SlideShare a Scribd company logo

I&AM Presentation Outlines Identity Access Management Capabilities

Download as PPTX, PDF
R
Richard (Dick) Kaufman

A Non-Confidential Slide Deck for CSR-Support and its dba Cyber Support Solutions. We have a proprietary solution to stop Data Breaches and allow personal liberties from the same computer terminal.

Technology
1 of 38
1 With dba Cyber Support Solutions Identity and Access Management (I&AM) A Presentation of our Capabilities to: Stop Data Breaches Allow Personal Liberties Reduce Costs Be in Compliance. A Non-Confidential Presentation January 5, 2016 * Confidential information has been removed or redacted.
HEADQUARTERS AND FACILITY Currently we are planning to move to a new facility in a Marietta, GA Opportunity and HUBZone (see below). This location brings with it State and Federal financial and competitive advantages. Here we will be set up to comply with the American Disabilities Act (ADA), and Government FISMA and other related security requirements. 2
VETERANS WITH DISABILITIES MAKE GREAT CYBER SECURITY & SUPPORT PERSONNEL CSR employs physically Disabled Veterans, to be our Cyber Security Investigators with Security Clearances, because if you accommodate for a Veteran's disability, he or she will stay with you longer, become more expert at their job, earn a better wage, and because of this longer experience provide superior services to our clients. Secondly, Disabled Veteran are more cognizant of the impact of data breaches. Perhaps their disability was caused by the enemy finding out certain information that was to be a better kept secret? 3 We also offer a Remote Agent option, for home bound and trained Disabled Veteran Cyber Security Investigators. Our Cybersecurity solution provides the same high level of protection against data breaches at home, as if the Veteran was working from a secure government facility or in our offices.
OUR EXPERIENCED MANAGEMENT TEAM ***Mostly U.S. Military Veterans*** Richard (Dick) Kaufman - CEO, Owner & Disabled Veteran with 30+ years experience in Customer Support , Telecom Systems & Services, Information Technology and Entrepreneurism. Past clients include Fortune 10 companies and major Government entities. Mr. Kaufman is also an accredited Expert Witness for State and Federal litigations. Mark Collins - EVP Operations & Veteran – 17 years in Customer Support implementing, developing and managing groups delivering technical support and help desks services. 4
EXPERIENCED MANAGEMENT TEAM (cont.) Bart Falzarano – CIO, has over 20 years of experience in technology, banking and federal regulatory compliance across multiple industries such as financial services, government, engineering consulting and nuclear technology and operations. And he has strong Governance, Risk Management and Compliance (GRC) background and expertise across various frameworks including ISO27001, ITIL, CFR FDA, OCC, DOJ, NIST SP800, PCI DSS, HIPAA, NRC, INPO, etc. 5
ADVISORS Dr. Jon Anton – Veteran – 30+ years experience in Customer Support , plus an adjunct Professor and Director of benchmark research at the Center for Customer-Driven Quality at Purdue University. Robert Deitz, II – Veteran – 30+ years of experience with a Top Secret Security Clearance. He has worked with government agencies including OSD, NSA, DHS, State Department, DOJ, CENTOM, SOCOM, DCMA, Joint Staff, Commerce, and the DOE. For government agencies he has assisted in developing and modifying information assurance programs to adapt to new technologies and business processes. For manufacturers he has helped them to comply with government requirements such as NIAP, FIPS, IPv6, Section 508, and others. Mr. Deitz has the experience and knowledge needed to help guide our efforts in Cyber Security and best allow us to offer needed solutions and services to the Federal Government. 6
Management team members have a minimum of 15 years of experience in INFOSEC, IT, Telecom and CRM. Clients or employers include Mellon Bank, Citicorp, N.A., AT&T, Stratix, Bell South, GE Power, Hewlett Packard, NYC Housing Auth. Police & Emergency Services, General Motors, Walz, Endymion, & Blue Cross Blue Shield. STRATEGIC PARTNERS & MANAGEMENT TEAM PAST PERFORMANCE 12 years of experience with scalable, cost-effective IP video monitoring and playback over a network. Clients include US Air Force, US Army, Lockheed, US Coast Guard, and Boeing. Has very significant experience developing, testing, and fielding complex solutions in a variety of commercial industries and government organizations using a wide variety of technology tools. Examples include a comprehensive portfolio management system for a prominent global private equity firm, a flexible data interchange application for one of the world’s largest vehicle transporters, a complex human resources system for a European defense ministry under a DISA/US Army contract, and a productivity management system used by Microsoft, Symantec, Computer Associates, and others. In regulatory environments, TIG is has delivered programs that meet all mandates and restrictions, while developing optimal solutions. The TIG team has developing database architectures for effective data mining with advanced techniques in data presentation, for flexible and scalable web-based solutions. 7 Has 15 year of data compliance experience with the DOL, FDA, DHHS, FL DOH and AMEX addressing NIST 800 series, FISMA, HIPAA, FISCAM, ISO 17799, Sarbanes-Oxley, Policy development, Certification & Accreditation and others.
We are in Compliance (1 of 2) To make certain that everything we do is in compliance with all rules and regulations, we have retained the services of Leneer Data Assurance Solutions. Robert Lester and his team are an integral part of our operations and will continue to monitor and report on all activities regarding compliance from system and procedural design to continuous operations. 1. Understanding that a law exists that requires the use of a CAC (Common Access Card) and password be part of any multifactor authentication "(ii) something you have (e.g., cryptographic identification device, token)”, we will accommodate this factor as a component of our solution after we have biometrically authenticated a user. 2. It is also stated in HSPD-12 ".... Multifactor authentication requires the use of two or more different factors to achieve authentication. Since our modification of a notebook computer has the effect of creating a “cryptographic identification device” ("(ii) something you have…) ) we believe that we have solved the problem of getting rid of the expensive and ill performing CAC and password as part of any multifactor authentication procedure. Our next step will be to convince the National Institute of Standards and Technology (NIST) to accept this explanation. 8
9 We are in Compliance (2 of 2) 3. Compliance with NIST SP 800-53 Rev 5 (updated 08/07/2015) – We continue to monitor and address upgrades to NIST regulations. 4. Cybersecurity Strategy Implementation Plan (CSIP) (10/30/2015) – in compliance a. Calls for all agencies to “....improve the identity and access management of user accounts on Federal information systems to drastically reduce vulnerabilities and successful intrusions.“ b. Can provide best and equal data breach protection for cloud based hosting or on- site server applications. 5. National Archives and Records Administration (NARA): a. No current schedule exists for storage of screens and keystroke activity. b. Will keep all data (minimum of 6 years) or till the agency and NARA agree to a schedule 6. Storage of classified information to Level 6 (Secret): a. Since we do not know in advance the level of the data we are capturing, we can store all data as Secret (Level 6) b. We accommodate for Level 6 data on site, or at a contracted for Level 6 certified site. 9
10 WE REDUCE COSTS (Page 1 of 2) 1. Our solutions makes for safe Tele-working, therefore increased mobility and productivity. 2. Since Tele-working lowers capital cost (building, cubicle) and recurring (electricity, water, utilities, insurance) costs. It also makes for generally happier employees, reducing turnover and hiring costs. 3. Our solutions allows the agency to reduce costs by safely moving applications into the cloud which results in an overall higher level of security with lower infrastructure costs. 4. Currently, when a government contractor is hired to help with applications, many government agencies have to purchase & provide special access terminals for these contractors. With our solution the outside contractor will use his existing notebook computer. 5. Notebook computers get old and applications require more processing power. In our environment a user’s access device (the notebook computer) operates on applications inside of a VDI session on a secure server. The processing speed of the notebook is no longer an issue while the properly equipped servers of today have faster processors and graphic accelerators to make processing speed faster, than that could normally be done on a local PC. Essentially, the higher speed processing power has been moved to the server and the user’s notebook does not need to be improved upon, again saving money by lengthening the life of the existing notebook computer.
11 WE REDUCE COSTS (Page 2 of 2) 6. We can eliminate the need for the expensive use of personal identity verification (PIV or CAC) cards. Our solution is more reliable , reduces the average time for authentication, and allows for more user productivity. 7. Our solutions identify questionable activities by users in real-time and issue alerts or terminate a session immediately. The computer driven alert provides cause that a user may need to be monitored closer. These computer alerts therefore limit the number of persons to be investigated instead of the more costly way of investigating everyone all the time. 8. InfoSec departments have had to increase staff and use outside contractors to identify vulnerabilities / holes and patch these same holes. By using our subscription services, for users who have a need to access data and applications on a confidential server, the problems of finding holes and then patching them is dramatically reduced if not eliminated. 9. It could be argued that more people will be needed when we identify and stop persons who are seeking to do us harm. If we detect questionable events that need further investigation the agency will need to conduct more staff to investigate - Not so. Our investigators all have the appropriate security clearances and can be used on a on-demand to assist agencies when problems develop. Our rates are lesser than the agency’s own staff costs. A CSI (Cyber Support Investigator) can be hired by the hour with no long term contract. 10. Lost and stolen CAC cards present a security risk, which itself leads to costly responses. A card-not- present approach completely eliminates this possibility. 11
12 Flaws in Biometric Authentication Facial Recognition: 1. Is the camera looking at a live face or a picture of the authorized user?  The system can recognize that some of the metrics are changing, such as xxxxxxxxxxxxxxxxxxx. 2. Are there obstructions that mask the measurable points for recognition like long hair, a telephone handset or large sun glasses?  The user knows that it is advantageous to make sure there is nothing blocking facial metrics, because it would cause additional time for authentication. 3. Is there sufficient lighting to quantify the distances between facial points?  The user knows that it is advantageous to make sure there is sufficient lighting because if not, it would cause additional time for authentication. 12
13 Flaws in Biometric Authentication Voice Recognition: 1. Was a recording played that is exactly the same as when the user was initially registered in the system?  During the log in we ask the user to make a unique sign in, such as the current date and time: "This is Bob logging in Monday, June 22nd at 14:00". 2. A users voice varies from day to day, and also may sound different when under stress or sick. 3. Some users do not like or want to speak sufficiently loud, especially in a public location, like in a airport waiting lounge or public library.  A finger print reader could be an alternative to voice, if the user expects to spend lots of time in these kinds of public spaces. 4. Accents are at times difficult to distinguish as being unique to a specific person.  The same accent could give more than one person a high score. 5. Background Noise can effect accuracy making it difficult to distinguish the users voice. 13
14 Flaws in Biometric Authentication Fingerprint Recognition: 1. Not all government issued notebook computers (our recommended terminal) have finger print readers. 2. Some users do lots of work with their hands and their fingerprints become worn down over time. 3. Certain nationalities have a finger print that is finer others, making it difficult to distinguish properly. 4. A good fingerprint can be hampered by dirt or oils. 14
15 Initial Biometric Authentication The Initial biometric authentication uses a minimum of 2 Factors (Facial and Voice or Fingerprint): 1. Since facial, voice and fingerprint recognitions are not correlated; if a bad guy could be accepted on one of two recognitions, the odds of being accepted on two recognitions go down by many magnitudes. Equally the odds of being accepted by two recognitions increases the level of security also by magnitudes. 2. Because security increases by magnitudes when two biometrics are used, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, making it faster and easier to achieve recognition without significantly adding any additional risk. 3. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 98% + of legitimate authentications take no longer than 5 to 8 seconds. 15
16 The Third Biometric Authentication Factor CONFIDENTIAL REDACTED 16
