Information Security Awareness And Training Business Case For Web Based Solut...
Is3 Capabilities Brief
1. Information Systems Security Solutions, Inc.
Corporate Capabilities Brief
“Finding Tomorrow’s Solutions, Today!”™
2. Company Overview
Incorporated October 2002
Top Secret Facility Clearance, Total “Turn-key” Information Technology
(IT) Integration/Services & Support
Qualified Full-time IT professionals, Installation Technicians, Information
Assurance Strategists, Radio Frequency Consultants and Engineers
Native American (NAOSB) – Service Disabled Veteran (SDVOB), Certified
SBA 8(a) and Small Disadvantage Business (SDB), Certified Local
Disadvantage Business Enterprise (LDBE), DOT Disadvantaged Business
Enterprise (DBE), GSA IT Schedule 70 Holder, Certified in Homeland
Security (CHS-III)
Association / Member Affiliations- IEEE, BICSI, AFCEA, NVTC, NDIA,
MDBA, National Board of Forensic Examiners
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
3. Mission
Our mission is to provide our clients with the best quality of service, while
maintaining a client centric approach, that meets and or exceeds their
expectations.
The main objective of IS3 is to provide FAST, innovative, quality solutions
that unites the client with the technology of today as well as tomorrow. This
creates security for the client, as well as allowing them to maintain a
competitive edge in the information technology market. Let IS3 show you why
“we find tomorrow's solutions today!”
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
4. Methodology
IS3 provides total 'turn-key' solutions. We offer our clients one single point of
contact. We are with them from start to finish. Our approach is simple, we
provide our clients with the consultation, the recommendation, the installation
support (if required), the implementation and integration and finally, the
commissioning. One company, one mission, one goal….client satisfaction!
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
5. Territory
With Headquarters located in Sterling, VA with additional operational
locations:
• Arlington, VA
• Washington, D.C.
• Lanham, MD
• Middleburg, VA
IS3 currently performs enterprise network installations/support/integration,
central office upgrades and services and Radio Frequency, Broad-band, WiFi
engineering for clients in most major cities throughout the continental United
States and Hawaii.
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
7. Company Awards
Ranked # 14 of the Top 25 Small Technology Businesses
Washington Business Journal
November 2006
Washington SmartCEO Magazine Future 50 Winner
January 2006/2007
Ranked # 10 of the Top 25 Small Technology Businesses
Washington Business Journal
October 2005
Selected as a Top Minority-Owned Small Business
DiversityBusiness.com.
November 2006/2007
“Finding Tomorrow’s Solutions, Today!”™
10. Core Competencies
Information Assurance (IA) Business Transformation
Solutions (BTS)
Federal Business Research (FBR)
Information Transport Systems (ITS)
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
11. IS3 Proprietary Services
& Solutions
Cyber Contingency
Security Operations
Confidentiality
Configuration
Management
Incident Risk
Management Assessment
Information
Certification
Personnel
Security Integrity CSI &
Accreditation
Availability Access
Control
Crisis Assurance Situational
Management Awareness
You Deserve the Best in Security
IS3 has the Key
Compliant Security Integration
Secure and Compliant...from the
Desktop to the Door
“Finding Tomorrow’s Solutions, Today!”™
12. Compliant Security Integration
CSI®
IS3, Inc. has developed a program that outlines the processes necessary to map critical data and business
processes to services and assets to provide an integrated view of security assurance and guide clients in
making better security investment decisions. In addition, this process will assist the client in aligning their
critical data and business processes to the appropriate regulatory compliance policies and procedures and
develop a consistent, proactive security-monitoring environment. This program is called Compliant Security
Integration (CSI®).
The main focus of CSI® is to develop a program that integrates the various security policies and procedures,
technology and regulatory requirements into one cohesive program that allows the client to focus on their day
to day business processes with the assurance that security has been seamlessly integrated within their
organization and is consistently improving regardless of how volatile the environment may be.
CSI® Methodology
“Finding Tomorrow’s Solutions, Today!”™
13. Secure Operational Sustainability
SOS®
The Secure Operational Sustainability (S.O.S.)
