Strategy
Megadata Technology strives to provide exceptional and unparalleled services and solutions that ensure every client receives proven processes and procedures. By providing end-to-end visibility and clearly defined accountability, we maximize the value of all resources by building trusted partnerships that leverage the strengths of all parties involved.
Creativity
Megadata Technology develops and implements trusted systems for data access, assurance and dissemination that utilize advanced technology solutions. MDT’s core services are diverse, but each one provides rapid, trusted deliverables to secure your information, your knowledge and ultimately your power.
Technology
Megadata’s agility and utilization of advanced technology, and customized services ensures that your company receives the cyber security, information technology and telecommunication solutions in the required timeframe.
Our Core Services
Cyber Security
Megadata Technology identifies physical, technical and administrative security weaknesses in cyber security programs by utilizing trusted techniques in observation, documentation review, testing and interviews. MDT provides recommendations and mitigations for cyber security guidance compliance that adheres to a common architecture and maximizes the use of conventional/unconventional and security services. MDT’s cyber security services include:
- HIPAA/HITECH Compliance
- Security Programs Assessments & Establishment
- Physical Security Assessments
- Risk Assessment & Risk Management
- Assessment & Authorization (NIST/DoD RMF)
- Defense-in-Depth Architecture
- Configuration Management
- Vulnerability Assessment, Mitigation, & Management
- Life-Cycle Management
- Security Testing and Evaluation
- Security Engineering
- Incident Detection, Reporting, & Response
- Disaster Recovery/Business Continuity Plans or COOP
- Developing security requirements in accordance with Federal and National guidance, to include Best Business Practices (BBP)
- Cyber Security Awareness Training
- Rapid Assessments – Independent verification and validation (IV & V) based upon government and industry standards
Security Engineering
Megadata Technology assists in the security hardening of software and hardware in accordance with federal, national, Department of Defense and the best business practices of databases, operating systems, web servers, routers, switches, VoIP and wireless technologies.
Risk Assessment & Mitigation
Megadata Technology conducts risk assessment, analysis mitigation and management for:
- Risk Assessment
- Collection of data
- Identifying existing & non-existing controls
- Risk analysis
- Identify vulnerabilities
- Identify potential undesirable results
- Associate vulnerabilities with affected assets
- Identify risk-reducing countermeasures
Assist in the management of mitigation plans for:
- Identifying the budgetary impact related to the acceptance, avoidance or transfer
- Assign priority to budgeting, implementation and maintaining countermeasures.
Defense-In-Depth Architecture
Megadata Technology assists in recommending and implementing defense-in-depth architecture solutions for firewalls, encryption, content checking, source authentication, intrusion detection, access control, secure protocols and auditing.
Security Testing & Evaluation:
Megadata Technology provides security testing and evaluation to create comprehensive reports and recommendations that utilizes a range of security auditing tools, including:
- Retina – SCCVI (Secure Configuration Compliance Validation Initiative) – Network scanner for printers, network devices, workstations, & servers
- Nessus – ACAS (Assured Compliance Assessment Solution) – Identifies configuration vulnerabilities
- RSA Archer – vulnerability trend analysis
- AppDetective – Database scanner for SQL, Sybase, MySQL, Oracle, DB2, and Informix
- Fortify – Application source-code scanner
- CA-Examine – Mainframes ACLs (Top Secret, ACF2, and RACF)
- VMware vCenter Configuration Manager – virtual and physical server environments
- SCAP (compliance checker) – vulnerability management, measurement, and policy compliance evaluation
- Web Inspect – Web Servers scanner for multiple web services
- SQLMap – SQL injections flaws
- NMap – Port, Protocol and Service Scanner
- Threat Secutor Prime – FDCC Compliance
- Host Base Security System (HBSS) – continuous monitor
- DISA Security Readiness Reviews (SRRs) Scripts
- Manual checks utilizing DISA Security Technical Implementation Guides & Checklists
Physical Security
Megadata Technology provides trusted assistance for unique physical security measures. These include:
- Defining the value of data to information owner (What’s most valuable to you?).
- Defining and assigning physical security requirements based upon federal, national and Department of Defense standards, including best business practices (BBP).
- Conducting physical security assessment, including collecting data through observation, documentation review, and interviews and identifying existing and non-existing physical controls.
- Assist in mitigating vulnerabilities by providing risk-reducing countermeasures.
- Validating already implemented risk-reducing countermeasures.
Risk/Threat/Vulnerability Management
Megadata Technology provides assistance in managing risks, threats and vulnerabilities by developing RTV management systems and uploading and maintaining assets in Vulnerability Management Systems (VMS).
MDT also manages risks, threats and vulnerabilities by ensuring the acknowledgement and compliance of US Cyber Command (USCYBERCOM), Information Assurance Vulnerability Alerts (IAVAs), Communication Tasks Orders (CTOs) and Warning Orders (WARNORD).
Security Policy Management
Megadata Technology develops policies and procedures in accordance with federal, national, Department of Defense and best business practices (BBP) to address:
- Communication security for emails, VoIP, wireless and VPNs
- Operation security for laptops, workplaces, telecommuters, backups, incident responses, business continuity/disaster recovery and security classification guides (SCG)
- Personnel security for privileged users and user usage agreements
- Training and awareness
- Physical security for visitors and maintenance
IT Security Audit/Regulatory Compliance
Megadata Technology performs its Cyber Security (CS) operations and support services in accordance with the following overarching governances, policies, guidance, and regulations:
National Security Directives
Homeland Security Presidential Directives
Office of Management and Budget Circulars
Federal Information Security Management Act of 2002 (FISMA)
Committee on National Security Systems (CNSS)
NIST Special Publication 800 series
DoD
NSA
The processes by which we utilize to gain your compliancy:
DoD RMF
FISMA
NIST
Privacy Impact Analysis (PIA)
Privacy Threshold Assessment (PTA)
Sarbanes-Oxley (SOX)
Gramm-Leach-Bliley Act (GLBA)
HIPAA Security
Telecommunication
Megadata can also assist with various telecommunication needs such as:
- Premise wiring and complete infrastructure design
- Wireless technology implementation and site surveys
- Satellite communication engineering
- Audio/Visual support
- Earth and Ground station physical security
Compliance
Megadata Technology performs certification and accreditation support in accordance with NIST and DIACAP. MDT’s assessment and authorization are in accordance with:
- Executive Order 12333
- P.L. 100-235 (Computer Security Act of 1987)
- Guide for the Security Certification & Accreditation of Federal Information Systems—NIST SP 800-37
- National Security Decision Directive 298 (1988)
- National Security Directive 42 (NSD-42) (July 5, 1990)
- NSTISSP 11 (January 2000)
- Executive Order 13231
- Office of Management and Budget, OMB Circular A-130 (January 28, 2000)
- E- Government Act of 2002
(Federal Information Security Management Act)
(December 17, 2002)
Assessment and Authorization Process:
- NIST – 800-53 rev4
- DoD RMF – DoDI 8510.01
Program/Acquisition Management Support
- Earn Value Management
- Risk Management
- Issue Management
- Project Management
Eight Security Components
These components represent the core technical foundation for Megadata’s strategic security approach for our clients.