Platinum’s IT support services are designed to “ Bring Technology and Business Processes Together.”
Platinum is a full-service Information Technology consulting firm that offers a full complement of IT services. Our mission is to be a premier provider of business and technical information services. Platinum’s focus is to assist IT leaders in reducing costs and minimizing risk to their IT and business operations. Our consulting and risk services focus on people, processes, technologies, and standards. These principles and strategies create greater efficiencies and economies of scale for federal agencies. We ensure that these essential principles are embodied in the entire lifecycle of our IT services, including data management, systems functionality, enterprise architecture, business re-engineering, capital planning security, and enterprise performance-based processes. Platinum is dedicated to a disciplined federal framework for IT management that includes critical federal legislation, Executive Guidance, agency policies, and federal technical guidance (e.g., FISMA and the NIST SP-800 series). Platinum works to exceed the service levels of each project and to enhance the value that we provide to our clients.
We are experienced in providing Technology for:
Today’s technologically dependent world demands that attention be paid to the processing, storage and transmission of data and the systems and processes used for those purposes. Cybersecurity is a crucial consideration of any risk management plan. With in-depth knowledge of the technological terrain associated with information assurance concerns, Platinum supports the monitoring and minimization of risks across data systems and processes.
We provide assessment services needed for high-value assets (HVA) systems. Our cyber capabilities include Risk and Vulnerability Assessments (RVA), Security Architecture Review (SAR), and Systems Security Engineering (SSE). Our seven-step RMF includes preparation, information security categorization, control selection, implementation, assessment, system and standard control authorizations, and continuous monitoring. RMF activities may also include Information Security Continuous Monitoring Assessment (ISCMA), which evaluates organization wide ISCM implementations, and Federal Incident Response Evaluations (FIREs), which assess an organization’s incident management functions.
There are five subcategories under the HACS SIN. Platinum has experience within each subcategory from the GSA eLibrary and has passed the technical evaluation for that specific subcategory including:
- High Value Asset Assessments – include Risk and Vulnerability Assessment (RVA) which assesses threats and vulnerabilities, determines deviations from acceptable configurations, enterprise, or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. See the section below on RVA for details on those services. Security Architecture Review (SAR) evaluates a subset of the agency’s HVA security posture to determine whether the agency has properly architected its cybersecurity solutions and ensures that agency leadership fully understands the risks inherent in the implemented cybersecurity solution. The SAR process utilizes in-person interviews, documentation reviews, and leading practice evaluations of the HVA environment and supporting systems. SAR provides a holistic analysis of how an HVA’s individual security components integrate and operate, including how data is protected during operations. Systems Security Engineering (SSE) identifies security vulnerabilities and minimizes or contains risks associated with these vulnerabilities spanning the Systems Development Life Cycle. SSE focuses on but is not limited to the following security areas: perimeter security, network security, endpoint security, application security, physical security, and data security.
- Risk and Vulnerability Assessment – assesses threats and vulnerabilities, determines deviations from acceptable configurations, enterprise, or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. The services offered in the RVA sub-category include Network Mapping, Vulnerability Scanning, Phishing Assessment, Wireless Assessment, Web Application Assessment, Operating System Security Assessment (OSSA), Database Assessment, and Penetration Testing.
- Cyber Hunt – activities respond to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunts start with the premise that threat actors known to target organizations in a specific industry or with specific systems are likely to also target other organizations in the same industry or with the same systems.
- Incident Response – services help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore their networks to a more secure state.
- Penetration Testing – is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.
Platinum seamlessly translates our proven methodologies and best practices for program management into the achievement of complex IT goals. Our professionals are IT Technology Auditors and Senior Project Leads seasoned in designing and implementing systems complaint with Sarbanes-Oxley Technology Requirements. We have a proven track record of completing projects, on-time, within budget, and at a service level that exceeds expectation.
Platinum’s Enterprise Architects know what constitutes a sound structure for enterprise organization and operation. We offer analytics to discover integral weaknesses and solutions to structural flaws. Our experts offer support to improve the internal constructs that determine the effectiveness with which objectives are achieved.
We have direct experience with best practices including the strict Federal Enterprise Lifecycle Performance (ELPC) Framework, Federal Systems Development Life (SDLC) methodologies, Federal Enterprise Architecture Framework (FEAF), Federal Segment Architecture Methodology (FSAM), Federal Health Architecture (FHA), and Information Technology Infrastructure Library (ITIL).
Platinum is well versed in the systems development lifecycle. Our experts have supported the development of IT systems in accordance with all relevant federal standards and with simultaneous consideration for practicality, return on investment, and efficiency.
IT Governance forms the foundation of well-informed IT investment. Platinum’s understanding of the integrated nature of strategic planning, risk management, and IT management enables us to support organizations in maximizing their return in every phase of the IT life cycle.