Security Operations
Security Operations
The information systems and applications of today are highly complex and will continue to become more sophisticated. It takes a deep understanding of the evolving cyber landscape and the different threat vectors to respond quickly and precisely to targeted attacks. Our team of expert cyber analysts and engineers will help your organization or Security Operations Center (SOC) to identify, protect, detect, respond, and recover from cyber incidents.
Governance, Risk, & Compliance
Governance, Risk, & Compliance
Governance, Risk, & Compliance (GRC) is a challenging integration balancing act that yields substantial benefits when properly executed. A well-implemented GRC program can realize reduced costs, enhance information sharing and synchronization, as well as increase efficiency in operations. We tailor our approach by combining the appropriate technologies with the organization’s unique requirements. At TIC we strive to bring these benefits to both our commercial and our Federal clients.
Security Testing
Security Testing
When it comes to keeping your systems secure, conducting vulnerability assessments and penetration tests are vital. Security testing identifies weaknesses in your systems before they become severe issues. Neglecting security testing can result in service interruptions and security breaches, which can end up costing exponentially more than the expenses required to identify the problems up-front. TIC will help you protect your company’s reputation, prevent exposure of sensitive information, and remain compliant with security requirements.
Data and Application Security
Data and Application Security
Often neglected, data and application security is an area that requires increasingly more attention. TIC uses a risk-based, strategic and preventative, approach to data and application security. We perform critical risk assessments to identify the threat vectors and existing vulnerabilities. While developers are correcting defects, we implement additional layers of security to safeguard your data and applications from cyber-attacks. Since the environments and threats are constantly changing, TIC utilizes continuous monitoring, secure development, and adherence to best practices to protect your infrastructure.
Cloud Integration
Cloud Integration
IT Infrastructure Services
TIC Security offers an assortment of IT foundation benefits that help the most recent improvements in cloud, diagnostic, and versatile innovations. Our system and administration work area arrangements depend on industry best models, including the Project Management Institute’s (PMI) Project Management Body of Knowledge (PMBOK)®, IT Infrastructure Library (ITIL) practices for IT Service Management (ITSM), and Capability Maturity Model Integration (CMMI) approaches to process improvement. We consolidate these demonstrated practices with our corporate experience to bring our clients an adaptable IT condition that can become in view of developing needs and mission necessities.
TIC Security is pleased with its history of keeping up 99.999% uptime for the greater part of its operations and support ventures, while growing advances, process efficiencies, and asset viability through accepted procedures and repeatable procedures. We support our customers at different levels of operations and upkeep, including patch administration, setup administration, virtualization with OS solidifying, and significantly more.
Cloud Integration
Cloud integration is a form of systems integration delivered as a cloud service that addresses data, process, Service-Oriented Architecture (SOA), and application integration use cases. Virtualization and cloud computing brings new administration and cost management challenges. At TIC Security, we have extensive experience and training that allows us to gather information needed and perform any necessary analysis and planning to ensure a smooth, effective and efficient transition to a virtual environment.
Our aggressive approach involves working with our costumers closely to identify the areas where virtualization/cloud computing will be a great fit for your organization. In order to make sure our customers are completely satisfied, we conduct detailed planning efforts when executing the migration. This allows organizations to take advantage of new platforms and technologies.
Mobility
Mobility
TIC understands that the growing demand for immediate accessibility to information can be intimidating for agencies and businesses to meet. The use of mobile devices offers increased flexibility, usability and reliability, which have not existed in the past. These innovations are becoming the standard, mobility is no longer a luxury but a necessity. TIC’s experts in Enterprise Mobility Management (EMM) will deliver an end-to-end IT service solution that will fit the needs of your business.
Though there are countless benefits to developing and integrating a mobility strategy into your business model, you must simultaneously expand your security system to prevent breaches in your network. TIC can enhance your data processing while concurrently ensuring full protection against cyber-attacks. With our extensive background in security, we keep our clients connected securely.
