NC4 - ESP

An organization’s most sensitive information requires a level of security that most networks supporting numerous uses and services simply cannot provide. At the same time, management and project teams must collaborate on sensitive information from multiple locations and across diverse platforms using these networks.

NC4’s Extranet Security Portals (ESP) Group is a Software as a Service (SaaS) provider, bringing government agencies and corporations a common platform for secure communication and collaboration in a cloud computing environment. The ESP Group provides a solution for diverse organizations to share critical information, such as Controlled Unclassified Information (CUI), through highly secure, compartmented, web-accessible portals. Continuously striving to operate at a higher level of security, trust, service, technology and performance, the ESP Group focuses on eliminating the barriers to secure, collaborative information sharing. One of ESP's key success factors is the combination of collaboration with highly secure, mission-focused applications.

NC4's Situational Readiness Network CyberCop

Topics:

Technology Overview
Physical Security
User Security
Hardened System Architecture

Technology Overview

Security is the backbone of the NC4's ESP solution. Raising the security bar to the highest level, the ESP solution operates out of a highly secure operating environment that is built to rigorous U.S. Government standards for a Sensitive Compartment Information Facility (SCIF). The ESP solution supports diverse authentication methods, including identity federation, Two-factor and Public Key Infrastructure (PKI) through our strict registration protocols, authorized management, a human revalidation processes, and portal activity monitoring and reporting. Moreover, the ESP solution maintains a full-cycle security approach to ensure security from the inside out and outside in. This includes:

Physical Security

To ensure the security and integrity of its systems, NC4’s ESP solution implements formidable physical security controls. Even the most highly sophisticated software, encryption, and authentication will not provide the full cycle of security if the system itself is not physically secure.

SCIF Level Facilities: Data processing operations are conducted in Secure Operating Centers (SOCs) that meet or exceed the standards for U.S. Government Sensitive Compartmentalized Information Facilities (SCIF). These strict standards include perimeter protection, auditing, access control and intrusion alarms.

Top Security Professionals: NC4 employs leading security experts as well as technical experts to assure the most disciplined security procedures.

Secure Administrative Procedures: NC4 adheres to stringent administrative security procedures that meet or exceed Government requirements for sensitive data. These security procedures include documented policy, policy reviews, auditing and compliance oversight and reporting.

Cleared Staff: All ESP staff with access to customer systems maintain U.S. Government Security clearances. Employees receive ongoing security education and training.

User/Administrator Awareness and Training: Often the most overlooked and important component of information security is training users. The ESP user base is trained to understand the ESP environment, thereby ensuring compliance with current security policies.

Top of page

User Security

A system is only as good as its weakest link. Therefore, ESP technology focuses on User Control to create a customizable, single sign-on portal for each client. Every portal incorporates a minimum of 128 bit-encrypted access to the applications (up to 256 bit-encryption). All the best authentication methods are supported, augmented by registration protocols, audited authorization management, human revalidation processes, activity monitoring, and reporting. ESP systems include the most advanced authentication techniques and are consistent with current Government regulations.

PKI, RSA Secure ID − the option of integrating web-based biometric authentication can be provided as part of the customization process to meet the client's security requirements.

Hard enforcement of lockouts − after a specified number of failed logins, the user is locked out of the system to prevent a brute force attack. The unsuccessful user is not notified that their account is locked so as not to alert a potential intruder that they are being monitored. NC4's Support Center receives notification when a user is locked out of the system and appropriate action is taken, whether assisting the user in getting into the system or notifying a security administrator that unauthorized login is being attempted.

Enforced strong passwords − the systems can enforce strong passwords that meet or exceed U.S. Government standards. Password requirements are customized in accordance with the client's needs.

Human in the loop − the Support Center is available 24x7 to assist users with logon problems, system questions and username/password resets. Users must verify the security information they supplied during registration in order to have their account credentials reset. The Support Center does not send out authentication information via email or other non-secure channels that may be intercepted by an unwanted third party.

