logo

Cyber Security

Our Approach & Benefits

Today nearly every business and organization relies on information technology for every aspect of operations. This increased reliance on technology makes combating vulnerabilities an ever-increasing priority. To minimize risks, Vision offers a suite of security services that focus on the preservation of confidentiality, integrity of data, and availability of network resources.

Our services aim to:

  • Improve security and reduce risk across the enterprise
  • Define policies and procedures to enable a predictable, measured security posture
  • Simplify compliance with governmental guidelines and mandates
  • Combat threats and reduce/eliminate incidents or disruptions through proactive vulnerability management
  • Speed response and recovery
Network Security

Government agencies must maintain safe, continuous operation of their network in order to meet mission goals and objectives. With the growing threats of viruses, intrusions and other attacks, however, securing systems, networks, applications and critical information resources and integrity is a constant challenge. Maclink Integrated Service's security experts maintain the highest level of professional certifications to ensure that your network is equipped against external and internal security breaches, threats and potential risks and to quickly identify and mitigate vulnerabilities.

Maclink Integrated Services uses a multi-layered approach to analyze your agency’s IT security and implements appropriate measures to keep your system safe. Our comprehensive plan delivers policy, procedures, and protection for all layers, including:

  • Physical access to servers and network devices
  • Virus protection at the system level and email gateways
  • Monitoring of network traffic for malicious activity
  • Security training for system administrators, web developers, and end users
  • Vulnerability assessments
  • Timely system patching
  • Encryption
  • OS lockdown
  • Network perimeter tools (firewalls, network and host IDS/IPS, security information, management systems)
  • Information assurance capability
  • Monitoring and log auditing at the system and application level (Unix syslog, Windows logs, Website logs, firewall logs, database logs, host-based intrusion detection logs)
  • Regularly scheduled self-audit for each of these areas
  • Compliance with federal mandates and legislation
Security Operations Center

In order to provide services and efficient operations, Federal agencies must be able to depend on the reliability and security of their information and infrastructure. To protect against the ever increasing number of internal and external security threats, policies and requirements demand flexibility to meet ever-changing security demands. Maclink Integrated Service's integrated approach to planning, deploying, staffing and maintaining Security Operations Centers ensures that your agency can proactively and effectively meet security challenges.

Maclink Integrated Service's certified Information Assurance (IA) experts work with your agency to assess your security structure and map out a solution that complies with myriad IA policies and mandates. Maclink Integrated Services monitors and manages intrusion detection and prevention; ensures implementation of an overall security policy across an enterprise; provides prioritization, oversight and disclosure of key risks and vulnerabilities; and provides end-to-end risk management services throughout the risk life cycle.

Maclink Integrated Service's security experts utilize the latest Enterprise Security Management tools and technologies in your SOC and provide timely updates to keep current with rapidly evolving threats. Our experienced subject matter experts are fully trained and able to leverage the technology and processes necessary to ensure the security and availability of your networks. With our well-designed IA capability and SOC, we are able to reduce regulatory compliance costs, increase your IT infrastructure security and overall efficiency, and fully integrate your security program.

Security Operations Center services include:

  • Centralized management that reduces and mitigates risk of the security infrastructure
  • Better utilization of security personnel and budget to improve efficiencies of scale and reduce cost
  • Faster, more effective response to security threats and incidents
  • Elimination of duplicate efforts and “holes” in security coverage
  • Central enterprise security POC for entire organization
  • Compliance with regulatory IA requirements at lower costs
  • Scalable tools that leverage existing resources

Maclink Integrated Services Security Management is comprised of two key tasks. Fault Management ensures continuous operation of the security infrastructure through monitoring of client security devices, fault detection and signaling; fault reporting; corrective action determination; corrective action implementation; and system recovery, if necessary. Configuration Management ensures the continuous enforcement of firewall rules tailored to customer needs. It applies to all equipment managed by the SOC and includes data packet discard/acceptance rules between an external source and an internal destination (or vice versa) based on source address, destination address, network protocol, service protocol, and traffic log.