Data Center
Data Center Information Management
TIC Secure is a leader for deploying Data Center Infrastructure Management, (DCIM). Data center infrastructure management (DCIM) represents any set of tools (including software programs as well as hardware devices in the form of computer parts, drives, cables, etc.) that help organize and manage the information stored in a data center. An example of DCIM is the Equinix data storage facility in Ashburn, VA. One large customer of Equinix is Wikipedia which needs access to immediate data around the world for millions.
The energy required to organize and store large amounts of data can be used with greater efficiency if the infrastructure of that data is carefully and appropriately managed— DCIM represents a class of products and services designed to assist the growing global demand for the electronic storage of information. That includes devising more efficient ways to store and access electronic data or turning the air conditioners of a data center on or off as needed to prevent servers from overheating and failing (a facilities management area).
Full DCIM "deployments" may involve specialized software, hardware, and sensors. The rapid evolution of the DCIM marketplace has helped create several associated data center performance management and measurement metrics, including industry standard metrics like Power usage effectiveness, CUE, and Data Center Energy Productivity as well as vendor-driven metrics such as PAR4 (server power usage) and Datacenter predictive modeling.
Application Dev.
Application Development
With an increased use of mobile devices comes an increased industry demand for mobile applications (apps). Apps make it easier to connect with customers, boost your branding, and can be used as a very effective marketing tool to develop business. Regardless of the reason an app needs to be created, we find that mobile User Interface (UI) design is crucial in app development. Whether it is making the app easy to navigate through, meeting compliance, or increasing efficiency with data storage and transfer, TIC designs with the User in mind.
Windows
Windows Deployment
In-place Upgrade
TIC staffs experienced upgrade professionals who will ensure a smooth transition to Windows 10 without having to wipe and reload devices. Whether you are upgrading existing Windows 7, Windows 8 or Windows 8.1 devices directly to Windows10, TIC will be able to deliver quality deployments.
TIC is well versed in the deployment of the New Windows 10 system. Our Information Technology professionals can provide you with design, security, installation, FISMA testing and certifications, assuring that all systems work in perfect harmony.
Dynamic Provisioning
TIC provides dynamic provision of all your devices in a right-out-of-the-box design which reduces your cost and complexity of large-scale deployments.
Windows 10 provides new deployment capabilities, scenarios, and tools by building on technologies introduced in Windows 7, and Windows 8.1, while at the same time introducing new Windows capabilities as service concepts to keep the operating system up to date. Together, these changes require you to rethink the traditional deployment process. Learn more
FICAM
Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance
Homeland Security Presidential Directive -12 (HSPD-12) established an initiative to secure access to Federal Government networks and facilities by mandating the use of interoperable, secure Personal Identity Verification (PIV) cards. Until OMB11-11 many of the Agency/Manufacturers had different adoption paths of the standards. Now, with the updates of Special Publication (SP) 800-116 SP800-73-4, SP140-2,FIPS 201-2, F/ICAM, and directive A130, the cards are maturing as is the standardization of deploying all systems to utilize the card. The different cards have several versions, but the basic validation is becoming universal.
- The Personal Identity Verification Credential is commonly known as the "PIV". PIVs are issued to all Federal Government employees and most contractors. The PIV is uses a PKI token or a CAK token.
- The Common Access Card, commonly known as the "CAC," is issued to all DoD employees and contractors. The CAC will start including the card authentication key to all their cards. This will allow for wireless reads of the credential. Currently, to be compliant with the directive, DOD must utilize the PKI Key to gain access to DOD resources.
- The Derived Credential must be considered as a viable alternative to the PIV card. The Derived Personal Identity Verification Credential, or SP 800-63-2, is a new standard or method of placing certificates/tokens of the physical card on a mobile device for using Near Field Communication (NFC) to communicate with the card reader. The derived token is tied directly to the PKI of the PIV credential, meaning that if the PIV is invalidated the derived will be invalidated.
