Government Drivers and Challenges
While many government agencies have established endpoint
security policies, they do not have the right security management
software to enforce them. The threat of data leakage and network
instability or disruption comes from outside the agency walls
as well as from within.
Users continue to run software that is either unauthorized
or is without the latest patches, opening the doors to cyber
criminals and cyber terrorists. Users can also remove data from
government networks via removable devices (such as USB flash
drives) and if the data is not encrypted, sensitive information
can be exposed.
All of this can expose vulnerabilities that enable the theft
or loss of critical information. Recent security violations
have sparked legislative requirements and standards-based protocols
from NIST around security controls and data protection that
impact both Civilian and DOD agencies. By developing solutions
in lock-step with these requirements and standards, Lumension
provides agencies with the ability to ensure compliance. Specifically,
Lumension
Vulnerability Management has been validated by NIST
as conforming to the Security Content Automation Protocol (SCAP)
and its component standards.
Civilian Solutions: Comply with Endpoint Security Mandates
and Protocols
- Federal Information Security Management Act (FISMA)
Compliance - primary legislation governing the management
of federal information security.
- Office of Management and Budget (OMB) M06-16 Mandate
- requires agencies to establish safeguards for sensitive
data on laptops and desktops.
- Federal Desktop Core Configuration (FDCC) - security
configuration standards developed by the National Institute
of Standards and Technology (NIST), the Department of Defense
(DOD) and the Department of Homeland Security (DHS) that
are mandated by OMB M07-11.
- Security Automation Content Protocol (SCAP) - repository
of security content used for automating technical control
compliance activities, vulnerability checking of both application
misconfigurations and software flaws, and security measurement.
DOD Solutions: Comply with Endpoint Security Mandates and
Protocols
- Director of Central Intelligence Directive (DCID) 6/3
- establishes the security policy and procedures for storing,
processing, and communicating classified intelligence information
in information systems.
- Information Assurance Vulnerability Alerts (IAVA) -
computer application software or operating system vulnerability
security bulletin, determined by JTF-GNO, which alerts on
"High-Risk/Threat" vulnerabilities.
US Government Solutions
Lumension’s Security Management Solutions Secure
Critical Information at the Endpoint
Lumension’s Common Criteria EAL 2 Certified security management
software protects against internal risks and external threats
targeting government organizations by providing comprehensive
vulnerability management, endpoint security, and data protection
solutions. These solutions include:
|
Challenges |
Lumension Solution |
|
Measure and demonstrate compliance for any federal
or state regulation such as FISMA, NIST, etc., improve
audit workflows and assess critical IT risk. |
Lumension Compliance and IT Risk Management
helps organizations achieve lower costs of compliance
by automating IT audit workflows, harmonizing controls
with policy requirements, and providing greater
reports and visibility across IT assets for optimal
security and compliance management. |
| Meet strict requirements
posed by the National Information Assurance Partnership
(NIAP) Common Criteria Evaluation and Validation
Scheme for IT Security (CCEVS). |
Lumension Vulnerability Management,
Lumension
Endpoint Protection and
Lumension
Data Protection are all certified, maintain
audit readiness and increase your security posture. |
|
Safeguard the confidentiality, integrity and availability
of sensitive data and ensure secure configurations. |
Lumension Vulnerability Management identifies
non-compliant security configurations through comprehensive
network and agent-based scanning capabilities, removes
the risk of sensitive data from being improperly
disclosed and minimizes the vulnerability window
of exposure through rapid remediation.
Lumension
Data Protection controls and monitors the
flow of inbound and outbound data via removable
devices / media and protects data using state-of-the-art
AES-256 encryption.
Lumension
Endpoint Protection identifies your organizational
security holes in the protection of information
through comprehensive auditing of user behavior
and endpoint configurations.
|
| Prevent malware execution
originating at an endpoint. |
Lumension
Endpoint Protection prevents the execution
of malware and zero-day threats through the use
of application whitelisting. |
|
Improve IT system performance. |
Lumension Vulnerability Management,
Lumension
Endpoint Protection, and
Lumension
Data Protection all provide key capabilities
that improve IT system performance: through standardizing
endpoint configurations, patching vulnerabilities
and by whitelisting applications and removable devices
to ensure that only those authorized can execute
on your network. |
| Reduce endpoint security
TCO. |
Lumension Vulnerability Management minimizes
security compliance crisis response and remediates
vulnerabilities quickly and with fewer required
resources. |
|
Improve end user productivity. |
Lumension
Endpoint Protection blocks unwanted, non-government
approved desktop applications and enforces policies
to ensure endpoints run as expected. |
| Enforce software license
compliance within the organization. |
Lumension
Endpoint Protection ensures only authorized
software applications are running on government
endpoints. |
GWAC contracts include:
To locate your Lumension Security Government solution provider,
visit the solution provider page and select "Government Solution
Provider" in the partner type drop down.
|
Lumension
Solutions for Government Organizations