Program evolved from extensive practical
experience of security program management and
network security engineering, design, and
implementation. Based on our observations, in
the Pentagon and other Department of Defense
METHODOLOGY…
(DoD) agencies, and practical application, IS3 Program reviews are based on industries’ best practices, tailored
believes there are five key and correlative to the organization's business area, methods & circumstances…
components that every information technology
In addition to the 5 P’s, assessments
and or network security organizations should Security may include such areas as:
possess to sustain their network operations. Policy – Architecture
– Business Continuity
These components are: Security Management – Disaster Recovery
– Access Control
Program, Security Policy, Security Plan, Security Security Security
Management Procedures – Tools
Security Procedures, and a Security Processes Plan – Personnel
Program
– “Five P’s” of S.O.S. The Five P’s are – Education and Training
– Managed Security
designed to work together, which will promote Security
Immediate results can be realized
seamless organizational reformation. This is the Business during and directly after the completion
Processes of the assessment
premise behind the IS3 S.O.S. Program , and Once an organization has implemented the S.O.S. Program®,
Program®
based on our research we have found no other their security posture will be enhanced, fortified, and adaptive.
adaptive.
programs that offer the same intricate services.
“Finding Tomorrow’s Solutions, Today!”™
14. IS3 Partners with…
IS3 has partnered with Modulo Security the Latin American market leader in Information Security to become a
value-added reseller and U.S. Consulting Arm for their proprietary Security Risk Manager. Its exclusive solutions
use PESI® - an ISO 9001-certified methodology conforming to the ISO/IEC 17799 standard.
MÓDULO's continuous concern with excellence in quality standards has resulted in three important achievements.
First, it became Latin America's pioneer company to obtain the BS 7799 certification - the International Information
Security Management standard. It also received certification for ISO 9001, and has been re-certified since 1998.
Second, was the launch of Security Risk Manager, a software program for risk assessment, compliance and
Knowledge Management System. Modulo Security Lab, one of the most complete IT laboratories in Brazil, provides
support in technology research and updates the information security knowledge-base used by Security Risk
Manager. The company also has an Education Center specialized in training and certifying information security
managers.
And most recently, Modulo has become the first information security company in the world to achieve the ISO
27001 certification. ISO 27001 is the first international information security certification standard and an evolution
on British Standard BS 7799-2. It addresses the definition of requirements for implementation of an Information
Security Management System - ISMS. The standard was adopted in October 2005 by the International Organization
for Standardization (ISO), which handles international certification standards. Modulo Security achieved this
certification in record time thanks to the use of Security Risk Manager.
“Finding Tomorrow’s Solutions, Today!”™
15. IA Division
IS3’s IA Division’s mission is to provide a holistic approach to Network
Security Program Management and Development. While assisting our clients
with maximizing the value of their security environment and posture.
The main objective of IS3’s IA Division is to identify information systems
security solutions that protect and enhance the business needs of an
organization. This will enable clients to realize an inherent return-on-
investment (ROI) that is not generally associated with network security.