- The Transportation Workers Identity Credential, commonly known as the "TWIC," which is required by TSA for individuals who are authorized to enter most seaport terminals and energy facilities, must conform to the PKI/CAK ability by 2023.
Key features of this system include support for full PIV lifecycle management of identities and credentials, customizable workflow, Integration with PKI Infrastructure, Integration with a number of GSA APL certified biometric devices to support enrollment, production, finalization and issuance, Integration with HR systems, and Integration with various Physical Access Control Systems (PACS) and Logical Access Control Systems (LACS). Another key element of HSPD-12 is the mandate for a "secure tamper-proof credential" which can be "rapidly verified electronically." To support electronic verification by a PIV Reader, the PIV is equipped with electronic digital certificates that are based on public key infrastructure (PKI), Digital Signature, Card Authentication Key (CAK), and others. The certificates then complete a cryptographic challenge/response, PKI for contact readers or CAK for contactless readers and utilize a:
- Single Factor – PKI or CAK
- Two Factor – PKI, PIN or CAK, PIN
- Three Factor – PKI, PIN, BIO or CAK, PIN, BIO
These certificates are the basis for secure electronic transactions and they can be used to establish trust in both the card and the cardholder. Any access system that does not make use of the PKI or CAK certificates is vulnerable to attack by counterfeit, copied or cloned PIV Cards. Systems with PIV Readers that do not provide PKI/CAK functionality are not FIPS 201-2 compliant.” The TIC PIV is an enterprise HSPD-12 Personal Identity Verification Credentialing solution that complies with NIST FIPS 201-2, SP800-116, Sp800-63-2, SP800-140-2, SP800-157 and Directive A130. TIC is experienced in design, installation, management and maintenance of systems that meet the GSA APL PIV federal standards. We deliver these compliant systems in a cost effect manner using the F/ICAM guidelines to deliver an innovative and cost-effective ICAM solution.
FICAM
TIC specializes in implementing the Identity and Access Management (ICAM), as well as Federal/Identity and Access Management (F/ICAM), ePACS to combine PACS and LACS that utilize an IA system, or other large security and infrastructure programs in both the public and private sectors. TIC can assist by measuring your organization's readiness to deploy systems that follow the F/ICAM standards and assure our clients of a vendor-neutral F/ICAM strategy.
Awards
TIC SECURITY 2016 IDENTIV Dealer of the Year
“The FICAM initiative presents a great opportunity for system integrators like TIC who specialize in providing and installing physical access control systems to government agencies and facilities,” said Derek Radoski, TIC President. “Because of the complexity and scope of FICAM deployments, we wanted to partner with the solutions provider who offered not only the best technology and performance but one we knew we could trust for the long term with our important customers. No one fit that bill better than Identiv, whose Hirsch product has served the U.S. government for 35 years.” “The Hirsch FICAM Velocity solution from Identiv offers the high-security and reliability for which Hirsch is famous for, and is the most cost-effective, easiest to install and upgrade, and fastest performing FICAM solution on the market,” added Mr. Radoski. “It is clearly the best choice for TIC as an integrator, and for every government agency seeking a secure, reliable, FICAM Compliant solution.” Identiv’s APL-certified Hirsch government FICAM solution is available immediately.
IDENTIV
- IDENTIV named the “Best Integrated System for HSPD-12 and FIPS 201 Compliance” by American Security Today
- IDENTIV Named “Best Physical Logical Privileged Access Management Solution” by Government Security News
- IDENTIV Named “Best Access Control Hardware” by Government Security News To learn more, please visit www.identiv.com/ficam
Physical Access
Physical Access Control Systems (PACS)
TICs expertise in controlling the access of staff, visitors and the general public on site is only part of what an Access Control system can provide today.
Access control systems can also provide:
- Protection of equipment
- Biometric Integration
- Alarm monitoring – intruder, duress and or plant
- Tracking of personnel around a site
- Auditing capability
- Induction and licensing verification
- Visitor management recording
- Integration with CCTV systems
- Database integration such as payroll
- Role Based Attribute, (RBA) integration
- Mustering reports in case of an emergency
- Access limitation such as a room that requires a minimum of 2 people in the room when the room is occupied.