To determine the overall security of your systems and operations, Maclink Integrated Services utilizes a twofold approach to Security Assessment. Vulnerability assessments search for known weaknesses of systems and software and are accomplished through specific technologies configured and customized for each assessment. Penetration tests isolate and exploit known or unknown vulnerabilities of systems, services, and installed web applications and attempt to quantify the threat level and potential impact on each system.

Maclink Integrated Services technical assistance experts are ready to support you on any issue regarding system operation, system violations, system update, security hardware, software update, and configuration. For your convenience, our assistance can be provided remotely or on site, depending on your needs and the level of service. Benefits to these services include:

  • Deliver IT security services
  • Prevent unauthorized access and manage security
  • Provide risk management through centralized analysis using the combined resources consisting of personnel, dedicated hardware and specialized software
  • Offer continuous risk analysis and guarantee protection against intrusion
  • Monitor and analyze firewall activity, Intrusion Detection System (IDS) activity, antivirus activity, individual vulnerabilities, etc.
  • Operate 24 hours a day, seven days a week, 365 days a year
  • Provide real-time monitoring, coordinates incidents and response activities, and issues advisories concerning threats
Certification & Accreditation

Proper planning and procedures are essential to ensure that Certification & Accreditation (C&A) aspect of your IT system operates cost effectively and efficiently. Maclink Integrated Services thoroughly understands all phases of C&A and implements the crucial processes that enable your agency to support and sustain an efficient process in accordance with your budget and regulatory requirements. Maclink Integrated Services understands that documentation of security controls and process of IT systems is only the first step in the C&A process. Systematic risk assessment and vulnerability analysis are necessary to identify potential areas to improve the C&A process.

Our comprehensive C&A services include:

  • Consistent and efficient processes that streamline the C&A process to ensure
  • Enhanced overall enterprise security management plan and processes through integration of lessons learned from the C&A process
  • Improved system and program security beyond compliance requirements
  • Quicker and more effective transition to new guidance and regulations
  • Qualified professionals with the appropriate level of training and skill sets to address mission critical and business challenges

Our services meet or exceed regulations and standards including:

  • Federal agencies: FISMA, NIST SP800-37, HIPAA, and OMB A-130
  • DoD specific: 8510.01 (DIACAP) and transition from 5200.40 (DITSCAP)
  • National security systems specific: DCID 6/3 and NSTISSI No. 1000 (NIACAP)

Our personnel have earned the highest professional industry certifications, including:

  • National Security Agency Information Assessment Methodology (IAM) certification
  • National Security Agency Information Evaluation Methodology (IEM) certification
  • Certified Information System Security Professional (CISSP)
  • SANS Global Information Assurance Certifications
  • Certified Protection Professional
  • Associate Business Continuity Professional (ABCP)
  • Certified Business Continuity Professional (CBCP)
  • Certified Disaster Recovery Planner (CDRP)
  • Certified Information Security Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Computer Examiner (CCE)
  • Certified Intrusion Analyst (CIA)
  • Cisco Certified Security Professional (CCSP)
  • Cisco Certified Network Associate (CCNA)
  • Cisco Certified Network Professional (CCNP)
  • Cisco Certified Internetwork Expert (CCIE)
Enterprise Security Management

At Maclink Integrated Services, our Enterprise Security Management (ESM) solutions extend well beyond software selection and network installation. We develop solutions that integrate your processes and personnel, and align security with your agency’s goals and processes. Maclink Integrated Service's team of security experts thoroughly assess your needs and develop a solution that meets your regulatory requirements, staffing levels and expertise, and most importantly your budget. We determine not only your current requirements, but also the scalability of the ESM for future expansion and added security features and functionality. Because the security threats are constantly evolving, we ensure that your ESM solution can respond to meet these challenges. Maclink Integrated Services has the knowledge and staff to work with you every step of the way to deliver an ESM solution that becomes the hub around which your security infrastructure is built, providing security to your infrastructure and value to your bottom line.

