OnPoint’s information assurance (IA) services ensure the confidentiality, integrity, availability and accountability of our customers’ information and information systems. We adhere to a simple approach: Clarity. Action. Results. First, we gain clarity into existing information assurance policies and systems by baselining the current environment. Next, we move into action by developing recommendations and action plans to improve the effectiveness of existing security controls and policies. Finally, we measure and report our results and make continual improvements as needed.
Our services include:
- Assessment Services
- Risk and Vulnerability Assessments; Penetration Testing
- Certification and Accreditation (C&A)
- Independent Validation and Verification (IV&V)
- Security Testing and Evaluation
- Strategic Services
- Policy and procedure design, creation, and review
- Disaster recovery and contingency planning
- Continuity of Operations Planning (COOP)
- Security Architecture Review
- Integration Services
- Patch Management solutions
- Firewall and Intrusion Detection Systems (IDS)
- Digital Signatures, Biometrics & PKI
- System and application hardening
- Training and Awareness Services
- Computer-based training (CBT)
- Classroom training
- Detailed technical security training (admin level)
- Security awareness training (user community level)
In addition to the services listed, OnPoint's IA practice has a solid understanding and practical application of the federal laws, regulations and standards leading and governing the marketplace, including:
- Provide 24x7x365 security monitoring for NNSA Enterprise Secure Networks (ESN) classified and unclassified.
- Federal Information Security Management Act (FISMA)
- Sarbanes-Oxley Act
- Health Insurance Profitability and Accountability Act (HIPAA)
- NIST 800 Series Special Publications
- Federal Information Processing Standards Publications (FIPS)
- National Information Assurance Partnership (NIAP)
- Computer Security Act of 1987