Top of page

Hardened System Architecture

The proprietary hardened systems architecture is proactively managed on a 24x7 basis. The ESP Group environment utilizes advanced systems architecture designed to defeat the most sophisticated intrusion techniques. These designs were developed utilizing the U.S. Government's Computer Emergency Response Team's (CERT) extensive database of successful intrusions on supposedly secure systems. CERT is located at the Carnegie Mellon's Software Engineering Institute and is one of the front line resources in managing data security. The ESP Group architecture includes:

Multiple, in-line firewalls are enabled to accept only one protocol in (HTTPS) through only one open port. Each firewall uses a different technology such as packet filtering, proxy, stateful inspection, etc. Furthermore, each firewall is provided through a different manufacturer to defeat attacks that exploit known weakness by any one vendor.

Code Demobilization constantly monitors the stream of data entering the system for any type of mobile code. The system isolates and prevents this code from taking any action. While tight control over this type of code blocks some non-essential functionality such as simple JavaScript, it greatly enhances system security. Comprehensive virus scanning is also used on file uploads to the portal.

Strong Encryption and Certification generate the strongest possible encryption, requiring an exponentially higher level of resource to crack. It is currently beyond the capability of any threat. Additionally, the crypto systems are easily upgradeable; so, as encryption attacks become a greater threat, it is a simple matter to increase the key length to thwart these attempts.

State Theft Protection a common attack in any system is the attempt of a user to change the level of permissions within the system, thereby gaining access to data or resources not normally provided. The ESP application and state management strategy prevent users from changing the level of permissions they have within the system. In addition, on each user request, information is compared to the last known state of the user to determine if this is the same person, or someone in a different location trying to impersonate them. The system audits anomalies and reports them to administrators for action.

Proactive Monitoring utilizes multiple intrusion detection systems (IDS), front and back end monitoring, code integrity scanning, log file analysis, network status monitoring and application monitoring for the detection and tracing of suspicious probes back to their source.

Information Protection uses compartmentalization to separate workspaces and enforce need-to-know controls to further protect access to information inside an established workspace.

Top of page

The ESP solution incorporates a set of core tools to include robust functionality, an intuitive interface and the capability to compartmentalize data by individual users, organizations or customized groups. These tools enable our clients to manage projects, collaborate on areas of interest and to disseminate information quickly and easily to other participants. The portal’s core functionality includes:

Secure Messaging – secured email, requiring authentication to access and read messages, with internal and external notifications
Compartmented Library – a secure document repository, allowing for revision controls
Online Briefings – secure sharing of presentations in a common meeting space with moderation and interactive chat
Data Survey Wizard – a user configurable survey tool to collect information from users
Member Directory – user contact directory
Calendars – meeting and event scheduling
Forum Discussions – interactive blog and information repository
Public/Private Chat Rooms – secure, interactive chat sessions
WebPort – private webspace
Task Trac – project management and workflow
Portal Search – full search capabilities across all portal data

In addition to the core tools, NC4’s ESP Group also creates customized applications designed specifically for each client. These applications are often built by NC4 from customer specifications and are typically hosted by NC4. A few of these applications include:

Foreign National Management and Tracking System – visitor tracking and approvals through workflow management
Adverse Reaction Drug Reporting System –drug study/drug trial monitoring and tracking
Case Management System – tracking of suspicious activities, investigations and incidents
Centralized Scheduling System – course creation and scheduling, student evaluation tracking
Equipment Utilization Database – equipment database with reservation and purchase agent

Department of Homeland Security - Homeland Security Information
Network (HSIN) / Intelligence

The DHS HSIN Intel portal enables the Office of Intelligence & Analysis (I&A) to meet mission-critical objectives for information sharing. The portal supports State Fusion Centers by providing a secure environment as well as a suite of core tools for collaboration at the Controlled Unclassified Information (CUI) level amongst intelligence analysts nationwide. Participants include representatives from the Federal, State, Local and Tribal levels of government as well as the Private Sector and International Partners.

CyberCop
https://cybercop.esportals.com

The CyberCop portal was designed to provide an ultra-secure web-based environment to promote and facilitate the sharing of sensitive information among a cohesive network of law enforcement, first responders, homeland defense and law enforcement related professionals from all levels of government, including international, federal, state, local and the private sector.

