleased-to-announceBusiness Integra (BI) supports the National Association of Child Care...Read More

Centers for Medicare & Medicaid Services (CMS)

virtualizaton-forecast-calls-for-clouds-learn-how-our-virtual-desktop-solution Business Integra (BI) provides - the U. S. Department of Health and...Read More

U. S. Army National Guard Bureau

sixty-and-still-going-strong-canberra-australia-australia-s-most-versatile-defenceBusiness Integra (BI) provides the full range of technical, software...Read More
Business Integrra