RECOMMENDED TERMINAL FOR SECURE ACCESS AND PERSONAL LIBERTIES • We adjust the user’s government issued standard notebook computer (Confidential) so that the user can have an encrypted VPN tunnel into a confidential and secure host VDI . • We Continuously Monitor, Control and Record all activities in the secure session. This session requires low bandwidth and can accommodate significant latency (Confidential). • The user is allowed complete personal liberties on the same terminal, without causing a data breach (Confidential). A Standard Notebook computer with: • Camera for facial recognition, • Finger print reader and / or microphone for second biometric recognition, • Fast Dual Biometric Authentication with 95%+ accuracy. • If Dual Biometric Authentication does not confirm user then a Third Biometric Factor (Confidential) is used for 100% accuracy and validation. 17
REGISTRATION FOR MULTI-FACTOR BIOMETRIC AUTHENTICATION AND AUTHORITIES PROFILE 1. After the user’s terminal has been adjusted (Confidential) he or she must be registered in our system (Confidential). Registration can take place from anywhere at any time (Confidential). 2. As part of registration we will also establish a behavioral profile. During future sessions we look for changes that may give us cause to send out an alert (Confidential) . 3. The collected biometric information will now be used for automated 2 Factor Biometric Authentication. 4. If automated 2 Factor biometric authentication fails, a Third Biometric Authentication Factor, will be used (Confidential) to confirm or reject Authentication. 5. Lastly, the CSI will contact the designated Agency Security Officer to confirm in writing the users Authentication Profile, and add the users authorities, to then be programmed into our control database. 18
COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting THREE FACTOR AUTHENTICATION: 3) The User is now asked to authenticate via finger print reader, voice and/or camera (facial) for Automatic Two Factor Biometric Authentication. If Automatic Authentication fails then a Proprietary Third Biometric Factor (Confidential) is implemented to be the final arbitrator that will accept or reject the user. Internet 2) Internet Connectivity Established 4) Upon Successful Authentication (Login), a Secure AES-256 bit Encrypted VPN Tunnel is established through the Cyber Support Solutions Central Server to the Government Host VDI session (Confidential). 5) In a few seconds the workstation user or remote agent (AGENT 12) gains access to the Government’s Host VDI Secure Server and its authorized applications. 6) Once the user is online, Desktop screens are pushed to the workstation from the Government Host VDI. The user’s activity (screens and keystrokes), from this point onward, are monitored, controlled and recorded, based on the authorized user’s profile (Confidential). COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting 19 1) Workstation is powered up and seeks a Wired or Wireless Network (Confidential) , to connect with Authentication and Continuous Monitoring, Control and Recording Server
After 3 factor authentication we continue to monitor, control, record and look for attempts to violate given authorities with the subsequent generation of Alerts. Details are removed in this non-confidential slide deck. AFTER THREE FACTOR BIOMETRIC AUTHENTICATION AND ENCRYPTED ACCESS TO THE SECURE VDI SERVER 20
21 AUTOMATIC ALERTS PROVIDE “CAUSE”: 1. We automatically and continuously monitor a secure session looking for “Cause”. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 2. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 3. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 4. These Alerts provide an automatic and objective reason to look further at a user, as a cost effective alternative to the very expensive approach of continuously monitoring everyone WITHOUT CAUSE. Alerts may also be considered legal CAUSE to investigate further.
22 TELE-WORKING WITH CONFIDENTIAL AND SECRET INFORMATION Our solution improves on the performance of a user when traveling or away from his or her office, working on secret or confidential information. The details of how we accomplish this has been removed from this non-confidential slide deck.
23 IDENTIFY CHANGES IN BEHAVIOR IN REAL-TIME (1): We identify changes in behavior in real-time, seeking to determine if a user has undergone changes that may cause harm to others (i.e. Edward Snowden and Andreas Lubitz, the Co-Pilot of the Germanwings airplane). All items regarding how and what we identify in behavioral changes, have been removed from this non-confidential slide deck.
24 IDENTIFY CHANGES IN BEHAVIOR IN REAL-TIME (2): All items regarding how and what we identify in behavioral changes, have been removed from this non-confidential slide deck.
A MONITORING WORKSTATION AT CSS 20 Workstations Shadowed with 19 logged into a VDI and one off line Managers desktop and 2 Shadowed desktops that are Shadowing 8 others each. 25
24/365 REMOTE DESKTOP MONITORING Monitoring can be done locally or remotely wherever there is an internet connection. The Client can choose to do all live monitoring by themselves or contract with CSS personnel, having Security Clearances, to do live monitoring based on set parameters. This screen shot is a place holder. It will have this plus a screen close up that is being monitored. 26
RECORDING AND PLAYBACK In the world of Customer Service Representatives (CSR) the recording of an agent’s screen and voice and their playback is a normal part of their training and the quality control process. This capability can also be used to improve on the work performance of government workers. Furthermore, this CSS recording capability generates an audit trail of all end user activities and provides for legal support against any misuse of agency resources. On March 14, 2014: “U.S. intelligence officials are planning a sweeping system of electronic monitoring that would tap into government, financial and other databases to scan the behavior of many of the 5 million federal employees with secret clearances…”. “…Intelligence officials have long wanted a computerized system that could continuously monitor employees, in part to prevent cases similar to former National Security Agency analyst Edward Snowden. His disclosures bared secretive U.S. surveillance operations…”. CSS’s capabilities, as presented herein, directly address what U.S. intelligence officials want (above) for a lesser cost than what the government currently spends. 27
RECORDER PLAYBACK OVER CLIENT PORTAL 28
AUG. 7, 2015 - FEDERAL SYSTEMS INTEGRATOR IN CYBERSECURITY FOR IBM AUGUST 18, 2015 A BUSINESS PARTNER OF IBM AUGUST 26, 2015 IBM PRESENTED OUR SERVICE TO 30 IBM ACCOUNT REP’S. OCTOBER 19, 2015 IBM BEGAN TO PROMOTE A PILOT PROGRAM TO DHS FOR US. 29 We have agreed to became a Federal Systems Integrator and Business Partner to IBM, for our proprietary and most advanced Cybersecurity services and signed the appropriate documents. In this relationship: 1. Our computer platform will be relocated to their two “Government Only” FedRAMP data centers, ASAP for servicing their government clients. 2. CSR-CSS can also service their own Federal Government clients from here. 3. IBM will also promote our services as part of selling their own services. 4. CSR will also resell IBM’s “Bare Metal” hosting and other products & services. 5. IBM, will include CSR in their bidding on a $5 billion appropriation in Continuous Diagnostics & Mitigation (CDM) where $1+B will be for “Identify and Access Management” (our specialty) for the Dept of Homeland Security (DHS). 6. IBM will also try to get us added on to existing contracts they have with DHS. 7. IBM has offered us additional assistance in many other areas.
OUR FEDRAMP CLOUD NETWORK SOLUTION 30
31 OUR CLOUD NETWORK PLATFORM FOR ENCRYPTED TUNNEL ACCESS BY FEDERAL GOVERNMENT CLIENTS • Our monitoring, controlling, analysis and recording servers will be in IBM’s most advanced FedRAMP data centers in both Ashburn, VA and Richardson, TX. • These FedRAMP data centers are designed to meet all Federal Security and other requirements: − FedRAMP 2.0 − Agency ATO with the FCC − NIST SP 800-53 − FISMA Moderate/DISA Impact Level 1-2 − SOC 2 Type II/SSAE 16 − HIPAA and PCI-DSS compliant − 99.999% High Availability − Centralized Management − Secure AES-256 bit Encrypted VPN Tunnel Usage • The above two FedRAMP data centers, are for US Government usage only, and are inter- connected by leased fiber with no bandwidth sharing.
32 OUR CLOUD NETWORK PLATFORM FOR ENCRYPTED TUNNEL ACCESS BY COMMERCIAL CLIENTS • Our authentication, monitoring, controlling, analysis and recording capabilities for commercial customers are located in multiple data centers (for redundancy) within IBM’s growing network of 38+ commercial data centers and network nodes in Asia, Europe, South America, Australia and the US. This latter data centers are interconnected network and also use IBM leased and dedicated optical fiber (no bandwidth sharing), to achieve the lowest latency for our commercial clients who seek our Access and Identity Management services from anywhere in the world. • Furthermore these IBM commercial data centers are also designed to offer many additional features for access to our services including: − SSL and PPTP VPN access via Amsterdam, Atlanta, Dallas, Houston, San Jose, Seattle, Singapore & Washington DC − Encrypted secure access to a client host server’s VDI sessions via AES-256 bit Encrypted tunnels − Port data speeds from 100 Mbps to 10 Gbps for access to our clients secure VDI sessions − 99.999% High Network Availability with 7 x 24 maintenance support.
India China Tokyo Hong Kong Singapore Melbourne Seattle San Jose Los Angeles Mexico City Denver Chicago Dallas Houston Toronto Montreal BRAZIL New York City Washington D.C. Miami London Frankfurt Amsterdam Paris Sydney Atlanta THE CYBER SUPPORT SOLUTION’S (CSS) GLOBAL FOOTPRINT Secure Government Workloads can be hosted in IBM SoftLayer’s (2) FedRAMP data centers, or in their own data centers with CSS support. Non- government servers can be located in 38 other IBM fiber interconnected data centers or in their own data centers, also with CSS support. 33
SUMMARY - SUBSCRIPTION SERVICE OFFERING INCLUDES: 34 1. 3 Factor Biometric Authentication 24 x 365 globally (Proprietary & Cost Saving). 2. After passing authentication all activities in a secure VDI session are automatically continuously monitored, analyzed, controlled and recorded (Proprietary). 3. After passing authentication the user is given access to only pre-authorized applications, with control use of files and other capabilities (Proprietary). 4. Attempts at unauthorized activities, automatically cause ALERTS to be sent to be sent to SOC officials - (Proprietary). 5. The behavior of the authenticated person is analyzed in real-time to determine if there has been a change from the users base-line behavior pattern to one where we determine if the changed behavior may be harmful to others (Proprietary). 6. Automatic ALERTS also provide "CAUSE" to monitor a user closer instead of indiscriminately monitoring every user – a cost saving feature. 7. After authentication all recorded session activity can be played back by authorized personnel (the Client’s SOC officer or our CSI’s) – a cost saving feature. 8. An agency can order 1 or a thousand subscriptions, with no long term commitment, to test our services – a cost saving feature. 9. CSS can contract to provide Cyber Security Investigators (CSI’s), with appropriate security clearances on an as-needed basis, thereby reducing full-time staff needs, plus associated costs and personnel responsibilities – a cost saving feature.
35 SILOS – SMALL SUPPORT CENTERS WITH LOWEST FEDERAL AUTHORIZED WAGES • CSS’s technology considers all users, even in our headquarters site, as Remote Workers. • By using our screen, voice and CCTV capabilities we can create a Silo (a small support center) in small towns or areas with high unemployment rates (a HUB Zone), where the lowest approved government wage rates exist. It goes without saying that these Silos could also be within government facilities. • Management control and training at Silos are accomplished remotely from the CSS “Principal Office”, utilizing the same techniques of screen shadowing / monitoring / recording, listening to business related phone calls, and using whisper coaching. One-on- one training is conducted using the camera in the notebook computer alongside, a standard 27” LCD monitor. • Other CCTV cameras and microphones can also be used for group training, supervision and general observations. • Using the above technique for a pending client, we may have an opportunity to locate a Silo in a Kentucky coal mining town, where the mine has shut down. • This capability allows us to grow most cost effectively (in HUBZone and Opportunity zones) and locate support groups near clients.
36 CSR-SUPPORT LLC & CYBER SUPPORT SOLUTIONS FOUNDED BY THE TELECOMMUNICATIONS CONSULTANCY CSR-Support and its dba Cyber Support Solutions was founded by the Telecommunication Consultancy. This company has been providing its consulting services for over 30 years (www.TelConsultancy.com). Past clients include: • The City Of New York and its Housing Authority (police force of 2,700+, emergency services for over 3.5 million residents and all other administrative functions. • The Federal Communications Commission and the State of Louisiana for a Rural Health Care Network. • Other non-government entities to include General Motors, AT&T, and Dreyfus / Mellon Bank among numerous others. Mr. Kaufman, the Managing Director and owner, is also an Expert Witness, Founder and Past President of the Society of Communications Technology Consultants International.
Contact information 37 Richard N. (Dick) Kaufman - POC • Office Direct…770-628-0211 • Mobile………..770-309-9678 • Email………….RNK@CSR- Support.com • GSA Schedule 70 (GS-35F-0437V)* • 8(a) certification* * In partnership with Exalt Integrated Technologies, LLC
QUESTIONS? NEXT STEPS? 38

