ISD Service Descriptions

Anti-Virus:

Prevents, detects, and removes malicious software. 


Application Vulnerability Scanning: 

Identifies potential security vulnerabilities in new and existing applications.


Audit & Compliance Assistance: 

Facilitate and ensure compliance with Federal, State and third party regulations.


Cloud Services Vendor Evaluation: 

Ensure contractual terms and security controls are in place for cloud IT providers.


Computer Forensics and Investigations: 

Conduct computer forensic examinations for state agencies to determine malicious intent.


COOP/COG: 

Assist with development, review, and maintenance of Continuity of Operations (COOP)/Continuity of Government (COG) for all state agencies for recovery of essential functions.


Cybersecurity Contract Procurement Review: 

Assess contractual terms and conditions as it relates to information security controls.


Data Recovery (Backups): 

Provide solutions to prevent unintentional data loss due to system failures.


Desktop & Laptop Encryption: 

Provide encryption for laptops and desktops to prevent unauthorized access.


E-mail Encryption: 

Protect email in transit between sender and receiver to keep the information confidential.


E-mail Spam Filtering: 

Prevent malicious messages from reaching the intended target. 


Firewall & Proxy Services:

Protect internal systems from unauthorized access via the internet.


Incident Response: 

Coordinate and facilitate a unified response to information security incidents.


Intrusion Detection: 

Monitor network traffic for malicious activity such as malware and web exploits. 


Malware Detection: 

Alert for signs of malicious software identified in the network or computer systems.


Mobile Device Management: 

Manage the security controls for state owned mobile devices including phones, and tablets.


Netflow (Network Traffic Analysis): 

Collect and analyze computer network traffic to aid incident response.


Patch Management (Third Party Applications): 

Ensure computer operating systems and software code is kept current.


Penetration Testing: 

Identify potential vulnerabilities in our information systems that s could be exploited by an attacker.


Risk Assessment Facilitation: 

Risk assessments provide an in-person review of an organization’s practices to identify risk faced by the organization. After completion of the risk assessment organizations receive a report summary.


Security Awareness Training: 

Online and in-person training covering the basics of information security awareness. Topics include: Internet & email user, social engineering & phishing, malware, mobile devices, physical security and data protection.


Secure Design & Consulting: 

The Information Security Division (ISD) can assist in the design and implementation of security products.


Secure Electronic Disposal: 

Secure disposal (shredding or incineration) of electronic media includes hard drives, backup tapes, floppies, DVDs, CDs, microfiche, microfilm, thumb drives and audio\video tapes.


Security Operations Center: 

The Security Operations Center (SOC) monitors for attacks targeted at state and local government IT resources.  ISD SOC manages cyber incidents for the executive branch.


Security Policy & Standards Development: 

The Information Security Division (ISD) develops an enterprise-wide information security framework through security standards, procedures and best practices.


System Incident & Event Management: 

The Security Incident & Event Management (SIEM) consolidates log information from systems and generates security alerts for potentially malicious events.


Threat Intelligence Management: 

The Information Security Division (ISD) receives information security threat\vulnerability information from state\federal sources and alerts government organizations of active threats.


User Web Filtering: 

The Web Filter monitors internet activity and restricts access to unauthorized websites.  The Web Filter provides anti-malware capabilities and prevents websites from executing drive by browser downloads.


Vulnerability Management: 

The Enterprise Vulnerability Management System (EVMS) scans networks for vulnerabilities in hardware, software and firmware.  System owners are notified of vulnerabilities and provided assistance with remediation.


Web Application Firewall: 

The Web Application Firewall protects web applications from common web attacks including cross-site scripting XSS and SQL injection as well as more complex signature attacks.

Printed from the Information Security Division website on May 28, 2020 at 10:33pm.