“Finding Tomorrow’s Solutions, Today!”™
16. IA Capabilities
Information Assurance Programs
Secure Operational Sustainability (S.O.S.) Program® Implementation
Compliant Security Integration (CSI) Program
Security Compliance
Delivers compliance with all relevant Federal laws, directives, policies, standards and guides such as
FISMA, DITSCAP, NIACAP, NIST, PDD 67, Sarbanes-Oxley and OMB Circular A-130
Physical Security
Focuses on the protection of assets, people and
structure against perceived threats
Site Surveys, Entry Point Design Considerations, Personnel Security
Security Engineering
Threat/Vulnerability Assessments, Policy Development, Strategic Planning, Disaster Recovery /
Continuity of Operations
Certified Information Systems Security Professionals (CISSP)
Certified Information Assurance Managers (IAM)
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
17. IA Division Past Performance
Network Security Services – Pentagon (NSS-P)
- Conducted a security architecture review of information technology security deployment,
practices, and policies to assess the organization’s security posture
Washington Headquarters Services (WHS)
- Support the WHS Chief Information Officer (CIO) and the Designated Approving Authority (DAA), in
the operations, implementation, assessment, documenting, preparation, development, technical review, and
certification for WHS. Direct support for the overall Information Assurance Program Management Office
United States Department of State (DoS)
- Supporting the Bureau of Human Resources Executive Office with 1) safeguard systems and information
nationwide, to 2) ensure systems are certified and accredited, 3) manage enterprise-wide configurations and
changes, 4) continuously monitor, mitigate and prevent system threats and vulnerabilities and 5) ensure
regulatory compliance (on-going)
United States Navy Medical Information Management Center (NMIMC)
- Ensures coordination of all security programs and activities for IT applications and infrastructure; this
includes ensuring that all information systems are properly certified and accredited, monitored, audited,
tested, documented and compliant with HIPAA, NIST, OMB, FISMA and other pertinent regulatory
requirements, policy and guidelines
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
18. BTS Division
Provide innovative ideas that will produce more efficient and
effective solutions for our clients through technical/business
consulting that cover all facets of the Business Enterprise. We
provide clients with “as is”, as be” and “to be” models that allow
them to realize true return on their business infrastructure
investments (True ROI).
“Finding Tomorrow’s Solutions, Today!”™
19. BTS Capabilities
To provide “total turn-key”, world-class Business
Transformation support/solutions that are tailored and designed
to support all of the clients current and future needs.
Enterprise Resolution Center
Enterprise Solutions
BTS-Federal
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
20. BTS Capabilities…
Enterprise Resolutions Center
Tiered Help Desk Support
Escalation and Tracking
Knowledge “Bank”
Adherence to SLA and OLA
“End-of-Life” Cycle Review
“Finding Tomorrow’s Solutions, Today!”™
22. BTS Capabilities…
BTS-Federal
Enterprise Architecture (EA)
Business Process Re-engineering
Capital Planning and Investment Control (CPIC) – guided by
EA
Earned Value Management (EVM) as a key element of project
management
“Finding Tomorrow’s Solutions, Today!”™
23. BTS Division Past Performance
Washington Headquarters Services (WHS)
Supporting the WHS Chief Information Officer (CIO) and the Designated Approving Authority
(DAA), in the operations, implementation, assessment, documenting, preparation, development,
technical review, and certification for WHS. Direct support for the overall Enterprise Architecture
Program Management Office.
United States Department of State (DoS)
Supporting the Bureau of Human Resources Executive Office with developing a consistent release
process for all production systems and infrastructure elements, and define “the phased change
process”. Direct support for the overall Configuration Management and Change Control Program
(on-going)
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
24. BTS Division Past Performance
General Services Administration (GSA)
Providing Helpdesk/customer service representatives to include, but limited to maintaining first
contact resolution; maintaining and resolving trouble tickets; updating knowledge management
database; providing break/fix assistance via script and remote access(on-going)
Sprint Nextel Corporation
Managed all network engineering services related to the national deployments of new network
hardware and or services: coordinated resources for deployment efforts, chaired conference calls
and meetings, reviewed design and planned network/equipment configurations, managed all client
deliverables and reports; provided SME for deployment activities and escalation, trained team
members on technologies and deployment procedures(on-going)
National Academies of Science (NAS)
Providing engineering support to the design, implementation and integration of backbone network
upgrades to a new SONNET ring structure for the academies and data center relocation; Firewall
design and deployment for DMZ segments for enterprise server clusters on PIX 515E platforms;
Firewall design and deployment secured site to site VPN and access VPN designs and deployments on
the PIX 515E. Provided pre and post tier III migration support. (on-going)
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
25. FBR Division
IS3’s FBR Division’s mission is to provide clients with a holistic approach to
the federal business research process and assist them with understanding the
federal business procurement cycle.
FBR Analyst work with the client (either internal or external) to assist them in
understanding, defining and documenting their overarching business objects.
The FBR Analyst applies qualitative and quantitative techniques to interpret
the data and produce substantiated recommendations. FBR Analyst frequently
present the findings and recommendations to the client in a clear, concise and
easier to understand manner.
