We Protect Our Client’s Most Critical Information Assets

Our cybersecurity consulting and development teams have successfully led dozens of projects through the ATO process and FedRamp certification. With an organizational goal of obtaining a 0% risk score for each of our clients, Gunnison has emerged as a true leader in cybersecurity for the Federal government. We have recently worked with the US Census (achieving ATT, ATO for the GUPS system in four months).

Authority to Operate (ATO) & Facilities

Our experience to establish remote processing facilities for federal clients includes:

  • Establishing multiple redundant dedicated internet connections
  • Building physically separated LAN segments
  • Adhering to cable management guidelines. e.g. color coding interconnects according to the networks data classification.
  • Establishing Point-to-Point VPN connectivity to our clients primary site
  • Providing secure storage facilities with 24×7 video surveillance
  • Implementation of access control and logging via Datawatch
  • Implementation of environmental controls such as emergency lighting, environmental monitoring, fire alarm, and fire suppression

Recent Cybersecurity Projects:

Authority to Operate – GUPS (US Census)

GUPS, a desktop GIS application developed for the US Census. Achieved ATT and ATO for the GUPS system in only 4 months.

Key Achievements:

    • Performed code level security review of application
    • Performed internal FIPS-199 data classification
    • Achieved Low data classification based vs initial agency recommended Medium classification
    • Conducted security related tasks within the Agile framework
    • Ultimately obtained a 0% risk score
    • Prepared system description for Agency security staff

Cloud Infrastructure Migration

Gunnison recently migrated 3 systems into the Aws Gov Cloud for the U.S Census. During this process we helped define the technologies and techniques required for a successful migration and for a successful Certification and Accreditation process. All three systems achieved an ATO.

Gunnison also recently support a commercial client in migrating 3 of their Commercial SaaS offerings to AWS Gov Cloud with a goal of FedRAMP High certification. Again, we helped drive the technologies and techniques required for a successful migration to Gov Cloud and a FedRAMP High certification.

Specific Tasks Included:

    • Performing a gap analysis against the NIST 800.53 High Controls.
    • Recommending tools and Techniques close gaps
    • Creating User Stories with detailed acceptance criteria to close gaps across 3 Agile Development teams
    • Preparing documentation required to satisfy a FedRAMP high assessment to include:
    • FedRAMP System Security Plan
    • Privacy Impact Assessments
    • Privacy Threshold Analysis
    • Rules of Behavior
    • Configuration Management Plan
    • Incident Response Plan
    • System Inventory
    • Separation of Duties Matrix

Take the Next Step

info@gunnisonconsulting.com

571-429-5004‬

Inquire Through Our Contact Form

LET’S DISCUSS HOW WE CAN HELP YOU

CONNECT WITH GUNNISON

Is your organization looking to team or partner with one of the most ambitious companies serving the Washington DC market space? Gunnison Consulting is actively pursing the right strategic partners to tackle challenging IT projects with the Federal government and commercial enterprises.

REACH OUT
YOU CAN TELL A LOT ABOUT A COMPANY BY WHO HIRES THEM