2016_HSA_Yrbk_YUMPU_r2___

More documents

Recommendations

Info

quickly and easily create rules that provided users the administrative privilege to uninstall old software and install new software without the need for administrative credentials,” said the project lead at the agency. In addition, this project allowed the agency to create a very large set of “canned” rules to allow background update services to install updates and patches. “We immediately began to see a drop in the number of vulnerabilities reported in these applications.” Elevating Specific Applications Like many of our government agencies, the US Department of Agriculture ARS has cases where one user, or several users, need to launch an application with administrator privileges on a specific machine or group of machines. However, they don’t need full-time administrator privileges or access to the username and password of a local administrator account as part of their day-to-day duties. This implementation allowed the agency to elevate the specific application to launch with administrative privileges without the user ever obtaining the username and password for a local administrator account. “Thus, the user is not able to login to the computer with an administrator account, thereby gaining administrator-level access to everything on the machine, nor do they have the ability to launch/install other applications using the built-in ‘Run-As’ function,” said the agency project lead. The USDA-ARS is making the security of their information systems a priority, achieving least privilege quickly and effectively. Congratulations to the agency teams and leadership for a job well done. Link to Web Page of Nominated Organization: –––––––––––––––––––––––––––––––––––––––– https://www.beyondtrust.com/ Nominating contact for this entry: –––––––––––––––––––––––––––––––––––––––– Mike Bradshaw, Partner Connect Marketing office: 801-373-7888 Nominating contact email address: –––––––––––––––––––––––––––––––––––––––– mikeb@connectmarketing.com Nominating organization address: –––––––––––––––––––––––––––––––––––––––– Connect Marketing 881 W. State Street Pleasant Grove, UT 84062 81
GSN 2016 DIGITAL YEARBOOK OF HOMELAND SECURITY AWARDS RECIPIENTS 2016 GSN 2016 Government Excellence Award Federal Emergency Management Agency (FEMA) 2016 Winner Awards Category: –––––––––––––––––––––––––––––––––––––––– Most Notable Cybersecurity Program or Technology Name of Nominated Product, Service, or Program: –––––––––––––––––––––––––––––––––––––––– Personal Identity Verification (PIV) and Single Sign On (SSO) Enablement Reason this entry deserves to win: –––––––––––––––––––––––––––––––––––––––– In June of 2015, the Office of Personnel Management suffered a high-profile data breach which spurred action on cyber security across numerous agencies. Adrian Gardner, the Chief Information Officer (CIO) of the Federal Emergency Management Agency (FEMA), was determined to safeguard his agency’s information. He sought a comprehensive, rigorous solution rather than a “Band-Aid” approach, and had a very aggressive schedule to implement the solution in six months. Mr. Gardner requested that 76 high priority systems be Personal Identity Verification (PIV) Card and Single Sign On (SSO) enabled to ensure that industry leading security standards, aligning with FEMA’s Target Actionable Architecture, would be applied to systems containing user information. The FEMA PIV SSO project was kicked off on October 1, 2015, consisting of a joint FEMA-IBM initiative that incorporated efforts led by the Office of the Chief Information Officer (OCIO) and supported by various mission critical FEMA program areas. The scope of the effort included the implementation of an enterprise security infrastructure based on the IBM Security Access Manager (ISAM) Webseal, Federated Identity Manager (FIM) and Integrated Windows Authentication (IWA) technologies. FEMA’s systems leverage a wide variety of technologies, including Java, C++, .NET, PowerBuilder, and Mainframe. The PIV/SSO implementation approach varied depending upon the technology and existing authentication mechanism of the specific application. FEMA understood that no single solution would be 82
Page 1 and 2:
The GSN 2016 Digital Yearbook OF Ho
Page 4 and 5:
The GSN 2016 Homeland Security Awar
Page 6 and 7:
Page 8 and 9:
Page 10 and 11:
Page 12 and 13:
GSN 2016 DIGITAL YEARBOOK OF HOMELA
Page 14 and 15:
ties carried over proprietary contr
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33: GSN 2016 DIGITAL YEARBOOK OF HOMELA
Page 34 and 35: onto the expansion cable of Hirsch
Page 38 and 39: a library of more than 150 question
Page 40 and 41: and our proxy technology protects t
Page 42 and 43: any code changes, or hardware and d
Page 44 and 45: 43
Page 46 and 47: ates context-rich alerts, summarizi
Page 48 and 49: erArk can isolate, monitor, record
Page 50 and 51: with today’s sophisticated and ta
Page 52 and 53: 51
Page 54 and 55: Category #1: Vendors of IT Security
Page 56 and 57: Category #1: Vendors of IT Security
Page 58 and 59: DETECTION PRODUCTS Best Chemical De
Page 60 and 61: Link to Web Page of Nominated Organ
Page 62 and 63: saves lives. By immediately notifyi
Page 68 and 69: of experience with acoustic gunshot
Page 70 and 71: environments with zero false alerts
Page 72 and 73: organizations. The prefabricated un
Page 78 and 79: Category #2: Vendors of Physical Se
Page 80 and 81: 2016 Government Excellence Entry se
Page 86 and 87: 85
Page 88 and 89: National Cybersecurity and Communic
Page 90 and 91: attacks and knowledge assessments a
Page 94 and 95: to over 540 graduates from 57 diffe
show all

2016_HSA_Yrbk_YUMPU_r2___

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?