Government agencies are challenged on a continuous basis to protect physical and virtual environments from cyber threats. Faced with regulatory requirements, shrinking staff, and budget constraints, agencies rely on BlueWater Federal Solutions to protect against the constantly evolving security threats. BlueWater takes an adaptive approach through the use of innovative technologies and specialized expertise in planning, preparing, preventing, and responding to security breaches and attacks. BlueWater has the technical, functional, and strategic expertise to help government agencies cost-effectively protect their infrastructure and information.
Specific focus areas where we have proven experience include:
- Certification and Accreditation (C&A)
- Cyber testing and remediation to NIST, DoD and DISA standards
- DIACAP/FISMA compliance and Risk Management Framework transition
- Network Vulnerability Scans and Remediation
- Information Assurance Management and Policy Updates
- Master System Security Plans
- Enterprise Mission Assurance Support Service (eMASS)
Representative clients and performance includes:
- U.S. Air Force – We perform certification and accreditation (C&A) for systems connected to the core network and manage, implement, and execute base programs for COMPUSEC, EMSEC and COMSEC. Our team facilitates the C&A process specified by AFI 33-210, Air Force Certification and Accreditation Program. As we did for the base NIPRNET and SIPRNET accreditation, our team will validate IA controls, perform system risk assessments and ensure security policy and processes are enabled. Our team is expert in the five phases of the DIACAP process that must be met for the Designated Approving Authority (DAA) to grant ATO and/or ATC approval.
- FEMA Public Affairs – BlueWater is responsible for securing all servers and applications to DHS security standards. We perform bi-weekly patches as well as daily reviews of system logs to look for any abnormalities. We implemented Akamai’s Site Shield service to protect and cloak our production servers from the internet requiring all traffic to first pass through the Akamai platform.
- U.S. Air Force Integrated Communications – we created a Vulnerability Management tiger team with specialized expertise and training to address and mitigate network and desktop security vulnerabilities. Our team mitigated or cleared findings faster than 90% of all other locations. We generate the accreditations and reaccreditations of the SIPRNet and NIPRNet and manage emanation security evaluation support base-wide.