Overview
EES supports government-wide security efforts through a holistic approach that prioritizes security actions based on risk management. By using risk management as the guiding framework, security efforts are focused on the areas having the most impact on protecting mission-critical systems and data. Our approach focuses both on maintaining security compliance and conducting a risk-based form of continuous monitoring to detect and close vulnerabilities before an incident or breach occurs. This dual focus and parallel approach provides our clients with a method to protect systems and data, meet compliance requirements, lower risk, and reduce costs by using risk management to focus limited security resources in the areas having the most impact.
The principles we follow in our approach to Information Systems Security (ISS) are in line with the Certified Information Systems Security Professional (CISSP) domain areas as outlined by the International Information System Security Certification Consortium (ISC)².
The principles we follow in our approach to Information Systems Security (ISS) are in line with the Certified Information Systems Security Professional (CISSP) domain areas as outlined by the International Information System Security Certification Consortium (ISC)².
DOMAIN AREAS SUPPORTED
Security & Risk ManagementEES ensures that access to assets is authorized and restricted based on business and security requirements related to logical and physical systems. We provide support in the development of mechanisms that work to create security architecture to protect the assets of information systems.
|
Asset SecurityComputer networks are one of the most vulnerable components. Making secure communication channels over a network is critical to any agency. EES provides the availability, integrity and confidentiality of within the network structures, transmission methods, transport formats and security measures.
|
Security Architecture & EngineeringIn harmony with the NIST Risk Management Framework, EES supports its customers in the development, documentation and implementation of policies, standards, procedures and guidelines of the organization's information assets.
|
Communications & Network SecurityEES Program and Project management teams understands the controls needed in the development of system and application software, which is reflected in the exceptional support provided by our software architects, engineers, developers and more.
|
Identity & Access ManagementEES provides support to government's needs and methods for disguising information to ensure its integrity, confidentiality and authenticity in harmony with agency encryption policies.
|
Security Assessment & TestingEES understands how to employ the fundamental logical hardware, operating system, and software security components needed for designing and securing needed systems and programs.
|
Security OperationsEES has supported the Department of Homeland Security in providing the Logical Access Authorization Control Service (LAACS), a key initiative in implementing the Homeland Security Presidential Directive 12 (HSPD-12) logical network access control requirements.
|
Software Development SecurityEES understand the vital importance of continuity for the operations of critical systems in the face of major disruptions to normal business operations and has provided such support to its customers.
|
See who are our customers |
Our contract vehicles |
Do business with us |