Services include:

  • Integration with existing security, administrative tools and processes and business practices to secure the entire organization
  • Faster and more accurate evaluation of security events
  • Automated capability that enables properly trained security personnel to instantly identify security issues
  • Protection that defends networks, systems, applications and data from accidents, malice or inadequate planning
  • Enterprise-wide strategy for information assurance that protects the confidentiality, integrity, authentication, availability and validity of your environment
  • Trusted methodologies, products and tools
  • Holistic view of information-related risks incorporates the spectrum of human, technology and regulatory dependencies

Maclink Integrated Service's Enterprise Security services will help your organization to:

  • Improve security and reduces risk across the enterprise
  • Define policies and procedures to enable a predictable, measured security posture
  • Simplify compliance across governmental guidelines
  • Reduce threats, incidents and disruptions through proactive vulnerability management
  • Speed response and recovery
Disaster Recovery & Continuity of Operations

Today, increasing threats from terrorist attacks, natural disasters, hackers, and viruses have highlighted the need for Disaster Recovery (DR) and Continuity of Operations (COOP) plan. Mission essential functions (MEF) and national essential functions (NEF) are mandated to continue regardless of the impact or scope of events by the government. Maclink Integrated Services professionals understand these threats as well as your essential functions and aim to deliver high availability of systems and infrastructure every day, not just in times of crisis. Using an enterprise-wide approach, we identify essential business functions, assess your state of operations and recommend policies to reduce disruptions and risks, train your staff in preparedness techniques, and provide documentation and control for critical systems and networks.

From startup to execution, Maclink Integrated Service's structured approach to COOP and DR is based on industry best practices and processes recommended by the National Institutes of Standards and Technology (NIST). Our cost-effective, realistic solutions are based on the seven-step contingency process in NIST 800-34:

  • Develop the contingency planning policy statement
  • Conduct the business impact analysis
  • Identify preventive controls
  • Develop recovery strategies
  • Develop an IT contingency plan
  • Plan for testing, training, and exercises
  • Plan maintenance

Maclink Integrated Services ensures that your COOP and DR solution fits within the overall framework of your risk management and enterprise security requirements, change management practices, incident response policies and procedures, and Certification & Accreditation (C&A) life cycle. Additionally, all Maclink Integrated Services solutions meet requirements set forth in OMB A-130, HSPD 20, DoD 3020.26, and DoDI 3020.45 and follow NIST guidance for COOP planning (800-34) and testing/training/exercises (800-84).

Our Disaster Recovery & Continuity of Operations services include:

  • Site-specific threat assessments
  • Detailed contingency plans development
  • Operations framework implementation
  • Standard operating procedures development
  • Training staff through classroom instruction, workshops and computer-based methods
  • Direct procedural and performance drills
  • Standard and customized automated support systems implementation

Maclink Integrated Service's Disaster Recovery and Continuity of Operations services will help your organization to:

  • Improve ability to avoid or reduce business disruption
  • Minimize ad hoc reorganization, duplication and confusion
  • Provide detailed guidance for restoring normal operations without disrupting key activities
  • Avoid unnecessary expenses resulting from unexpected outages
  • Prepare employees to effectively deal with contingencies
  • Comply with federal regulations
Firewall Administration

In a multi-layered security plan, firewalls serve as the critical first line of defense to keep malicious traffic out of the network while allowing valid traffic to enter. Maclink Integrated Services analyzes your network traffic and works with your user groups and system administrators to determine services, protocols, and the normal port usage for your network. Based on this analysis, we tailor a firewall configuration to simultaneously secure your IT resources and provide seamless network access for your agency. We regularly review this configuration to ensure that outdated access and obsolete rules are removed to prevent vulnerabilities.
Maclink Integrated Services evaluates, approves, and documents requested changes to the firewall policy. We locate public-facing services, such as web traffic, email, and remote access to bar invalid traffic from the Internet from entering the internal network. We service all externally sourced traffic to protect the internal systems from hackers and malicious code. Maclink Integrated Services uses established industry best practices for regular maintenance of security patches to the firewall operating system and application software. Logs are sent to a secure syslog server and monitored daily.

