Effective, Efficient and Thorough Cybersecurity for IT Systems.
Our team of Information Systems Security Officers (ISSO) and Information Systems Security Engineers (ISSE) have addressed the challenges many organizations face today while keeping security and compliance at the forefront of every mission. With an understanding that organizations can be tasked to do more with less, Ncompass brings the efficiencies that come with decades of experience and the ability to leverage the associated lessons learned.
New and changing mission needs for DoD and Federal Organizations require new and modified IT systems. A full assessment will help to identify vulnerabilities, weaknesses and areas of non-compliance so solutions and mitigations can be developed and implemented.
Ncompass provides expert security skills and knowledge which include but are not limited to the following focal points:
Customized Solutions for RMF Compliance
Ncompass recognizes that RMF/A&A processes are similar for every system, and yet the needs vary based upon organizational priorities, requirements and categorization. We utilize repeatable federal processes to create the customized approach to the security of an organization’s infrastructure and data.
RMF for DoD Agencies
Ncompass has worked with many DoD Agencies, Commands and Services using the DoDI 8510.01 and associated RMF NIST Publications to successfully obtain their required ATOs. We use our extensive experience to navigate the technical and administrative complexities involved with the Assessment and Authorization process.
A Service Disabled Veteran Owned Small Business.
Ncompass, LLC is a Service Disabled Veteran Owned Small Business (SDVOSB) employing Subject Matter Experts (SMEs) who specialize in the assessment and management of system risk using the National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF) for On-Prem and Cloud-Based systems.
Cybersecurity & Data Protection
Ncompass blends both digital and physical processes to ensure that data, is protected from unauthorized access, corruption and unavailability. We strive to drive simplicity and efficiency by closing the gap between NIST Policies and RMF Processes, and the implementation of physical, technical and administrative system security controls.
Threat Intelligence + Response
Our Subject Matter Experts use DoD and community intelligence to proactively engage in continuous monitoring efforts to protect systems and data against known threats. We help our customers identify and fix vulnerabilities before they can be exploited by attackers. Using specific NIST based guidelines, we help our customers identify and prepare for system and data risks, and the appropriate response should an incident occur.
Risk Management Programs
In an effort to mature security effectiveness, organizations must move beyond assumptions that their systems and data are protected. System and data owners must engage in effective and continuous risk management programs. An effective risk management program will help protect an organization’s critical assets from harmful threats.
Security Evaluation & Assesments
Ncompass evaluates an organization’s overall security to provide a cyber risk profile for the IT System and its data starting with a self-assessment. The evaluation focuses on security in dozens of areas to include but not limited to Access Control, Configuration Management, Contingency Planning, Incident Response, Personnel Security, Communications, Integrity, Data Classification, etc. Vulnerability scanning, penetration testing and manual/automated evaluations of the security implementation of system assets are additional tools used for a security evaluation.
Information System Hardening And Remediation
At Ncompass, we provide Security Requirements and Technical Implementation Guides (SRG/STIG) reviews, Assured Compliance Assessment Solution (ACAS) i.e., Tenable Security Center vulnerability scan results analysis and weekly Information Assurance Vulnerability Management (IAVM) reviews on alerts and bulletins.
Continuous Security Monitoring
We monitor security controls for information systems in accordance with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Department of Defense Instructions (DoDI) 8500.01 – Cybersecurity and 8510.01- RMF for DoD IT. This includes control implementation and effectiveness, documenting changes and updating artifacts, performing SRGs/STIGs, reviewing vulnerability scans, and providing weekly status reports to ensure compliance.
IT Security Solutions
FOR ON PREMISES & CLOUD BASED SYSTEMS
Our team of Information Systems Security Officers/Engineers (ISSO/ISSE) can address a multitude of IT security challenges organizations face while keeping mission objectives at the forefront. Understanding that many organizations and their teams are tasked to do more with less, Ncompass brings the efficiencies that come with decades of experience and the ability to leverage the associated lessons learned.
Facility Security Clearance
TOP SECRET
Our team of cleared professionals facilitates DoD organizations in achieving, maintaining, and renewing their Authorities To Operate (ATO) in Unclassified, Classified and Top Secret security domains using the seven-step Risk Management Framework process.
Defend Your Business Against The Latest Cyber Threats.
Protect your networks and your data from unauthorized access. Improve information security and business continuity. Delivered by talented and experienced professionals with a solid foundation of business expertise and a family-oriented culture with proven principles demonstrated by past performance in the DOD and Federal sectors.