Recommended

Final Project
Final ProjectFinal Project
Final ProjectPamela R. Gist
 
My Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinMy Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinDavid Bustin
 
Pci compliance without compensating controls how to take your mainframe out ...
Pci compliance without compensating controls how to take your mainframe out ...Pci compliance without compensating controls how to take your mainframe out ...
Pci compliance without compensating controls how to take your mainframe out ...Ulf Mattsson
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric OverviewCenturic
 
Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.David Bustin
 
Data Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyData Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyNetwork Intelligence India
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Erik Ginalick
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 

Recommended

Final Project
Final ProjectFinal Project
Final ProjectPamela R. Gist
 
My Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinMy Risk Assessment and Mitigation Strategy by David Bustin
My Risk Assessment and Mitigation Strategy by David BustinDavid Bustin
 
Pci compliance without compensating controls how to take your mainframe out ...
Pci compliance without compensating controls how to take your mainframe out ...Pci compliance without compensating controls how to take your mainframe out ...
Pci compliance without compensating controls how to take your mainframe out ...Ulf Mattsson
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric OverviewCenturic
 
Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.Case Problem for Global Finance, Inc.
Case Problem for Global Finance, Inc.David Bustin
 
Data Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyData Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyNetwork Intelligence India
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Erik Ginalick
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
 
Dlp notes
Dlp notesDlp notes
Dlp notesanuepcet
 
Apani PCI-DSS Compliance
Apani PCI-DSS ComplianceApani PCI-DSS Compliance
Apani PCI-DSS ComplianceApani Enterprise Security Software
 
The cost of downtime
The cost of downtimeThe cost of downtime
The cost of downtimeBillyHosking
 
With-All-Due-Diligence20150330
With-All-Due-Diligence20150330With-All-Due-Diligence20150330
With-All-Due-Diligence20150330Jim Kramer
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Tyrone Grandison
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! EMC
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperBen Rothke
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for DummiesLiberteks
 
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentSimplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentEngine Yard
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
"Compliance First" or "Security First"
"Compliance First" or "Security First""Compliance First" or "Security First"
"Compliance First" or "Security First"Anton Chuvakin
 
ZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-houseZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-houseZyLAB
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
Skip a meal campaign
Skip a meal campaignSkip a meal campaign
Skip a meal campaignJacy Wachira
 
Fundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuelaFundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuelamariaelenalarcon
 

More Related Content

What's hot

Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
 
The cost of downtime
The cost of downtimeThe cost of downtime
The cost of downtimeBillyHosking
 
With-All-Due-Diligence20150330
With-All-Due-Diligence20150330With-All-Due-Diligence20150330
With-All-Due-Diligence20150330Jim Kramer
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Tyrone Grandison
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! EMC
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperBen Rothke
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for DummiesLiberteks
 
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentSimplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentEngine Yard
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
"Compliance First" or "Security First"
"Compliance First" or "Security First""Compliance First" or "Security First"
"Compliance First" or "Security First"Anton Chuvakin
 
ZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-houseZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-houseZyLAB
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 

What's hot (20)

Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)
 
Dlp notes
Dlp notesDlp notes
Dlp notes
 
Apani PCI-DSS Compliance
Apani PCI-DSS ComplianceApani PCI-DSS Compliance
Apani PCI-DSS Compliance
 
The cost of downtime
The cost of downtimeThe cost of downtime
The cost of downtime
 
With-All-Due-Diligence20150330
With-All-Due-Diligence20150330With-All-Due-Diligence20150330
With-All-Due-Diligence20150330
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore! Your Data Center Boundaries Don’t Exist Anymore!
Your Data Center Boundaries Don’t Exist Anymore!
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White Paper
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for Dummies
 
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentSimplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS Environment
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLP
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Group
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdf
 
"Compliance First" or "Security First"
"Compliance First" or "Security First""Compliance First" or "Security First"
"Compliance First" or "Security First"
 
ZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-houseZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB White Paper - Bringing e-Discovery In-house
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 

Viewers also liked

Skip a meal campaign
Skip a meal campaignSkip a meal campaign
Skip a meal campaignJacy Wachira
 
Fundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuelaFundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuelamariaelenalarcon
 
Bootstrapping a regional startup culture
Bootstrapping a regional startup cultureBootstrapping a regional startup culture
Bootstrapping a regional startup cultureImran Ali
 
Miri Piri Academy 2007-2009 Fundraising Campaign
Miri Piri Academy 2007-2009 Fundraising CampaignMiri Piri Academy 2007-2009 Fundraising Campaign
Miri Piri Academy 2007-2009 Fundraising CampaignSaraswati
 
The Future is already here
The Future is already hereThe Future is already here
The Future is already herehnzz pronk
 
Bloggen neben dem Job
Bloggen neben dem JobBloggen neben dem Job
Bloggen neben dem JobFrank Hamm
 
212 test
212 test212 test
212 testmoraal
 
Visita de Nadja a nuestro centro Catec
Visita de Nadja a nuestro centro CatecVisita de Nadja a nuestro centro Catec
Visita de Nadja a nuestro centro CatecNativapr
 
Busqueda en la internet
Busqueda en la internetBusqueda en la internet
Busqueda en la internetNativapr
 
À conversa com Eggy Lippmann
À conversa com Eggy LippmannÀ conversa com Eggy Lippmann
À conversa com Eggy Lippmannhipermedia2007
 
Info on Mauritius
Info on MauritiusInfo on Mauritius
Info on MauritiusMauritians
 
Petit accident
Petit accidentPetit accident
Petit accidentbrico64
 
Le sette virtù del giovane blogger
Le sette virtù del giovane bloggerLe sette virtù del giovane blogger
Le sette virtù del giovane bloggerCaterina Policaro
 

Viewers also liked (20)

Skip a meal campaign
Skip a meal campaignSkip a meal campaign
Skip a meal campaign
 
Fundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuelaFundamentos legales del teletrabajo en venezuela
Fundamentos legales del teletrabajo en venezuela
 
las tic en la educacion
las tic en la educacion las tic en la educacion
las tic en la educacion
 
Molibdeno
Molibdeno Molibdeno
Molibdeno
 
Bootstrapping a regional startup culture
Bootstrapping a regional startup cultureBootstrapping a regional startup culture
Bootstrapping a regional startup culture
 
Miri Piri Academy 2007-2009 Fundraising Campaign
Miri Piri Academy 2007-2009 Fundraising CampaignMiri Piri Academy 2007-2009 Fundraising Campaign
Miri Piri Academy 2007-2009 Fundraising Campaign
 
The Future is already here
The Future is already hereThe Future is already here
The Future is already here
 