“Finding Tomorrow’s Solutions, Today!”™
26. FBR Capabilities
FBR Certified Analyst support client business research requirements by:
• Utilizing years of experience in dealing with program managers and contracting officers in ALL Federal and
Government Civilian agencies
• Communicating with clients to understand and document the business objectives (overview of corporate
capabilities and review of NAICS Codes, Corporate Qualifications, existing contract vehicles, etc.)
• Formulating analysis plans and acquiring client (stakeholder) “buy-in” of proposed business research
approach
• Designing and/or assisting in the development of questionnaires and moderator guides to ensure the necessary
data is capture
• Conducting in-depth data analysis using traditional and advanced methods
• Authoring reports containing actionable recommendations
• Making presentations – answering questions and instilling confidence and “stakeholder” support
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
27. FBR Division Past Performance
True Information Assurance, LLC Veteran, minority-owned, woman-owned, small disadvantage
business providing a broad array of innovative Enterprise-level services and solutions to the Department of
Defense and commercial industry. True IA has extensive expertise in the areas of Program/Project
Management, Information Assurance and Information Technology.
Services Provided
•Business opportunity research
•Proposal Management/Development
iGov Solutions, Inc Native American-Service Disabled Veteran-owned Small Disadvantaged Business
specializing in Information Assurance, Singularly Managed Infrastructure and Business Transformation
Solutions
Services Provided
• Business opportunity research
• Weekly business reports
• Weekly/Monthly opportunity report reviews
• Proposal Management/Development
• Business Development/Market Research
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
28. WHY IS3’s FBR Division
IS3 provides complete “turnkey” solutions to meet all client federal business research and procurement needs.
We specialize in providing these services to small and medium sized businesses. Our Analysts will facilitate ALL
research requirements with “Stakeholders” and decision makers so that ALL aspects of the organizations
research needs are met.
Strategic alliances with leading government agencies (contracting officers and program managers). IS3
provides dedicated FBR Analysts that will become an extension of the client’s federal business development staff
and will interact with client business development staff as required. Leveraging these relationships we provide
our clients with the best quality of service while maintaining a cost sensitive approach that meets and exceeds
their expectations.
Our comprehensive Federal Business Research process will evaluate a broad spectrum of internal and external
business research practices. IS3’s tested and proven process will effectively identify “gaps” and provide results
and increased federal bid opportunities.
IS3 has developed a proven Federal Business Research process; effectively delivering continued results and
performance. We provide our clients with top quality and goal oriented research solutions. This proven expertise
enables us to more effectively address the complexities of the federal procurement process and bid/proposal life-
cycle while stream-lining the entire federal process.
IS3 employs qualified, federal business research professionals available to enhance the business processes,
control cost, improve performance and maximize resources thus enabling clients to more effectively identify,
qualify and bid federal solicitations. If required, our Research Analyst will provide “Go-NoGo” support, “Bid-
NoBid” decisions and if requested, we will provide proposal management and development as well.
“Finding Tomorrow’s Solutions, Today!”™
29. ITS Division
IS3’s ITS Division provides technical services based on the transport of
information through Wired or Wireless means. ITS covers the bottom four
layers of the Open Systems Interconnect (OSI) model developed by the
International Standards Organization (ISO).
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
30. ITS Division Capabilities
ITS Wired Solutions Group
Provides fiber optic and copper structured cabling solutions for facility low voltage systems
including; voice, data video, life safety and security
– Building/Office Inside Plant Cabling
– Central Office/Data Center Cabling
ITS Wireless Solutions Group
Provides wireless solutions for facilities, that require voice and data wireless coverage to
support Cellular, WiFi and Public Safety applications
– Distributed Antenna Systems
– Neutral Host based systems
ITS Engineering Group
Provides Engineering support to internal groups and external clients
– BICSI Engineers (RCDDs)
– Cisco Certified Engineers
– Radio Frequency Engineers
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
31. “In-Structure” Distributed
Antenna Systems (IS-DAS)
IS3 designs and engineers “In-Structure” Distributed Antenna Systems (IS-
DAS) within large facilities or venues that provide wireless coverage for
cellular phones, wireless LANs (WLAN), radios and other wireless-enabled
devices; providing seamless coverage for multiple internal and external service
providers of voice and data services. Venues such as:
Airports
Metro Rail / Subway Systems
Large Federal Government Facilities, Campuses and Bases
State & Local Government Facilities
– Office Buildings
– Court Houses/Jails
– Schools
The net benefit of a DAS system is a less expensive solution with equipment
that is more efficiently utilized, is less intrusive and does not disrupt the
surrounding overall network.
