Our customer is a leading Government Agency with a broad variety of sensitive data that travels through the network and that is stored in various repositories. Our customer is responsible for protecting our nation and access to the information it collects and processes must be protected from unauthorized use. To this end the customer has a wide array of security controls and methods it utilizes to ensure authorized use and access to the information assets it is responsible for.
The customer has an environment that consists of personnel that are constantly rotating in and out of the facility on short assignments of two years or less. Another challenge is the nature of the data being stored and collected. Depending on priorities the data collected and that must be controlled varies. Personnel are always restricted only to data they are authorized to view. The customer needed visibility into cyber-attacks and insider threats.
The insider threat risk is high and the customer had already experienced a widely publicized breach of trust and did not want to revisit the experience.
RTGX to the Rescue
The RTGX Team studied the data and security environment. RTGX conducted an audit of the various controls and tools used to control access to networks, applications, data and software. RTGX utilized risk assessment frameworks such as the NIST RMF. RTGX conducted the assessment of security controls RMF phase (4), analysis of how security controls are authorized RMF phase (5) and RMF phase (6) an assessment of how security controls are monitored including tools, process and people. The RTGX Team also reviewed personnel processes to determine how employees were approved for positions of trust and how they are given authorization to access sensitive data. When our assessments and analysis were concluded our team presented a set of recommendations on how access could be monitored, behavior and usage patterns analyzed. RTGX also provided additional process improvements to the continuous assessment of personnel risk associated with access to sensitive information.