Bloggen neben dem Job
Bloggen neben dem JobBloggen neben dem Job
Bloggen neben dem Job
 
Ítalía - Italy
Ítalía - ItalyÍtalía - Italy
Ítalía - Italy
 
212 test
212 test212 test
212 test
 
E-Business Maturity Model 2.0
E-Business Maturity Model 2.0E-Business Maturity Model 2.0
E-Business Maturity Model 2.0
 
La piedad
La piedadLa piedad
La piedad
 
Visita de Nadja a nuestro centro Catec
Visita de Nadja a nuestro centro CatecVisita de Nadja a nuestro centro Catec
Visita de Nadja a nuestro centro Catec
 
Busqueda en la internet
Busqueda en la internetBusqueda en la internet
Busqueda en la internet
 
Momentos de Descontração
Momentos de DescontraçãoMomentos de Descontração
Momentos de Descontração
 
À conversa com Eggy Lippmann
À conversa com Eggy LippmannÀ conversa com Eggy Lippmann
À conversa com Eggy Lippmann
 
SHA Bulletin 4 8-16
SHA Bulletin 4 8-16SHA Bulletin 4 8-16
SHA Bulletin 4 8-16
 
Info on Mauritius
Info on MauritiusInfo on Mauritius
Info on Mauritius
 
Petit accident
Petit accidentPetit accident
Petit accident
 
Le sette virtù del giovane blogger
Le sette virtù del giovane bloggerLe sette virtù del giovane blogger
Le sette virtù del giovane blogger
 

Similar to I&AM Presentation Outlines Identity Access Management Capabilities

Due by 11316 9pm PSTGiven the pieces of information provided i.docx
Due by 11316 9pm PSTGiven the pieces of information provided i.docxDue by 11316 9pm PSTGiven the pieces of information provided i.docx
Due by 11316 9pm PSTGiven the pieces of information provided i.docxsagarlesley
 
Michael Josephs
Michael JosephsMichael Josephs
Michael JosephsdaveGBE
 
Hdcs Overview Final
Hdcs Overview FinalHdcs Overview Final
Hdcs Overview Finalrjt01
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the CloudRapidScale
 
MatterPoint Overview
MatterPoint OverviewMatterPoint Overview
MatterPoint OverviewBob Rivas
 
Security_360_Marketing_Package
Security_360_Marketing_PackageSecurity_360_Marketing_Package
Security_360_Marketing_PackageRandy B.
 
Building the Global "Cloud 2"
Building the Global "Cloud 2"Building the Global "Cloud 2"
Building the Global "Cloud 2"Peter Coffee
 
VetsAmerica Vets GWAC Team Capabilities
VetsAmerica Vets GWAC Team CapabilitiesVetsAmerica Vets GWAC Team Capabilities
VetsAmerica Vets GWAC Team CapabilitiesVetsAmerica
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...IRJET Journal
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...Symantec
 
It Capabilities.2009
It Capabilities.2009It Capabilities.2009
It Capabilities.2009Diontealley
 
Innovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementInnovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementDiontealley
 
DevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps.com
 
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...Ignyte Assurance Platform
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for GovernmentsCloudMask inc.
 

Similar to I&AM Presentation Outlines Identity Access Management Capabilities (20)

Due by 11316 9pm PSTGiven the pieces of information provided i.docx
Due by 11316 9pm PSTGiven the pieces of information provided i.docxDue by 11316 9pm PSTGiven the pieces of information provided i.docx
Due by 11316 9pm PSTGiven the pieces of information provided i.docx
 
Michael Josephs
Michael JosephsMichael Josephs
Michael Josephs
 
Hdcs Overview Final
Hdcs Overview FinalHdcs Overview Final
Hdcs Overview Final
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the Cloud
 
MatterPoint Overview
MatterPoint OverviewMatterPoint Overview
MatterPoint Overview
 
Security_360_Marketing_Package
Security_360_Marketing_PackageSecurity_360_Marketing_Package
Security_360_Marketing_Package
 
Building the Global "Cloud 2"
Building the Global "Cloud 2"Building the Global "Cloud 2"
Building the Global "Cloud 2"
 
6 aproaches
6 aproaches6 aproaches
6 aproaches
 
VetsAmerica Vets GWAC Team Capabilities
VetsAmerica Vets GWAC Team CapabilitiesVetsAmerica Vets GWAC Team Capabilities
VetsAmerica Vets GWAC Team Capabilities
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...
IRJET- Proficient Public Substantiation of Data Veracity for Cloud Storage th...
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
 
Investor presentation2013
Investor presentation2013Investor presentation2013
Investor presentation2013
 
It Capabilities.2009
It Capabilities.2009It Capabilities.2009
It Capabilities.2009
 
Innovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementInnovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. Statement
 
Key Capibilities.pptx
Key Capibilities.pptxKey Capibilities.pptx
Key Capibilities.pptx
 
Investor Presentation
Investor PresentationInvestor Presentation
Investor Presentation
 
DevOps for Highly Regulated Environments
DevOps for Highly Regulated EnvironmentsDevOps for Highly Regulated Environments
DevOps for Highly Regulated Environments
 
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for Governments
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 

