Dynanet has developed a set of security services and products that secure our customer’s IT systems, networks and data information resources. We are experts in developing policy, programs and processes to ensure that data and systems are only used by authorized personnel; that attempts to gain unauthorized access are observed, defeated and reported; and that our customer can recover in a pre-determined time frame from a potential catastrophic event that destroys critical IT systems. We are experienced working within and providing information necessary to develop and/or maintain IT systems for federal civilian and Defense Department clients at the highest security levels.

Systems Security: Assessment– Details
Dynanet applies knowledge of information system technologies and security threats and knowledge of current customer information systems and practices to evaluate security vulnerabilities

Our security engineers gather information from customer management and operational personnel, complete industry research, perform security risk analysis, and use evaluated vulnerability findings to determine expected vulnerability costs

Security assessments may also include estimated implementation/maintenance costs of countermeasures. This type of information is useful when performing cost/benefit analysis for security initiatives.

Statutory Compliance: Evaluation and Implementation
Dynanet personnel are knowledgeable of major federal security laws, Executive Orders, security implementation guidelines, and their applicability to government and private organizations

Security-related statutory requirements include privacy aspects of the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA), and financial information protection provisions of the Gramm-Leach-Bliley law

Dynanet can assist federal organizations with the security accreditation process (C&A) mandated for many federal information systems

Dynanet will provide reports to executive management interpreting security-related laws and impacts on the organization. Such reports can also include compliance findings and countermeasures costs

Security Policies, Procedures, Standards & Guidelines
Working with customer executives and security personnel, Dynanet can assist our clients in defining the requirements for security systems that satisfy business needs and statutory mandates

We combine knowledge of security best practices, government security guidelines, local business systems, and organization-specific rules to assist our customers in producing local security policies, practices, and guidelines

Security Plans and Business Continuity Planning
Dynanet experts assist customers in the development of security plans using inputs from risk analysis, cost/benefit measures, statutory requirements, knowledge of customer business goals and processes, current security products and implementations, and industry best practices

As part of the creation of an organizational security plan (or as a distinct task), Dynanet can generate comprehensive business continuity and disaster recovery plans. Business continuity planning requires detailed knowledge of essential business processes, personnel rules, information protection requirements, process interruption costs, and applicable laws

Technical Controls & Countermeasures
In the realm of network security, Dynanet designs, implements and operates firewall systems ranging from straightforward packet filters to complex, load-balanced proxy systems hosting multiple service segments and private network address spaces.

Our security engineers configure and manage Intrusion Detection/Intrusion Prevention systems scrutinizing networks and host systems. Effective IDS/IPS implementations typically require consistent and skilled administration. Dynanet can furnish high-quality personnel with the necessary expertise.

Other technical security controls within Dynanet’s expertise are anti-virus systems, authentication and authorization services (including token-based multi-factor authentication), VPNs, controls based on Public Key Infrastructure, end-to-end encryption (IPSec and proprietary), router link encryption, and content-based Internet access controls.

Secure Remote Access Systems
In-depth experience in design, implementation and management of secure remote access systems for our clients. Such systems allow traveling or telecommuting personnel convenient and secure access to authorized services from outside the customer’s protected network.

We implement virtual private network solutions over a variety of communications channels: phone lines, Internet, wireless networks

Remote access control provisions include strong authentication and multi-level authorization

Technology expertise associated with remote access includes VPN, PKI, RADIUS, SecureID, Kerberos, local disk encryption