SecureIT to provide Independent Cybersecurity Assessment of Cloud-Computing Solutions to support GSA Infrastructure as a Service (IaaS) Contract

June 14, 2011

FOR IMMEDIATE RELEASE
Media Contact: David Trout, 703.464.7010

Reston, VA, 6/14/2011 – SecureIT was selected by Computer Technologies Consultants (CTC) and its partner SoftLayer to provide independent security control and vulnerability assessment services. CTC and SoftLayer were awarded contracts for GSA Infrastructure as a Service (IaaS) cloud computing solutions. CTC has been delivering managed hosting to government clients for many years. In selecting SoftLayer as a strategic partner, CTC added world-class on-demand data center and hosting services across the United States. This contract allows the team of CTC and SoftLayer to provide government entities cloud storage, virtual machines, and web hosting services to support the Federal government cloud computing strategy to overcome inefficiencies and improve government service delivery.

“This is a ground breaking contract for the federal government and we are pleased to have been selected to perform the independent security assessment”, said Jim Graham, SVP of SecureIT’s Federal Practice. “GSA requires IaaS contract holders to comply with stringent security requirements based on NIST, which have been updated to meet the unique challenges of cloud computing. Our corporate experience assessing security for government agencies and commercial companies combined with our involvement in cloud computing security standards efforts positioned us for this award”. U.S. Federal agencies are now required to implement a “cloud-first” policy when considering new information technology purchases. The cloud computing services which agencies purchase must comply with security requirements based on NIST and the providers must demonstrate continuous monitoring of the security controls validated by 3rd party security assessors.

SecureIT will assess the security controls of this integrated infrastructure in the three lots awarded: Cloud Storage, Virtual Machines and Cloud Web Hosting. GSA specified the assessment and authorization process which is based the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP was established to provide a standard approach to assessing and authorizing cloud computing services and products. FedRAMP allows joint authorizations and continuous security monitoring oversight for Federal and Commercial cloud computing systems intended for multi-agency use.

About SecureIT

SecureIT is a professional and technical services firm focusing on cybersecurity, information assurance and technology risk management. Assisting government agencies, corporations and non-profit organizations, SecureIT enables its clients to identify and manage risks in business processes, technology and contracted services. SecureIT offerings include Cybersecurity, Information Assurance, Governance, Risk & Compliance, IT Audit, and Security Training. Founded in 2001, the company is comprised of experienced and certified cybersecurity, privacy and IT audit professionals that sit on the boards and are active in Washington DC area chapters of information security organizations such as ISACA, ACT-IAC, ISSA and IIA. For more information, call 703.464.7010, email info@secureit.com or visit www.secureit.com.