Our Firewall Administration services include:

  • Increase security to prevent threats from getting into the network
  • Development and documentation of firewall rules
  • Internal systems protection from hackers and malicious attacks
  • Compliance with federal mandates and legislation
Risk Analysis & Assessment

Maclink Integrated Service's Information Assurance (IA) experts understand that risk analysis and assessment are essential to securing your IT resources. Our professionals analyze each of your IT assets to identify all possible threats and vulnerabilities and determine the probability of each event and its impact. Once risks are identified and assessed, we select and implement the necessary preventive, corrective, or detective control methods.
Because networks, systems and personnel are constantly evolving, the risk management process is continuous and ongoing. Maclink Integrated Services conducts periodic reviews to uncover new threats and vulnerabilities and to evaluate the effectiveness of existing control methods. We also develop a security policy to support the IT infrastructure to securely transfer sensitive information.

Our Risk Analysis and Assessment services include:

  • Policy and program development
  • Public-private sector cooperation
  • Critical infrastructure asset identification
  • Continuity and contingency
  • Physical infrastructure protection planning
  • Information systems security
  • Vulnerability analysis and threat assessment
  • Emergency preparedness, awareness, training, assessment and exercises
  • Information assurance
  • Integrated force protection technologies
  • Crisis management planning software
  • Information system security products

Maclink Integrated Service's comprehensive product and service portfolio meets the requirements of PDD-63 and addresses more current Homeland Security Presidential Directives (HSPDs) and national policies including: incident management and response (HSPD-5), identifying and prioritizing national CIKR and public-private partnerships (HSPD-7), national preparedness goals (HSPD-8), and the National Infrastructure Protection Plan.

Benefits of Maclink Integrated Service's Risk Analysis and Assessment services include:

  • Increase awareness to identify areas that require security improvements
  • Identify appropriate and cost-effective countermeasures
  • Provide justification for security expenditures
  • Comply with federal mandates and legislation
  • Ensure continuity and viability of critical infrastructures
  • Speed response and recovery
  • Prepare stakeholders to effectively deal with contingencies
Incident Response

Maclink Integrated Services provides Information Assurance (IA) expertise to assist your agency in creating policies, plans, and procedures in compliance with government regulations before an incident occurs. Based on incident response methodology specified by National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA), Maclink Integrated Service's experts work with your existing incident response program or establish a new capability for your agency to:

  • Create or modify an incident response policy and associated plans to ensure a timely response to any incident
  • Establish incident response teams that create interactions between IT and business personnel
  • Establish internal and external relationships between incident responders, agency stakeholders and regulatory overseers
  • Develop procedures supporting the incident response policy and reporting requirements
  • Assemble teams and address staffing and training requirements
  • Identify all internal and external stakeholders for participation in the incident response process
  • Determine service offerings provided by incident response team(s)
  • Integrate incident response into a Security Operations Center (SOC), if applicable
  • Comply with NIST guidance, including Special Pubs 800-61 Rev 1, 800-83, and 800-86 as well as FISMA requirements that all federal agencies have “procedures for detecting, reporting, and responding to security incidents,” and that the risks associated with these security incidents need to be mitigated “before substantial damage is done.”

Benefits of Maclink Integrated Service's Incident response services include:

  • Reduce time and effort necessary to discover and address vulnerabilities
  • Achieve greater situational awareness and increases overall security posture
  • Remove geographic barriers and enhances information sharing and collaboration
  • Improve service through regular metrics evaluation
  • Enhance relationships with stakeholders to promote early and active participation
  • Reduce errors and downtime
  • Improve staff efficiencies by introducing documented, repeatable, measurable and automated processes
  • Strengthen analysis and reporting efficiencies with proven, advanced analytical support tools
  • Transform trends, anomalies and potential areas of weakness into comprehensive and actionable reports
  • Improve regulatory compliance