HR u Service Delivery u Proposals u Accounting u Contacts u Log Out 

VSE Intranet u Deltek Timekeeping u G&B Public Website

 

 

Welcome!

G&B Employee Intranet

 

 

 



Solutions. Success.

 

ENTERPRISE
ARCHITECTURE

SECURITY &
BUSINESS
CONTINUITY

PERFORMANCE
MANAGEMENT

E-GOV AND
WEB SOLUTIONS

IT INFRASTRUCTURE

SYSTEM DESIGN
& INTEGRATION

 

 

 

 

 

 

 

 

 
SECURITY/BUSINESS CONTINUITY

Protection of critical infrastructure is a foremost concern today. G&B's information assurance experience is comprehensive: we work with policy makers to establish departmental and agency guidelines as well as with operational managers to ensure secure networking, connectivity, and applications comply with plans and industry standards.

Policy/Plan Review and Development - G&B develops new IT security policy, guidance, and an overall IT security plans and identifies areas for supportive guidance in coordination with the National Institute of Standards and Technology (NIST) Best Practices, OMB A-130 compli­ance, Federal Information Security Act (FISMA), and departmental policies. We also review existing security policies and plans and make recommendations on improvements to strengthen an organization's security processes and procedures and prioritize threats, incidents, vulnerabilities, and countermeasures to support rapid reaction.

Top           Contact Us

Interim Authority to Operate (IATO) / Certification & Accreditation (C&A) - G&B's C&A activities include the development of Security Test and Evaluation (ST&E) Plans, procedures, and actual technology-specific tests and evaluation criteria, as well as the identification and documentation of deficiencies and residual risks. We assist clients obtain interim authority to operate (IATO) as well as full certification and accreditation (C&A).

Top           Contact Us

Risk Assessment - G&B's security risk assessment projects include a review of logical access controls, media controls, system auditing, data integrity validation controls, LAN/WAN perimeter security controls review, and an assessment of identification and authentication methods. We conduct Technical Vulnerability Assessments (TVA) using either a departmental Risk Assessment methodology (if one exists) or our own. G&B develops TVA Rules of Behavior, research techniques and vulnerability identification methods, and Risk Assessment Tables (RAT) and Threat Assessment Tables (TAT) for the purpose of visually communicating threat and risk relationships to client management. G&B also develops mitigation plans for resolving deficiencies. We perform our security assessments in accordance with the National Security Agency Infosec Assessment Methodology (NSA IAM), the National Information Assurance Certification and Accreditation Process (NIACAP) or the DoD Information Technology Security Certification and Accreditation Process (DITSCAP), and the Draft NIST Special Publication 800-37, “Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems.”

Top           Contact Us

Contingency Planning/Disaster Recovery - G&B develops new or reviews existing disaster recovery plans including escalation procedures, defined responsibilities, and response times given for each type of disaster event. Our contingency planning includes research and recommendations for backup systems and strategies, Incident Response Team (IRT) development, and establishment of procedures for the possibilities of an outbreak of a computer or system virus or any emergency that may affect the availability of the systems, including a natural disaster.

Top           Contact Us

Intrusion Detection/Virus Protection - In today's world, every government entity must vigilantly protect itself from hackers and intruders gaining unauthorized access into its IT systems. G&B provides technical support for intrusion detection and virus protection as well as policy and procedure review and development for incorporating these activities into continuous security management processes. Our investigative processes have included using packet sniffers, reconstruction monitors, configuration port testers, security knowledge base queries and intrusive investigation tools and techniques.

Top           Contact Us

Audits and Monitoring - G&B provides comprehensive audits and monitoring to ensure the availability and integrity of systems and data, personnel, and compliance (e.g., OMB A-130, HIPAA, GISRA/FISMA). G&B reviews and develops strategies for all employees and contractor personnel whose duties involve accessing computer systems; system design, development or maintenance; or handling of sensitive information in hardcopy or computerized form. These strategies specifically address policies, procedures, and mechanisms for disseminating information on security awareness and training, automated information access control, and accountability of operations.

Top           Contact Us

System Test & Evaluation - G&B performs tests and evaluations of systems and application security and develops and reviews strategies that address the safeguards required based on the nature of the data processed. G&B identifies the risk and size of loss or harm that could result from improper operation or deliberate manipulation of the system, application, or data. Our security evaluations include, but are not limited to distributed processing environments, networks, and critical systems and applications.

Top           Contact Us