Provide intrusion prevention and detection, vulnerability scanning and remediation, audit logging/monitoring and security patch management.
Service Description
Security services provided include network security, security incident management, data security, security program management, continuity services, and personnel security.
What is included
- Network Security: Services provided include intrusion prevention and detection (IPS/IDS), vulnerability scanning and remediation, audit logging/monitoring and security patch management.
- Security Incident Management: Incident management and forensic collection and analysis are provided for reporting and remediation of security issues.
- Data Security: Services provided include encryption, media sanitization, malicious code protection and application security support.
- Security Program Management: ITS provides Certification and Accreditation (C&A) support for the client agency C&A process, including Security Testing and Evaluation (ST&E) efforts, and providing risk assessment, network, scanning, and hosting support during evaluations.
- Continuity Services: This service offer covers all requirements for contingency planning as specified under the Homeland Security requirements as administered by FEMA. This service covers support for both Continuity of Operations Planning (COOP) and Disaster Response Testing/Recovery.
- Personnel Security: This service provides security training, awareness, and completion of security agreements.
How We Charge
Security costs are fully integrated with ITS’ services.
Service Level Metrics
| Measure | Target SLA |
|---|---|
| Security Incident reportable to USDA/OCIO/ASOC |
Customer Alert <30 minutes after discovery or within Cyber Security guidelines 95% |
| Incident Handling |
< 4 hours 99% |
| Incident Research |
< 3 business days 99% |
| Incident Resolution |
Incident Resolution Time – OCIO/CS Incident Notification Time 99% |
| Network Scanning |
Months in FISMA compliance ¸ 12 (Rolling Average) 98% |
| Vulnerability Remediation |
Vulnerabilities identified from scans each month are reviewed and appropriate actions initiated. 90% |
Reporting is subject to baseline measurements and vendor limitations.
Cost Savings Tips
- Respond to a detected threat by attempting to prevent it from succeeding into the environment.
- IT security training, awareness, and the completion of security agreements gives users the needed tools and information to protect an agency’s vital information resources.
- Prevent the loss of important information or to decrease the impact of a disaster by having both COOP and Disaster Recovery Testing/Recovery.
- Provide a controlled configuration management facility to ensure greater uptime of IT systems.
- Protect sensitive information whether it's stored on a desktop or laptop computer, a PDA, removable storage media, an email server or even the corporate network.