I&AM Presentation Outlines Identity Access Management Capabilities

  • 1. 1 With dba Cyber Support Solutions Identity and Access Management (I&AM) A Presentation of our Capabilities to: Stop Data Breaches Allow Personal Liberties Reduce Costs Be in Compliance. A Non-Confidential Presentation January 5, 2016 * Confidential information has been removed or redacted.
  • 2. HEADQUARTERS AND FACILITY Currently we are planning to move to a new facility in a Marietta, GA Opportunity and HUBZone (see below). This location brings with it State and Federal financial and competitive advantages. Here we will be set up to comply with the American Disabilities Act (ADA), and Government FISMA and other related security requirements. 2
  • 3. VETERANS WITH DISABILITIES MAKE GREAT CYBER SECURITY & SUPPORT PERSONNEL CSR employs physically Disabled Veterans, to be our Cyber Security Investigators with Security Clearances, because if you accommodate for a Veteran's disability, he or she will stay with you longer, become more expert at their job, earn a better wage, and because of this longer experience provide superior services to our clients. Secondly, Disabled Veteran are more cognizant of the impact of data breaches. Perhaps their disability was caused by the enemy finding out certain information that was to be a better kept secret? 3 We also offer a Remote Agent option, for home bound and trained Disabled Veteran Cyber Security Investigators. Our Cybersecurity solution provides the same high level of protection against data breaches at home, as if the Veteran was working from a secure government facility or in our offices.
  • 4. OUR EXPERIENCED MANAGEMENT TEAM ***Mostly U.S. Military Veterans*** Richard (Dick) Kaufman - CEO, Owner & Disabled Veteran with 30+ years experience in Customer Support , Telecom Systems & Services, Information Technology and Entrepreneurism. Past clients include Fortune 10 companies and major Government entities. Mr. Kaufman is also an accredited Expert Witness for State and Federal litigations. Mark Collins - EVP Operations & Veteran – 17 years in Customer Support implementing, developing and managing groups delivering technical support and help desks services. 4
  • 5. EXPERIENCED MANAGEMENT TEAM (cont.) Bart Falzarano – CIO, has over 20 years of experience in technology, banking and federal regulatory compliance across multiple industries such as financial services, government, engineering consulting and nuclear technology and operations. And he has strong Governance, Risk Management and Compliance (GRC) background and expertise across various frameworks including ISO27001, ITIL, CFR FDA, OCC, DOJ, NIST SP800, PCI DSS, HIPAA, NRC, INPO, etc. 5
  • 6. ADVISORS Dr. Jon Anton – Veteran – 30+ years experience in Customer Support , plus an adjunct Professor and Director of benchmark research at the Center for Customer-Driven Quality at Purdue University. Robert Deitz, II – Veteran – 30+ years of experience with a Top Secret Security Clearance. He has worked with government agencies including OSD, NSA, DHS, State Department, DOJ, CENTOM, SOCOM, DCMA, Joint Staff, Commerce, and the DOE. For government agencies he has assisted in developing and modifying information assurance programs to adapt to new technologies and business processes. For manufacturers he has helped them to comply with government requirements such as NIAP, FIPS, IPv6, Section 508, and others. Mr. Deitz has the experience and knowledge needed to help guide our efforts in Cyber Security and best allow us to offer needed solutions and services to the Federal Government. 6
  • 7. Management team members have a minimum of 15 years of experience in INFOSEC, IT, Telecom and CRM. Clients or employers include Mellon Bank, Citicorp, N.A., AT&T, Stratix, Bell South, GE Power, Hewlett Packard, NYC Housing Auth. Police & Emergency Services, General Motors, Walz, Endymion, & Blue Cross Blue Shield. STRATEGIC PARTNERS & MANAGEMENT TEAM PAST PERFORMANCE 12 years of experience with scalable, cost-effective IP video monitoring and playback over a network. Clients include US Air Force, US Army, Lockheed, US Coast Guard, and Boeing. Has very significant experience developing, testing, and fielding complex solutions in a variety of commercial industries and government organizations using a wide variety of technology tools. Examples include a comprehensive portfolio management system for a prominent global private equity firm, a flexible data interchange application for one of the world’s largest vehicle transporters, a complex human resources system for a European defense ministry under a DISA/US Army contract, and a productivity management system used by Microsoft, Symantec, Computer Associates, and others. In regulatory environments, TIG is has delivered programs that meet all mandates and restrictions, while developing optimal solutions. The TIG team has developing database architectures for effective data mining with advanced techniques in data presentation, for flexible and scalable web-based solutions. 7 Has 15 year of data compliance experience with the DOL, FDA, DHHS, FL DOH and AMEX addressing NIST 800 series, FISMA, HIPAA, FISCAM, ISO 17799, Sarbanes-Oxley, Policy development, Certification & Accreditation and others.
  • 8. We are in Compliance (1 of 2) To make certain that everything we do is in compliance with all rules and regulations, we have retained the services of Leneer Data Assurance Solutions. Robert Lester and his team are an integral part of our operations and will continue to monitor and report on all activities regarding compliance from system and procedural design to continuous operations. 1. Understanding that a law exists that requires the use of a CAC (Common Access Card) and password be part of any multifactor authentication "(ii) something you have (e.g., cryptographic identification device, token)”, we will accommodate this factor as a component of our solution after we have biometrically authenticated a user. 2. It is also stated in HSPD-12 ".... Multifactor authentication requires the use of two or more different factors to achieve authentication. Since our modification of a notebook computer has the effect of creating a “cryptographic identification device” ("(ii) something you have…) ) we believe that we have solved the problem of getting rid of the expensive and ill performing CAC and password as part of any multifactor authentication procedure. Our next step will be to convince the National Institute of Standards and Technology (NIST) to accept this explanation. 8
  • 9. 9 We are in Compliance (2 of 2) 3. Compliance with NIST SP 800-53 Rev 5 (updated 08/07/2015) – We continue to monitor and address upgrades to NIST regulations. 4. Cybersecurity Strategy Implementation Plan (CSIP) (10/30/2015) – in compliance a. Calls for all agencies to “....improve the identity and access management of user accounts on Federal information systems to drastically reduce vulnerabilities and successful intrusions.“ b. Can provide best and equal data breach protection for cloud based hosting or on- site server applications. 5. National Archives and Records Administration (NARA): a. No current schedule exists for storage of screens and keystroke activity. b. Will keep all data (minimum of 6 years) or till the agency and NARA agree to a schedule 6. Storage of classified information to Level 6 (Secret): a. Since we do not know in advance the level of the data we are capturing, we can store all data as Secret (Level 6) b. We accommodate for Level 6 data on site, or at a contracted for Level 6 certified site. 9
  • 10. 10 WE REDUCE COSTS (Page 1 of 2) 1. Our solutions makes for safe Tele-working, therefore increased mobility and productivity. 2. Since Tele-working lowers capital cost (building, cubicle) and recurring (electricity, water, utilities, insurance) costs. It also makes for generally happier employees, reducing turnover and hiring costs. 3. Our solutions allows the agency to reduce costs by safely moving applications into the cloud which results in an overall higher level of security with lower infrastructure costs. 4. Currently, when a government contractor is hired to help with applications, many government agencies have to purchase & provide special access terminals for these contractors. With our solution the outside contractor will use his existing notebook computer. 5. Notebook computers get old and applications require more processing power. In our environment a user’s access device (the notebook computer) operates on applications inside of a VDI session on a secure server. The processing speed of the notebook is no longer an issue while the properly equipped servers of today have faster processors and graphic accelerators to make processing speed faster, than that could normally be done on a local PC. Essentially, the higher speed processing power has been moved to the server and the user’s notebook does not need to be improved upon, again saving money by lengthening the life of the existing notebook computer.