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
32. ITS Division Past Performance
Sprint Nextel Corporation
– Nationwide Switching Center ITS Build-outs and Support
– Nationwide Engineering Services & O&M Support
Computer Sciences Corporation
– Nationwide ITS Build-out (Voice / Data / Video)
Metropolitan Washington Airports Authority (MWAA)
– Supplemental Radiating System (SRS) – National, Dulles & Udvar Hazy Center
– Dulles Vehicle Maintenance Facility
– Dulles & National Neutral Host System
– IS3 is represented the four Major Wireless Carriers in the United States, and was primary Client Liaison to the
Owner, Metropolitan Washington Airports Authority (MWAA) and Systems Integrator for the CWAS project.
The CWAS initiative included the management, planning, detailed design & engineering, construction, operation
and marketing for Wireless Voice and Data applications and two Complete Information Transport Systems,
consisting of Fiber and Copper at both of the Nation’s Capitol’s Airports.
State of Maryland, Wicomico County
– Courthouse, Government Center and Two High Schools –800MHz Public Safety
Washington Metropolitan Area Transit Authority (WMATA)
– Tunnels Wireless Neutral Host Based System
General Services Administration (GSA)
– Presidential Transition Team Building
– Facility ITS Build-outs (Headquarters Building)
“Finding Tomorrow’s Solutions, Today!”™
33. WHY IS3
IS3 provides complete turnkey solutions to meet all LAN, WAN, Enterprise Network Architecture, Business
Transformation and Security needs to include complete support of converged network solutions for seamless
integration, security architecture solutions at all levels of development and implementation and structured
cabling services to include Central Office installation, Remote POP, superstructure, and Power.
Strategic partnerships with leading IT companies guarantee clients invested skills and resources required to
design, implement and support the “best of breed” technologies. Leveraging these relationships we provide our
clients with the best quality of service while maintaining a cost sensitive approach that meets and exceeds
expectations.
Our comprehensive Security Assessment process will evaluate a broad spectrum of internal and external
Information Assurance (IA) practices. IS3’s tested and proven process will effectively identify needs for
designing a security policy plan that will enhance existing network demand for secured connectivity.
IS3 has developed a proven engineering design and implementation process; effectively delivering continued
results and performance. We provide our clients with top quality and goal oriented services in the areas of:
project management, equipment staging, configuration, burn-in, installation, migration, cutover, integration,
testing, documentation and “as-builds”. This proven expertise enables us to more effectively address the
complexities of Enterprise Network and Infrastructure requirements.
IS3 employs qualified, certified IT support professionals available to enhance the business processes, control
cost, improve performance and maximize resources thus enabling clients to more effectively deliver products
and services. Our Engineers will assist with network design, configuration changes, capacity analysis, network
and power analysis, site survey, equipment layouts, RFP, quality control, testing and assurance.
“Finding Tomorrow’s Solutions, Today!”™
34. Contact Information
Information Systems Security Solutions, Inc.
45150 Business Court
Suite 500
Sterling, Virginia 20166
Office (703) 707-8400
Fax (703) 707-8441
Web http://www.infos3.com
Information request: info@infos3.com
Cage Code: 3C334 GSA Schedule Contract: GS-35F-0776P
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™
35. IS3 CORE VALUES
PERSONAL
COURAGE
MORALITY INTEGRITY
HONESTY LOYALTY
SELFLESS
SERVICE
“Finding Tomorrow’s Solutions, Today!”™
“Finding Tomorrow’s Solutions, Today!”™