| Government Agency or Commercial Organization |
|
U.S. Department of the Navy
|
|
Project Name |
Comprehensive Utilities Information Tracking System (CIRCUITS)
Independent Verification & Validation (IV&V) |
Nature and Scope of Work |
Security Support Services/Information Assurance/Independent Verification & Validation (IV&V) |
Description of Products and Services Provided to Customer |
For the Department of the Navy, Enlightened performed the following:
- Created the System Security Authorization Agreement (SSAA) to achieve accreditation for a new Navy-wide information collection and reporting application over a legacy infrastructure.
- Created documentation relating to incident response, contingency planning, and configuration management to establish a minimum threshold in those areas of security.
- Risk assessments and technical scans were conducted for asset discovery, web and network based vulnerability assessments, and Security Technical Implementation Guide (STIG) compliance.
- Performed a nation-wide initiative conducting IA site visits of various Naval facilities to assess their security infrastructure for the purpose of outlining areas within the security posture that had room for improvement.
|
Outcome/Value/Benefit to Customer |
Through our contract with the Navy, Enlightened was able to enhance the security infrastructure of the Navy's information system by:
- Identifying risks that may have been introduced through new applications or altering the security infrastructure;
- Discovering new methods hackers can employ to compromise the system; and
- Improving the system's availability due to new contingency planning guidance.
|