  • 11. 11 WE REDUCE COSTS (Page 2 of 2) 6. We can eliminate the need for the expensive use of personal identity verification (PIV or CAC) cards. Our solution is more reliable , reduces the average time for authentication, and allows for more user productivity. 7. Our solutions identify questionable activities by users in real-time and issue alerts or terminate a session immediately. The computer driven alert provides cause that a user may need to be monitored closer. These computer alerts therefore limit the number of persons to be investigated instead of the more costly way of investigating everyone all the time. 8. InfoSec departments have had to increase staff and use outside contractors to identify vulnerabilities / holes and patch these same holes. By using our subscription services, for users who have a need to access data and applications on a confidential server, the problems of finding holes and then patching them is dramatically reduced if not eliminated. 9. It could be argued that more people will be needed when we identify and stop persons who are seeking to do us harm. If we detect questionable events that need further investigation the agency will need to conduct more staff to investigate - Not so. Our investigators all have the appropriate security clearances and can be used on a on-demand to assist agencies when problems develop. Our rates are lesser than the agency’s own staff costs. A CSI (Cyber Support Investigator) can be hired by the hour with no long term contract. 10. Lost and stolen CAC cards present a security risk, which itself leads to costly responses. A card-not- present approach completely eliminates this possibility. 11
  • 12. 12 Flaws in Biometric Authentication Facial Recognition: 1. Is the camera looking at a live face or a picture of the authorized user?  The system can recognize that some of the metrics are changing, such as xxxxxxxxxxxxxxxxxxx. 2. Are there obstructions that mask the measurable points for recognition like long hair, a telephone handset or large sun glasses?  The user knows that it is advantageous to make sure there is nothing blocking facial metrics, because it would cause additional time for authentication. 3. Is there sufficient lighting to quantify the distances between facial points?  The user knows that it is advantageous to make sure there is sufficient lighting because if not, it would cause additional time for authentication. 12
  • 13. 13 Flaws in Biometric Authentication Voice Recognition: 1. Was a recording played that is exactly the same as when the user was initially registered in the system?  During the log in we ask the user to make a unique sign in, such as the current date and time: "This is Bob logging in Monday, June 22nd at 14:00". 2. A users voice varies from day to day, and also may sound different when under stress or sick. 3. Some users do not like or want to speak sufficiently loud, especially in a public location, like in a airport waiting lounge or public library.  A finger print reader could be an alternative to voice, if the user expects to spend lots of time in these kinds of public spaces. 4. Accents are at times difficult to distinguish as being unique to a specific person.  The same accent could give more than one person a high score. 5. Background Noise can effect accuracy making it difficult to distinguish the users voice. 13
  • 14. 14 Flaws in Biometric Authentication Fingerprint Recognition: 1. Not all government issued notebook computers (our recommended terminal) have finger print readers. 2. Some users do lots of work with their hands and their fingerprints become worn down over time. 3. Certain nationalities have a finger print that is finer others, making it difficult to distinguish properly. 4. A good fingerprint can be hampered by dirt or oils. 14
  • 15. 15 Initial Biometric Authentication The Initial biometric authentication uses a minimum of 2 Factors (Facial and Voice or Fingerprint): 1. Since facial, voice and fingerprint recognitions are not correlated; if a bad guy could be accepted on one of two recognitions, the odds of being accepted on two recognitions go down by many magnitudes. Equally the odds of being accepted by two recognitions increases the level of security also by magnitudes. 2. Because security increases by magnitudes when two biometrics are used, xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, making it faster and easier to achieve recognition without significantly adding any additional risk. 3. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 98% + of legitimate authentications take no longer than 5 to 8 seconds. 15
  • 16. 16 The Third Biometric Authentication Factor CONFIDENTIAL REDACTED 16
  • 17. RECOMMENDED TERMINAL FOR SECURE ACCESS AND PERSONAL LIBERTIES • We adjust the user’s government issued standard notebook computer (Confidential) so that the user can have an encrypted VPN tunnel into a confidential and secure host VDI . • We Continuously Monitor, Control and Record all activities in the secure session. This session requires low bandwidth and can accommodate significant latency (Confidential). • The user is allowed complete personal liberties on the same terminal, without causing a data breach (Confidential). A Standard Notebook computer with: • Camera for facial recognition, • Finger print reader and / or microphone for second biometric recognition, • Fast Dual Biometric Authentication with 95%+ accuracy. • If Dual Biometric Authentication does not confirm user then a Third Biometric Factor (Confidential) is used for 100% accuracy and validation. 17
  • 18. REGISTRATION FOR MULTI-FACTOR BIOMETRIC AUTHENTICATION AND AUTHORITIES PROFILE 1. After the user’s terminal has been adjusted (Confidential) he or she must be registered in our system (Confidential). Registration can take place from anywhere at any time (Confidential). 2. As part of registration we will also establish a behavioral profile. During future sessions we look for changes that may give us cause to send out an alert (Confidential) . 3. The collected biometric information will now be used for automated 2 Factor Biometric Authentication. 4. If automated 2 Factor biometric authentication fails, a Third Biometric Authentication Factor, will be used (Confidential) to confirm or reject Authentication. 5. Lastly, the CSI will contact the designated Agency Security Officer to confirm in writing the users Authentication Profile, and add the users authorities, to then be programmed into our control database. 18
  • 19. COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting THREE FACTOR AUTHENTICATION: 3) The User is now asked to authenticate via finger print reader, voice and/or camera (facial) for Automatic Two Factor Biometric Authentication. If Automatic Authentication fails then a Proprietary Third Biometric Factor (Confidential) is implemented to be the final arbitrator that will accept or reject the user. Internet 2) Internet Connectivity Established 4) Upon Successful Authentication (Login), a Secure AES-256 bit Encrypted VPN Tunnel is established through the Cyber Support Solutions Central Server to the Government Host VDI session (Confidential). 5) In a few seconds the workstation user or remote agent (AGENT 12) gains access to the Government’s Host VDI Secure Server and its authorized applications. 6) Once the user is online, Desktop screens are pushed to the workstation from the Government Host VDI. The user’s activity (screens and keystrokes), from this point onward, are monitored, controlled and recorded, based on the authorized user’s profile (Confidential). COPYRIGHT © Bart Falzarano Consulting COPYRIGHT © Bart Falzarano Consulting 19 1) Workstation is powered up and seeks a Wired or Wireless Network (Confidential) , to connect with Authentication and Continuous Monitoring, Control and Recording Server
  • 20. After 3 factor authentication we continue to monitor, control, record and look for attempts to violate given authorities with the subsequent generation of Alerts. Details are removed in this non-confidential slide deck. AFTER THREE FACTOR BIOMETRIC AUTHENTICATION AND ENCRYPTED ACCESS TO THE SECURE VDI SERVER 20
  • 21. 21 AUTOMATIC ALERTS PROVIDE “CAUSE”: 1. We automatically and continuously monitor a secure session looking for “Cause”. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 2. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 3. xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 4. These Alerts provide an automatic and objective reason to look further at a user, as a cost effective alternative to the very expensive approach of continuously monitoring everyone WITHOUT CAUSE. Alerts may also be considered legal CAUSE to investigate further.
  • 22. 22 TELE-WORKING WITH CONFIDENTIAL AND SECRET INFORMATION Our solution improves on the performance of a user when traveling or away from his or her office, working on secret or confidential information. The details of how we accomplish this has been removed from this non-confidential slide deck.
  • 23. 23 IDENTIFY CHANGES IN BEHAVIOR IN REAL-TIME (1): We identify changes in behavior in real-time, seeking to determine if a user has undergone changes that may cause harm to others (i.e. Edward Snowden and Andreas Lubitz, the Co-Pilot of the Germanwings airplane). All items regarding how and what we identify in behavioral changes, have been removed from this non-confidential slide deck.
  • 24. 24 IDENTIFY CHANGES IN BEHAVIOR IN REAL-TIME (2): All items regarding how and what we identify in behavioral changes, have been removed from this non-confidential slide deck.