- Alarm system integration
- Area Partitioning
- Many others
TIC Secure can design, install, service and maintain the access control solutions that’s right for you. Ranging from a single door to hundreds of doors, tailoring a solution to best suit your needs. Whether you are a small commercial premise, large multi-site organization or anything in between.
Cloud Based PACS solutions
TIC’s Cloud-based computing or Access Control as a Service (ACaaS) is designed to meet the demand for lower cost and higher performance security. Using a cloud-based system has advantages of lower initial install cost, lower add on costs such as a single door facility in another state/country, and easy management from mobile devices, to name a few.
Cloud-based computing is designed for those companies that desire Access Control but do not want management of a traditional PACS. A cloud-based system is the best solution for most companies who want to sell their widget or services.
TIC Secure is the industry leader in self-managed and maintained Access Control Systems. By working with clients and working as a consultant, our ability to work with the end users through unbiased suggestions has made TIC an award-winning company for design, implementation, install, and life cycle management/service for installed PACS.
An installed PACS allows the client to manage their own access control system without the ongoing monthly management fee. Onsite PACS provides the ability to change programming and monitor situations at a moment’s notice. Whether the need is to track an employee, monitor alarms, or view a complete integration of CCTV, the Onsite PACS is a good option for those that desire to own their system.
Video Surveillance
IP Video Surveillance
Having deployed over 20,000 IP video channels TIC can help you whether you need one IP camera or a completely integrated security system, we provide excellent pricing and support. This includes everything from the camera lens to the network switch and computer systems for recording the video. TIC provides technical advice and consulting that assures that you purchase exactly the right IP camera system.
IP camera systems include not only the cameras, they also include the video recording system, camera lenses, enclosures, network switches and PoE injectors, surge protectors, and analytic software. They may also integrate with IP door access control and IP Intercoms.
Mega-Pixel cameras, (a version of IP cameras) allow for fewer cameras to cover the same area with greater resolution. As the Mega-Pixel cameras have started to mature we can assist you in selecting the proper camera for the environment it will be placed in. At TIC we consider the balance of higher resolution with Pictures Per Second and the amount of storage space required.
Intrusion Detection
Intrusion Detection Systems
At TIC when we design an intrusion detection system (IDS), or intrusion prevention system (IPS), our goal is to send out intrusion detection experts that understand and listen to your needs. We believe it is crucial to set up each system with a certified monitoring company that has the ability to protect you 24/7, utilizing only the best UL certified monitoring service to ensure that your location is monitored and protected against:
- Fires
- Floods
- Burglary
- Freezer Malfunctions
- Electrical Management
- Elevator Phones
- And many other exigencies that may apply to your company/agency
TIC designs may include integrated video cameras with the IDS or the IPS as well as specialty devices such as temperature monitoring, air volume monitoring, sound detectors and many others. We will send a design expert who listens to your needs and desires and they will come up with a design that fulfills your needs for 24/7protection.
SCIF UL2050
SCIF UL2050 Certification
TIC CRZH Certificate CRZH-BP10301
TIC possesses a UL2050 certification by Underwriters Laboratory (UL) as an approved provider of National Industrial Security Systems for USG and affiliated contractors. A specialty of TIC is compliance with ICD-705. ICD-705 encompasses Sensitive Compartmented Information Facility (SCIF), which is the U.S. Department of Defense term for a secure room.
A SCIF can be a secure room or data center that guards against electronic surveillance and suppresses data leakage of sensitive security and military information. SCIFs are used to deny unauthorized personnel, such as foreign intelligence services or corporate spies, the opportunity for undetected entry into facilities for the exploitation of sensitive documents/activities. A SCIF may deploy compliant Intrusion Detection Systems and Physical Access Control Systems which are governed by ICD-705 and must be monitored by a UL2050 certified monitoring center.
