Information Assurance and Testing
Information technology is a remarkable asset for any organization — as long as it is controlled and protected. Allowing the right people to see the right data, the data they are authorized to access, is complex. Access must be reliable and often restricted. Tiatra will develop risk mitigation through a full understanding of access trails and comply with all security and other regulations as necessary.
Information Assurance
Unauthorized access can occur from within your organization or across the world. Federal organizations must meet a high standard for security, and Tiatra will position your group accordingly through the latest in technological protection protocols and best practice guidelines including NIST 800 series and DoD 5800 series publications.
Intrusion Detection and Prevention
The longer and unauthorized actor is accessing your system, and the data within it, the more damage they are likely to do. Catching them early is critical. Tiatra’s intrusion detection and protection protocols guard your system’s infrastructure and alert us, and those required to be notified, as it happens.
Security Scanning and Analysis
No system is perfect, because those seeking to cause damage develop their technology as aggressively as those of us seeking to prevent it. Even before a potential hack or attack, Tiatra can continuously check your system for potential weaknesses and vulnerabilities.
Plan of Action & Milestones
Information system attacks are usually well-planned and methodical. Countering them requires the same level of detailed planning and execution of that plan, and Tiatra does just that. Through security-centric milestones and monitoring, we work with your organization to protect your data assets around the clock from threats around the world.
Certification and Accreditation
Your agency’s information systems must comply with federal regulations such as FISMA, NIST SP800-37 and DIACAP, and Tiatra’s knowledge of and experience with those and other regulations are at your disposal. We check and checklist each step and even go beyond the minimal requirements if necessary if our risk assessments and other security analyses feel it is warranted.
Test Evaluation Master Plan Development
Information technology such as that used in your organization’s system must be tested before it is launched. Through our Test and Evaluation Master Plan (TEMP), Tiatra thoroughly checks and rechecks not only the system and all of the components that comprise it, but the facilities of the employees and others within your organization who will be using it.
Test Script Development and Execution
Using an information technology system seldom involves singular operations intended to achieve singular results. Rather, systems are accessed for multiple requirements as part of obtaining a larger data picture of what is requested. These combined requests tend to have some general continuity within organizations, and Tiatra develops viable, similar testing scripts to replicate what your team is likely to need. Running such scripts during testing is often the most accurate way to determine that what if requested of the technology is what will be delivered.
System and User Acceptance Testing
Developing and executing test cases on your system is another “real world” way to insure it understands what you need, how you will be asking for it and how to deliver it. It is during the development stages of the system that these working scenarios begin to be programmed, and as the system nears completion, the testing stage insures that they work for you, as they should.
Vulnerability Assessment and Analysis
A system that was secure today may not be secure tomorrow. Malicious actors seeking to obtain, corrupt or destroy your data are continuously honing their craft, and they technology, to compromise where it is kept. Tiatra is relentless in its oversight assessment and analysis of the systems in its charge.
Stress/Load Testing
Your organization’s data management requirements may have outgrown, and be placing stress on, your current IT system. This isn’t often visible until that system is pushed too hard and suffers some sort of incapacitation or other detrimental event. Tiatra believes in anticipating potential problems caused by such overloads, or stress, through testing, analysis and proposing solutions. And for those systems not yet under immediate risk of handling too much, we can implement load testing to determine how much is too much, and when too much may happen.