  • 25. A MONITORING WORKSTATION AT CSS 20 Workstations Shadowed with 19 logged into a VDI and one off line Managers desktop and 2 Shadowed desktops that are Shadowing 8 others each. 25
  • 26. 24/365 REMOTE DESKTOP MONITORING Monitoring can be done locally or remotely wherever there is an internet connection. The Client can choose to do all live monitoring by themselves or contract with CSS personnel, having Security Clearances, to do live monitoring based on set parameters. This screen shot is a place holder. It will have this plus a screen close up that is being monitored. 26
  • 27. RECORDING AND PLAYBACK In the world of Customer Service Representatives (CSR) the recording of an agent’s screen and voice and their playback is a normal part of their training and the quality control process. This capability can also be used to improve on the work performance of government workers. Furthermore, this CSS recording capability generates an audit trail of all end user activities and provides for legal support against any misuse of agency resources. On March 14, 2014: “U.S. intelligence officials are planning a sweeping system of electronic monitoring that would tap into government, financial and other databases to scan the behavior of many of the 5 million federal employees with secret clearances…”. “…Intelligence officials have long wanted a computerized system that could continuously monitor employees, in part to prevent cases similar to former National Security Agency analyst Edward Snowden. His disclosures bared secretive U.S. surveillance operations…”. CSS’s capabilities, as presented herein, directly address what U.S. intelligence officials want (above) for a lesser cost than what the government currently spends. 27
  • 28. RECORDER PLAYBACK OVER CLIENT PORTAL 28
  • 29. AUG. 7, 2015 - FEDERAL SYSTEMS INTEGRATOR IN CYBERSECURITY FOR IBM AUGUST 18, 2015 A BUSINESS PARTNER OF IBM AUGUST 26, 2015 IBM PRESENTED OUR SERVICE TO 30 IBM ACCOUNT REP’S. OCTOBER 19, 2015 IBM BEGAN TO PROMOTE A PILOT PROGRAM TO DHS FOR US. 29 We have agreed to became a Federal Systems Integrator and Business Partner to IBM, for our proprietary and most advanced Cybersecurity services and signed the appropriate documents. In this relationship: 1. Our computer platform will be relocated to their two “Government Only” FedRAMP data centers, ASAP for servicing their government clients. 2. CSR-CSS can also service their own Federal Government clients from here. 3. IBM will also promote our services as part of selling their own services. 4. CSR will also resell IBM’s “Bare Metal” hosting and other products & services. 5. IBM, will include CSR in their bidding on a $5 billion appropriation in Continuous Diagnostics & Mitigation (CDM) where $1+B will be for “Identify and Access Management” (our specialty) for the Dept of Homeland Security (DHS). 6. IBM will also try to get us added on to existing contracts they have with DHS. 7. IBM has offered us additional assistance in many other areas.
  • 30. OUR FEDRAMP CLOUD NETWORK SOLUTION 30
  • 31. 31 OUR CLOUD NETWORK PLATFORM FOR ENCRYPTED TUNNEL ACCESS BY FEDERAL GOVERNMENT CLIENTS • Our monitoring, controlling, analysis and recording servers will be in IBM’s most advanced FedRAMP data centers in both Ashburn, VA and Richardson, TX. • These FedRAMP data centers are designed to meet all Federal Security and other requirements: − FedRAMP 2.0 − Agency ATO with the FCC − NIST SP 800-53 − FISMA Moderate/DISA Impact Level 1-2 − SOC 2 Type II/SSAE 16 − HIPAA and PCI-DSS compliant − 99.999% High Availability − Centralized Management − Secure AES-256 bit Encrypted VPN Tunnel Usage • The above two FedRAMP data centers, are for US Government usage only, and are inter- connected by leased fiber with no bandwidth sharing.
  • 32. 32 OUR CLOUD NETWORK PLATFORM FOR ENCRYPTED TUNNEL ACCESS BY COMMERCIAL CLIENTS • Our authentication, monitoring, controlling, analysis and recording capabilities for commercial customers are located in multiple data centers (for redundancy) within IBM’s growing network of 38+ commercial data centers and network nodes in Asia, Europe, South America, Australia and the US. This latter data centers are interconnected network and also use IBM leased and dedicated optical fiber (no bandwidth sharing), to achieve the lowest latency for our commercial clients who seek our Access and Identity Management services from anywhere in the world. • Furthermore these IBM commercial data centers are also designed to offer many additional features for access to our services including: − SSL and PPTP VPN access via Amsterdam, Atlanta, Dallas, Houston, San Jose, Seattle, Singapore & Washington DC − Encrypted secure access to a client host server’s VDI sessions via AES-256 bit Encrypted tunnels − Port data speeds from 100 Mbps to 10 Gbps for access to our clients secure VDI sessions − 99.999% High Network Availability with 7 x 24 maintenance support.
  • 33. India China Tokyo Hong Kong Singapore Melbourne Seattle San Jose Los Angeles Mexico City Denver Chicago Dallas Houston Toronto Montreal BRAZIL New York City Washington D.C. Miami London Frankfurt Amsterdam Paris Sydney Atlanta THE CYBER SUPPORT SOLUTION’S (CSS) GLOBAL FOOTPRINT Secure Government Workloads can be hosted in IBM SoftLayer’s (2) FedRAMP data centers, or in their own data centers with CSS support. Non- government servers can be located in 38 other IBM fiber interconnected data centers or in their own data centers, also with CSS support. 33
  • 34. SUMMARY - SUBSCRIPTION SERVICE OFFERING INCLUDES: 34 1. 3 Factor Biometric Authentication 24 x 365 globally (Proprietary & Cost Saving). 2. After passing authentication all activities in a secure VDI session are automatically continuously monitored, analyzed, controlled and recorded (Proprietary). 3. After passing authentication the user is given access to only pre-authorized applications, with control use of files and other capabilities (Proprietary). 4. Attempts at unauthorized activities, automatically cause ALERTS to be sent to be sent to SOC officials - (Proprietary). 5. The behavior of the authenticated person is analyzed in real-time to determine if there has been a change from the users base-line behavior pattern to one where we determine if the changed behavior may be harmful to others (Proprietary). 6. Automatic ALERTS also provide "CAUSE" to monitor a user closer instead of indiscriminately monitoring every user – a cost saving feature. 7. After authentication all recorded session activity can be played back by authorized personnel (the Client’s SOC officer or our CSI’s) – a cost saving feature. 8. An agency can order 1 or a thousand subscriptions, with no long term commitment, to test our services – a cost saving feature. 9. CSS can contract to provide Cyber Security Investigators (CSI’s), with appropriate security clearances on an as-needed basis, thereby reducing full-time staff needs, plus associated costs and personnel responsibilities – a cost saving feature.
  • 35. 35 SILOS – SMALL SUPPORT CENTERS WITH LOWEST FEDERAL AUTHORIZED WAGES • CSS’s technology considers all users, even in our headquarters site, as Remote Workers. • By using our screen, voice and CCTV capabilities we can create a Silo (a small support center) in small towns or areas with high unemployment rates (a HUB Zone), where the lowest approved government wage rates exist. It goes without saying that these Silos could also be within government facilities. • Management control and training at Silos are accomplished remotely from the CSS “Principal Office”, utilizing the same techniques of screen shadowing / monitoring / recording, listening to business related phone calls, and using whisper coaching. One-on- one training is conducted using the camera in the notebook computer alongside, a standard 27” LCD monitor. • Other CCTV cameras and microphones can also be used for group training, supervision and general observations. • Using the above technique for a pending client, we may have an opportunity to locate a Silo in a Kentucky coal mining town, where the mine has shut down. • This capability allows us to grow most cost effectively (in HUBZone and Opportunity zones) and locate support groups near clients.
  • 36. 36 CSR-SUPPORT LLC & CYBER SUPPORT SOLUTIONS FOUNDED BY THE TELECOMMUNICATIONS CONSULTANCY CSR-Support and its dba Cyber Support Solutions was founded by the Telecommunication Consultancy. This company has been providing its consulting services for over 30 years (www.TelConsultancy.com). Past clients include: • The City Of New York and its Housing Authority (police force of 2,700+, emergency services for over 3.5 million residents and all other administrative functions. • The Federal Communications Commission and the State of Louisiana for a Rural Health Care Network. • Other non-government entities to include General Motors, AT&T, and Dreyfus / Mellon Bank among numerous others. Mr. Kaufman, the Managing Director and owner, is also an Expert Witness, Founder and Past President of the Society of Communications Technology Consultants International.
  • 37. Contact information 37 Richard N. (Dick) Kaufman - POC • Office Direct…770-628-0211 • Mobile………..770-309-9678 • Email………….RNK@CSR- Support.com • GSA Schedule 70 (GS-35F-0437V)* • 8(a) certification* * In partnership with Exalt Integrated Technologies, LLC

