TISTA offers expertise in securities and engineering support, network and critical infrastructure protection, IT operations and maintenance, information assurance, enterprise security, continuity of operations plans (COOP), risk management, IT architecture, certification and accreditations (Department of Defense [DoD] and IC systems), intelligence operations support, software and database development, help desk, and network support.

In recent months, TISTA has been privileged to provide services to the following Federal and private agencies: Defense Information Systems Agency (DISA); U.S. Department of Veterans Affairs (VA); U.S. Air Force; U.S. Department of Commerce (DOC); National Institutes of Health (NIH); National Institute on Drug Abuse (NIDA); U.S. Department of Transportation (DOT); Alion Science and Technology; Pragmatics, Inc.; Westover Consultants, Inc.; and Global Network Solutions.

Recent Projects:
Below, we provide project summaries demonstrating our recent tasks.

Internal Revenue Service, Cyber security:
TISTA is providing the IRS with enterprise information technology expertise through the Office of Modernization and Information Technology Services (MITS). Under MITS, TISTA is supporting the Office of Cyber Security with implementing and safeguarding programs to protect IRS data from all data security risks. The Office of Cyber Security Policy and Programs develops and delivers the IT security policy and programs that safeguard the confidentiality, integrity, and availability of IRS systems and applications. Additional responsibilities under this contract include mitigation of risks of IT system security through analysis of controls and planning to leverage remediation plans throughout the enterprise; implementation of new or updated IT security initiatives; certification and accreditation (C&A) of enterprise GSS and applications; support of Homeland Security Presidential Directive 7 (HSPD-7) critical information protection; management of Information Systems Security Officers for IT security programs; support of Federal Information Security Management Act (FISMA) related activities; the development and review of IT security policies to ensure compliance with FISMA, OMB, NIST, Treasury Federal Regulatory Guidelines and industry best practices for IT security; and the planning, design, and implementation of Identity and Access Management systems.

Web Based Case Tracking System for Department of Justice (DOJ):
As a subcontractor the AT&T Federal solutions, TISTA is currently assisting DOJ in creating and maintaining a comprehensive Web based incident and case tracking system that is used nation-wide by Department of Justice and other agencies such as the Bureau of Alcohol, Tobacco, Firearms and Explosive, Bureau of Prison, Drug Enforcement Administration, Federal Bureau of Investigation, US Attorneys, US Postal Services, and other agencies. This comprehensive Web-Portal system allows for victim agents to log-in incident/case report into the system, which activates a tracking system. The system keeps records of all development for respective cases (including verdicts). The information is then shared via a secured, role base Identify Management and Access Control System.

Information Assurance Support for DISA’s Joint Spectrum Center (JSC):
TISTA provides IT and information assurance support on this project. In accordance with the DoD Information Technology System Certification and Accreditation Program (DITSCAP), TISTA’s onsite employees maintain a secured, certified, and accredited IT infrastructure. We conform to the mandates specified in DoD’s Directives 8500.1 and 8500.2 of the new DoD Information Assurance Certification and Accreditation Program (DIACAP). As part of the DITSCAP process, TISTA supports DISA JSC in developing and maintaining a System Security Authorization Agreement (SSAA).

Additional responsibilities under the contract include acting as a technical liaison to a classified project. TISTA played a key role in helping the team develop a system architecture that met DISA’s stringent security requirements. TISTA engineers also configured all related servers to comply with DISA’s Security Technical Implementation Guides (STIG). We continue to help the project team ensure that the system complies with existing and new security policies as they are released by DISA. Other tasks under this effort include helping DISA JSC update security policies, perform system security assessments with tools, follow guidelines set by DoD/DISA, and maintain security tools in use by DoD/DISA.

