Effective, Efficient and Thorough Cybersecurity for IT Systems.

Our team of Information Systems Security Officers (ISSO) and Information Systems Security Engineers (ISSE) have addressed the challenges many organizations face today while keeping security and compliance at the forefront of every mission. With an understanding that organizations can be tasked to do more with less, Ncompass brings the efficiencies that come with decades of experience and the ability to leverage the associated lessons learned.

New and changing mission needs for DoD and Federal Organizations require new and modified IT systems. A full assessment will help to identify vulnerabilities, weaknesses and areas of non-compliance so solutions and mitigations can be developed and implemented.

Ncompass provides expert security skills and knowledge which include but are not limited to the following focal points:

  • Tools: Proficient using eMASS, Xacta, MCCAST and RiskVision to streamline A&A processes.

  • Experience: Years of RMF experience resulting in Authorization to Operate (ATOs) with multiple agencies. (DCSA, DISA, US CYBERCOM, Air Force, Army, Navy, Marine Corp., and Coast Guard)

  • Skills: Employs Information Systems Security Engineers (ISSE) that: Conduct and Analyze Vulnerability Scanning, perform SRGs/STIGs, Collaborate mitigation strategies with Developers, draft technical documents, and perform a multitude of ISSO duties/activities for On-Prem and Cloud-Based systems.

  • Communications: Established as a solution oriented, successful DoD contractor, that effectively communicates and works well with others to get the job done.

Customized Solutions for RMF Compliance

Ncompass recognizes that RMF/A&A processes are similar for every system, and yet the needs vary based upon organizational priorities, requirements and categorization. We utilize repeatable federal processes to create the customized approach to the security of an organization’s infrastructure and data.

RMF for DoD Agencies

Ncompass has worked with many DoD Agencies, Commands and Services using the DoDI 8510.01 and associated RMF NIST Publications to successfully obtain their required ATOs. We use our extensive experience to navigate the technical and administrative complexities involved with the Assessment and Authorization process.

A Service Disabled Veteran Owned Small Business.

Ncompass, LLC is a Service Disabled Veteran Owned Small Business (SDVOSB) employing Subject Matter Experts (SMEs) who specialize in the assessment and management of system risk using the National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF) for On-Prem and Cloud-Based systems.

Cybersecurity & Data Protection

Ncompass blends both digital and physical processes to ensure that data, is protected from unauthorized access, corruption and unavailability. We strive to drive simplicity and efficiency by closing the gap between NIST Policies and RMF Processes, and the implementation of physical, technical and administrative system security controls.

Threat Intelligence + Response

Our Subject Matter Experts use DoD and community intelligence to proactively engage in continuous monitoring efforts to protect systems and data against known threats. We help our customers identify and fix vulnerabilities before they can be exploited by attackers. Using specific NIST based guidelines, we help our customers identify and prepare for system and data risks, and the appropriate response should an incident occur.

Risk Management Programs

In an effort to mature security effectiveness, organizations must move beyond assumptions that their systems and data are protected. System and data owners must engage in effective and continuous risk management programs. An effective risk management program will help protect an organization’s critical assets from harmful threats.

Security Evaluation & Assesments

Ncompass evaluates an organization’s overall security to provide a cyber risk profile for the IT System and its data starting with a self-assessment. The evaluation focuses on security in dozens of areas to include but not limited to Access Control, Configuration Management, Contingency Planning, Incident Response, Personnel Security, Communications, Integrity, Data Classification, etc. Vulnerability scanning, penetration testing and manual/automated evaluations of the security implementation of system assets are additional tools used for a security evaluation.

Information System Hardening + Remediation

At Ncompass, we provide Security Requirements and Technical Implementation Guides (SRG/STIG) reviews, Assured Compliance Assessment Solution (ACAS) i.e., Tenable Security Center vulnerability scan results analysis and weekly Information Assurance Vulnerability Management (IAVM) reviews on alerts and bulletins.

Continuous Security Monitoring

We monitor security controls for information systems in accordance with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Department of Defense Instructions (DoDI) 8500.01 – Cybersecurity and 8510.01- RMF for DoD IT. This includes control implementation and effectiveness, documenting changes and updating artifacts, performing SRGs/STIGs, reviewing vulnerability scans, and providing weekly status reports to ensure compliance.

IT Security Solutions

FOR ON PREMISES & CLOUD BASED SYSTEMS

Our team of Information Systems Security Officers/Engineers (ISSO/ISSE) can address a multitude of IT security challenges organizations face while keeping mission objectives at the forefront. Understanding that many organizations and their teams are tasked to do more with less, Ncompass brings the efficiencies that come with decades of experience and the ability to leverage the associated lessons learned.

Cleared Professionals

TOP SECRET

Our team of cleared professionals facilitates DoD organizations in achieving, maintaining, and renewing their Authorities To Operate (ATO) in Unclassified, Classified and Top Secret security domains using the seven-step Risk Management Framework process.

Defend Your Business Against The Latest Cyber Threats.

Protect your networks and your data from unauthorized access. Improve information security and business continuity. Delivered by talented and experienced professionals with a solid foundation of business expertise and a family-oriented culture with proven principles demonstrated by past performance in the DOD and Federal sectors.