Given the uncertain world we live in, the Department of Defense (DoD) and Federal agencies must secure and protect their sensitive information transmitted over the Internet and other networks, especially since unauthorized use of their sensitive information can adversely impact our national security and other vital interests. ASD delivers integrated solutions that include analyses, methods, tools, and technologies that allow our customers to secure their information and IT infrastructures against unauthorized access and service disruption. We apply a well-known model to provide confidentiality by ensuring that information is accessible only to those authorized to have access, to provide data integrity by ensuring that the data is "whole" or complete, that the condition in which data is identically maintained during any operation, and to provide availability ensuring that the IT infrastructure is available 99.99 percent of the time.

ASD’s information security solutions protect and defend our customer’s information systems against malicious attack and reduce the threat to system security by proactively managing risk. We provide security policy and procedure formulation, threat identification and risk assessment, vulnerability analysis, system security engineering, network defense, secure document processing, applications, database and web security, information security evaluation, and accreditation and training. For our DoD customers, we follow the DoD IT Security Certification and Accreditation Process (DITSCAP), the DoD Information Assurance Certification and Accreditation Process (DIACAP), and Trusted Network Interpretation (TNI) criteria, depending upon the sensitivity and classification of the network and data. These guidelines build on products evaluated by the National Computer Security Center (NCSC) against the DoD Trusted Computer System Evaluation Criteria (TCSEC). Our systems typically operate at the NCSC C2 security rating and higher.

Functional Expertise:

• Information Assurance (IA)
• Critical Infrastructure Protection
• Certification & Accreditation
• Firewall administration
• Public Key Infrastructure (PKI)
• Biometrics
• Business continuity/Disaster recovery
• Security policies & procedures development
• Threat identification, risk assessment & vulnerability analysis
• Systems security research & engineering
• Security awareness & training
• System & network security administration
• Firewalls, VPN & Crypto design & installation
• Network defense

Technical Expertise:

• CISSP, ISSAP Certified INFOSEC Professionals
• FISMA process & DITSCAP experience & support
• Security requirements incorporated into CMMI Software/System Engineering Processes
• Utilizing biometric technology & GSA schedule products tailored to changing requirements
• Utilization of encryption & digital signatures to guard sensitive/Classified information