U.S. Government

Solution Helps Protect Sensitive Data and Demonstrate Compliance with Federal Security Mandates


Download PDF

About U.S. Government

We announced our agreement to provide a large federal agency with a solution for monitoring, measuring and reporting on the effectiveness of their security controls. We will help this federal agency achieve compliance with federal regulations including the Federal Information Security Management Act (FISMA) and the U.S. Government Configuration Baseline (USGCB) standard while enabling the agency to improve data security.

Challenge

We partnered with MED Trends, Inc.—an information technology systems integrator and a CVE Certified Service-Disabled Veteran Owned Small Business—to provide the knowledge, skills, technology and support required by this large federal agency. With over 6,500 servers and up to 150,000 desktops in their environment, this agency needs a scalable, flexible and reliable security and compliance management solution to ensure data protection and address regulatory requirements.

Our Solution

Comprising the following products, our solution intelligently audits and reports on server and desktop security configurations, while automating compliance and security processes to address the most significant security problems this federal agency faces:

  • Secure Configuration Manager®: Provides out-of-the-box assessment capabilities to rapidly generate compliance reports, identify non-compliant systems and track exceptions. Delivered with the Security Content Automation Protocol (SCAP) module, Secure Configuration Manager generates compliance reports using the National Institute of Standards and Technology (NIST)-defined and SCAP-based reporting formats, supports USGBC across Windows and performs standardized UNIX assessments.
  • Aegis®: Delivers automated workflow capabilities for security and compliance processes, bringing control and automation to IT Operations and Security departments, reducing workload, shortening time to compliance and providing superior process documentation.

Results

In conjunction with our products, MED Trends is implementing complementary components to support the agency's requirements. A Common Control Framework will map controls across federal regulations and frameworks, linking policy to technical standards. A presentation engine will deliver management reporting and risk-based dashboards to enable rapid identification of high-risk areas and review and prioritize areas of non-compliance. "As a CMMI Level II certified and an ISO 9001:2008 registered company, MED Trends brings proven capabilities to the project for this large federal agency," stated Kevin Spivey, President, MED Trends, Inc.

"Ensuring data protection, while meeting compliance requirements, is daunting for federal agencies—both from a resource and cost perspective," noted Ron Hardy, vice president of Product Management and Marketing. "Our goal is to alleviate this burden for this large federal agency by architecting a more scalable and mature security and compliance program. With the combined technology and services that we deliver with MED Trends, we will help control the cost of compliance reporting, reduce organizational risk and protect the agency's critical infrastructure and the data it houses."

Government

United StatesNorth America

  • Ensuring data protection
  • Identification of high-risk areas

Let's Talk


Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Director
Press & Analyst Relations

Phone: (713) 418-5368
Email: amy.sachrison@netiq.com