TIC’s Protection meets all SCIF requirements
- ICD 705
- IC Technical Specification
- UL 2050
- DCID 6/9 (superseded by ICD 705)
- DCID 1/21 (superseded by DCID 6/9)
- DIA Manual 50-3 (superseded by DCID 1/21)
- TEMPEST (When required)
- NSA Specifications 65-6 and 73-2a
- NACSIM 5230
- STC 50, Sound Group 4
- Various other government agency directives and specifications
X10 and Electronic Locks
The latest Kaba Mas high-security safe lock is the newly designed next generation X-10. X-10 was developed as a direct result of the latest government revisions to specifications FF-L-2740. This specification is the government’s highest security standard for container locks and doors. A major revision to this specification is the creation of a Style 1 and Style 2 lock. The X-10 has been awarded the distinction of being approved for Style 1 applications. X-10 literature states, “Style 1 and Style 2 locks are not equal. The X-10 is the only self-contained lock and clearly represents the best overall value. The style 2 lock requires batteries and batteries require a maintenance schedule.”
Program Management
Project Management Office
There are several key elements that must be present for a program to run efficiently and successfully. Whether your goal is based on a budget, productivity or compliancy, quality Program Management is key. We work with our clients to set performance standards, and continuously track projects through completion to surpass expectations.
A program rarely starts and ends without changes occurring for one reason or another. Our experience with various clients and programs has helped us develop effective problem-solving processes. When faced with an unexpected change, TIC adjusts quickly, identifies the best course of action for the situation and implements a solution before mission-oriented functions experience a delay.
Acquisition
Acquisition
We strive to develop and execute the optimal strategy for our Federal clients’ acquisitions, pulling from our extensive knowledge and experience of cost price analysis, contract management and the close out or termination of contracts.
We work together with government agencies and other contractors to assist with any government acquisition operations. We are proficient in all aspects of acquisition and excel at planning, management, and implementation. TIC has contracting knowledge in the following areas: Information Management, Research and Development, Construction, and Telecommunications.
Adjudication
Adjudication
PIV Credential
Protecting and keeping government assets secure, such as facilities, computers, or information systems, are fundamental responsibilities of government employees. To ensure consistent implementation across the federal government, Homeland Security Presidential Directive12 (HSPD-12) was enacted in 2004. The HSPD-12 directive led to FIPS 201-1 and now FIPS 201-2 compliance requirements which provide for a new standardized federal identity credential that is designed to enhance security, reduce identity fraud and protect the personal privacy of that issued government identification.
The GSA HSPD-12 Managed Service Office (MSO) established the USAccess program as an efficient way for Federal agencies to issue common HSPD-12 approved credentials to their employees and contractors. You will receive a USAccess credential if your agency has elected to participate in the USAccess Program. The PIV credential may be referred to as a different name within your agency because some agencies have opted to re-brand their program and credential. Different names include but are not limited to LincPass, Smart Card, and CAC card.
GSA is the executive agent responsible for managing the government-wide acquisition of information technology to implement FIPS 201-2. GSA HSPD-12 Managed Service Office (MSO) provides federal agencies with interoperable identity management and credentialing solutions. These solutions include providing end-to-end services to enroll applicants, issue credentials, and manage the lifecycle of these credentials.
The MSO procedure to receive a PIV credential is 9 steps:
- Applicant data is entered into the USAccess System
- Applicant receives an email invitation to enroll
- Applicant schedules an Enrollment appointment online
- Applicant attends Enrollment appointment as scheduled
- Agency completes a background check of the applicant
- Applicant receives email that the credential is ready for pick up and to make an appointment to activate the credential
- Applicant schedules an Activation appointment online
- Applicant attends the appointment and activates the credential
- Credential is now ready for use
*Detailed information of this process can be found www.fedidcard.gov
Once the credential is issued and activated it is then managed by individual agencies. USAccess completes the adjudication of the individual and maintains the life cycle management of the credential.