Information Protection Program Support for the VA’s Field Security Operations Program Management Office:
TISTA’s information assurance engineers currently provide onsite support to the VA’s Information Protection initiative. TISTA uses CISSP security expertise and industry best practices such as ISO/IEC 17799 and NIST and NSA guidance to assess the VA Information Protection architecture and develop action plans to remedy security framework deficiencies. TISTA's current effort to support VA’s Office of Management and Budget’s (OMB’s) memorandum (M-06-16)—which emphasizes the Federal requirement, as per NIST Special Publication 800-53 significantly enhances the response to the VA’s Office of Inspector General (OIG) audit report on the loss of VA veteran information.

Under this contract, TISTA is identifying VA’s security and privacy requirements; assessing capabilities of current centralized security or privacy services; analyzing security and privacy gaps, capabilities, and trade-offs; proposing technical solutions or updating the architecture; evaluating security vendor responses; applying defense-in depth methodology at an enterprise level; designing an enterprise security and privacy framework; integrating current organizational initiatives into current technologies; and capturing organizational performance objectives and aligning technologies to VA’s strategic goals.

Department of the Defense, U.S. Air Force Security + Certification Training
TISTA provides Security + certification training services to the U.S. Air Force. Our team is assisting the U.S. Air Force personnel to meet the certification requirements for the CompTIA Security+ examination, as well as the US DoD Directive 8570.1. With our assistance, our client is able to acquire knowledge in the computer hardware, operating systems, and network management areas. Our training covers topics areas such as, Identifying security threats, Hardening internal systems and services, Hardening internetwork devices and services, Securing network communications, Managing public key infrastructure (PKI), Managing certificates, Enforcing organizational security policies, Monitoring the security infrastructure, Networking Infrastructure, Access Control, Assessments and Audits, Cryptography, and Organizational Security.

Information Assurance and Security Support for DOC’s Bureau of Economic Analysis (BEA):
TISTA provided skilled personnel with technical expertise to certify the BEA’s security plan. Under this task TISTA reviewed several areas of BEA’s security plan for certification, including the system maintenance policy, personnel security policy, contingency planning policy, media protection policy, and security awareness policy. After completing the security plan evaluation, TISTA wrote a report to agency management that included the company’s findings and recommendations.

Risk Management Support for DOT’s Federal Railroads Administration (FRA):
TISTA’s information assurance engineer helped FRA assess risk management processes in detail. TISTA analyzed certification and accreditation (C&A), FISMA self-risk assessments, technical assessments, and risk assessments. TISTA also helped FRA write a continuity of operations plan (COOP). TISTA’s assistance on security configuration reviews, management reports for improving the C&A packages, and development of the COOP from beginning to end was instrumental for FRA’s multiple field and backup sites.

Information Assurance and Security Support for NIH:
TISTA provided IT and information assurance support services to NIH’s National Cancer Institute. TISTA’s onsite employee certified and accredited IT infrastructure in accordance with NIH’s internal IT guidelines. Our staff also helped NIH prepare for upcoming security test & evaluation (ST&E) procedures.

Database Design and Maintenance Support for NIDA, Department of Health and Human Services (HHS):
As a subcontractor to Westover Consultants, Inc., TISTA assisted NIDA develop and maintain a Reference Manager Database that provides on-demand access to scientific citations and abstracts that enable NIDA personnel to refine their studies. This tool is a bibliographic management system that, when designed expertly, can be used for storing, managing, searching, filtering, retrieving, and publishing bibliographic references. TISTA used a number of online scientific information retrieval portals, including ISI’s Web of Science and PubMed.

Under the same task, TISTA is assisted NIDA to develop and maintain a Web-based presentation management system. This data-intensive application server organizes and manages Power Point presentation materials those can be accessed by a built-in search engine.

ASP.NET based Applicant Tracking System (ATS) Application Development for Westover Consultants, Inc.:
TISTA developed an Applicant Tracking System designed to assist its client to effectively expand and manage their applicant pool, meet Government contracting requirements, qualify their candidates, and streamline their hiring process. This comprehensive Web accessible application allows for industry standard application integration; sorting and updating of duplicate records; flexible reporting system; integration with corporate website, Intranet and financial system, prescreening and applicant scoring, and many more functionalities those greatly enhance an agency’s hiring process.