The CyberCop portal is in use by over 10,000 law enforcement, emergency responders, computer forensic and technical professionals for coordination, case handling, warrant dissemination, document sharing and lessons learned. This initiative is partially funded by the Department of Homeland Security and is managed by organizational administrators from the High-tech Crime Consortium, the InfraGard National Member Alliance, the High Technology Crime Investigation Association, the Federal Law Enforcement Training Center and others.

This secure portal is committed to providing a safe and secure environment where ideas can be freely exchanged to aid individual efforts and to foster cooperative efforts in the fight against crime, terrorism and the security of the nation.

Extranet for Security Professionals (XSP)

The XSP portal "Bridges the Gap" between government and industry security professionals in the Aerospace, Defense and Intelligence community to securely exchange information, best practices, lessons learned, policy documents and other sensitive information. The XSP portal also hosts several security associations such as the Contractor SAP/SAR Working Group (CSSWG), Industrial Security Working Group (ISWG), and the OPSEC (Operations Security) Society. Over 600 government and private sector organizations utilize the portal to coordinate activities and to collaborate on security issues.

Pentagon Force Protection Agency (PFPA)

The Pentagon Force Protection Agency (PFPA), which was established by the Department of Defense after the attack on the Pentagon on September 11, 2001, serves as an out of band system that can support the Pentagon in case an event renders their existing infrastructure inaccessible. It allows law enforcement and emergency responders in the National Capital Region to quickly and securely disseminate threat information to the appropriate parties.

Department of Energy (DOE)

The Foreign National Visitor Tracking Portal allows DOE to track all of the incoming foreign national scientists who visit DOE facilities to participate in research and development projects.

Office of Personnel Management (OPM)

In support of its e-Clearance initiative, the Office of Personnel Management (OPM) engages most of the U.S. government agencies to obtain new requests for clearance investigations and to allow agencies to monitor the status of investigations. The OPM portal provides encrypted access to existing OPM databases and permits clients to use a friendly web interface to manage the clearance request process. In addition to tying together the systems using a common, secure interface, the system allows OPM to maintain its legacy systems.

Department of Homeland Security - United States -
Computer Emergency Readiness Team (US-CERT)

The US-CERT portal provides a venue for US-CERT’s public and private sector partnership for the purpose of enhancing the prevention of and response to cyber threats and vulnerabilities. US-CERT uses the portal for collaboration with its partners and also utilizes custom applications that provide direct access to tools that report on Internet health.

The ESP solution delivers excellent beneﬁts:

Globally-accessible – Anyone with a current browser and an Internet connection can establish a highly secure session to retrieve, share and collaborate on critical information. Users can access the portal’s collaborative tools from almost anywhere – from an office network, a home connection or even through most Internet-accessible Blackberrys or Personal Digital Assistants (PDAs) – with no additional software or hardware beyond a current web browser.
Proven Security – NC4 emphasizes security throughout all of its ESP technology practices and strives to ensure that security does not compete with functionality. We approach security by constantly and continuously modifying the hardware, software, network environment, security tools and monitoring capabilities in accordance with a rigid configuration management process to ensure that the highest possible capability is being provided to each and every client. Stringent physical security, strong user security and hardened system architecture contribute to this approach.
Cost Savings – Clients can leverage the cost savings benefits and the expertise of a focused, trusted security SaaS provider without having to hire additional in-house talent. This model complements an existing network infrastructure and provides for more reliable budget and resource planning. It leverages the ubiquity of the Internet without compromising security and simultaneously eliminates client system administration costs and additional staffing requirements.
Full-service Support Center – NC4 provides a dedicated Support Center managing support requests 24x7. The Support Center is staffed with knowledgeable personnel skilled in handling E Team, ESA and ESP application questions. In addition, clients may take advantage of the online tracking system on the NC4 Support site (https://support.nc4.us) which allows them to conveniently submit support requests and monitor resolution progress. NC4 consistently receives high ratings on the Support Center for prompt service, excellent communication during an event or activity and personable staff member performance.