Editor's Notes

  1. IBM Build out 2 Datacenters exclusively for Federal Customers They are connected via Dark Fiber All bandwidth in-between the two datacenters is free on our private network. With 80% of Federal customers going into Hybrid Cloud, this is really a differentiator for us.
  2. IBM Build out 2 Datacenters exclusively for Federal Customers They are connected via Dark Fiber All bandwidth in-between the two datacenters is free on our private network. With 80% of Federal customers going into Hybrid Cloud, this is really a differentiator for us.
  3. Show the size of IBM’s global fiber network. We have a huge Global Footprint that touches nearly every corner off the globe. Traffic between all our datacenters is included, so if you are setting up a D/R Environment, you aren’t billed for any of that data transfer. As part of this $1.2 Billion Dollar Build out - - transition - - Global Footprint 13 Datacenters across three continents Only Cloud provider in the world with a global internet backbone 17 Network POPs including all major carrier exchanges worldwide 7 Tier 1 transit providers, 1400 private peers, pass about 500Gbps sustained IPv4 and IPv6 dual stack – every compute instance and ancillary service comes dual stacked Arbor Network & Cisco Network Analysis and DDOS Mitigation Enterprise DNS system consisting of over 400 load balanced physical nodes across 20 global locations 20,000,000 active domains 100,000+ physical nodes – millions of virtual machines 21,000 customers in 140 countries