Federal IT Program Management

Proceeding step-by-step to secure Federal data.

Defense in depth

Computer systems are more secure when their various components are individually protected. Sometimes known as “defense in depth,” this layered approach to security makes it impossible to breach a whole system by cracking one password.

In Federal IT, we believe that defense in depth should start with two-factor authentication: users employing security tokens or biometrics, combined with a password or question, to gain access.

Encrypting data

Authenticating users to view records is part of the first leg of the “CIA triad“—Confidentiality, Integrity, and Availability—that’s the foundation of information security. The other two legs come into play when transmitting and storing these records.

In data transmission and storage, we believe that advanced encryption techniques such as Private Key Infrastructure should be used. Encryption should be at least 128-bit, and perhaps as much as 256- or 1024-bit depending on task requirements and system capabilities.

FISMA Compliance

We understand the requirements of FISMA, and are aware of all its checkpoints for information assurance.

To help agencies comply with FISMA, we create a matrix of these checkpoints, then write best practices for security that meet or exceed each point.

© 2016 Reddix Group, LLC. All Rights Reserved.