Information International Associates (IIA) employees 300 IT systems designers, developers, mission specialists and security professionals serving government, academic, and private entities from its offices in McLean, VA, Oak Ridge, TN; Dayton, OH, Alexandria, VA, and the UK.
IIA leverages expertise in information management, innovative applications of technologies, and deep subject matter experts to provide unique value to our customers. We have developed a keen understanding of the roles of information within and between organizations and how to unlock the potential of information as a strategic resource.
We are your trusted partner in secure design, configuration, operation, and monitoring of your secure technology solutions where protection of sensitive business information is key to your success. (FISMA | HIPAA & HITECH | PCI). Our solutions empower CxOs with the knowledge and tools for a balanced approach to securing their enterprise and provided them tactics to achieve a reasonable standard with reduced liability for enterprise cyber security.
IIa has a proven track record of utilizing Agile software development methodologies to develop new solutions and to maintain and operate mission-critical applications. We have integrated Agile development methodologies into an overall DevOps approach utilizing heavily automated processes to streamline the quality delivery of software and ensure alignment with organizational goals.
IIa provides a full range of information security services for our customers. We integrate industry-leading technologies to provide defense in depth and a 360-degree situational awareness view throughout the enterprise. Our team performs such tasks as; security architecture design, security systems engineering, SOC operations, security analytics, incident response, information assurance, and forensic investigation services to ensure our customers remain secure.
IIa utilizes ITIL best practices, ISO 20000, and CMMI for Service to consistently deliver robust infrastructure and data center support services. Our teams manage over sixteen thousand servers, the application services and data that are hosted on them, and the supporting compute, storage, and networking resources beneath them. Our team innovates through efficiency. We develop automated tools and methods to provide efficient, consistent, and cost-effective delivery of services. We provide solutions to enhance management visibility into the enterprise through a single pane of glass reporting and monitoring dashboards. IIa has a successful track record in the design, implementation, and execution of disaster recovery for individual services and entire data centers. IIa supports our customers in achieving their Data Center Optimization through data center consolidation, migration, and process re-engineering.
IIa provides a vendor-agnostic approach to cloud services. We evaluate the readiness of organizations to move workloads and services to the cloud from a technical, organizational, and cost-benefit perspective. We assist the customer in determining the optimal mix of on-premise, hybrid, and public cloud services to efficiently meet the current and future needs. IIa provides overall architecture and application re-design and migration guidance to maximize the use of SaaS, PaaS, and IaaS services.
IIa provides a full range of end-user solutions and services for the enterprise. We provide end-user computing, virtual desktop infrastructure, and mobile device management. We focus on device configuration management, and security compliance management to ensure a secure and reliable end-user experience. IIa provides help desk and deskside services utilizing ITIL based processes tailored to meet customer needs. Our team develops and customizes ITSM solutions to meet customer needs on both the Remedy and ServiceNow ITSM platforms.
IIA works across the information life cycle to provide value from data. Our impacts range from improving management decisions, to advancing scientific discovery and technology development. We address the challenges that deal with the volume, variety, velocity, and voracity of large and complex data We understand big data issues that include identifying, capturing, validating, curating, and storing big data. We pay attention to issues with data confidentiality, data culture, and reproducibility.
To make the data source robust, big data challenges include identifying, capturing, validating (quality checking), curating, and storing big data. Good tools depend on objectives. With good data, and using analytical tools, data analytics allows us to find value from data and brings new insights not easily obtainable through human brain processing alone. Soft issues in data can kick you. Attention must be paid to key issues in data confidentiality (PII and HPII), Intellectual property, data culture, and reproducibility.
Objectives Analysis, Data Readiness Assessment, Data Governance and Data Policy Strategies, Data Management as a Service (DMaaS), Enterprise Applications Design and Development.
We leverage a global network of subject matter experts and technologists to locate key information and provide analytical support for addressing critical emerging needs. We provide open source research, all-source intelligence analysis, training, database development, policy and strategy development, in-country research, language services, and assessments to help government entities find scientific and technical solutions that strengthen the nation’s security and competitiveness.
We have a deep and rich heritage in Scientific and Technical Information research and analysis, conducting open source research and analysis of foreign military capabilities and systems, CBRN, physical science, WMD, engineering, space, missiles, trade and critical infrastructure. This capability runs across many contracts in our company – wherever and whenever our customers have a need to hone in on the collection and analysis of large and complex S&T data sets.
IIA has completed medical capability assessments for over 100 foreign countries and supported the DoD and U.S. government with critical medical intelligence. Our extensive research includes topics ranging from infectious diseases, blood safety, medical infrastructure, vaccines and quality of healthcare professionals to traditional medicine and socio-cultural issues impacting healthcare. IIA socio-cultural assessments are comprised of historical, socio-cultural, and ethnographic data that is combined with in-country field research, interviews with subject matter experts from academic, policy and government organizations. Our method employs open source information derived from traditional published, electronic and grey literature. IIA researchers employ leading-edge data mining, entity extraction and advanced visualization tools to produce comprehensive analyses.
IIA analysts are junior, mid, and senior level analysts with advanced education in Science, Technology, Engineering and Mathematics (STEM) and operational experience and capability in General Military Intelligence. We work in coordination with analysts and decision-makers and are often embedded with the organization we support whether located CONUS or forward-deployed to regions throughout the world. We are able to provide 24/7 support to operations and have expertise in All-Source intelligence to include SIGINT, MASINT, IMINT, OSINT, HUMINT and GEOINT.
IIA language services include native speakers who are proficient in English and can provide English language abstracting and translation support and analysis to our OSINT and S&T projects. Many of our linguists have advanced science and technical degrees, which provides our customers with increased analytic expertise.
While it’s difficult to fully prepare a business for the unexpected data breach or cyber-attacks, having a trained Cyber Incident Response Team (CIRT) and incident response plans can be the difference between business success and failure to fully recover. We help companies build their business continuity plans from the ground up, many times with little or NO starting point of a base document. It’s not a matter of “IF” a company will be breached or lose data… it’s “WHEN”. …and when that day happens, the successful companies are the ones with a recovery plan to protect their Intellectual Property (IP). …or “Crown Jewels”.
We engage new customers through approved Passive Network Assessments (PNAs), which we often offer as a low-cost alternative to penetration testing. Network assessments help evaluate the current state of an organization’s network security in its current environment. Through a methodical, Macro-to-Micro approach, we identify problem areas, misconfigurations, pinholes, vulnerabilities, gaps in their intended technology configuration, resource utilization; as well as evaluating the network’s ability to support the current and future requirements of the organization, identifying potential points of compromise. We work with your IT Staff to become a resource for them.
We assess systems with a combination of open source, commercial, and proprietary tools to identify security vulnerabilities of external-facing systems, internal networks, or both. We perform active-attacks to confirm the existence of vulnerabilities and reduce false positives. We actively exploit vulnerabilities to compromise systems and attempt to expand the attack through privilege escalation and launching attacks on other systems. We target systems at the network and/or application layers, as well as other external access points including modems and wireless LANs. We prioritize vulnerabilities and author detailed reports with specific remediation instructions.
We will define an enterprise approach for assessing, prioritizing, managing, and monitoring security risks. Achieve senior executive and board awareness and buy-in. Establish a business-driven governance process for the information security program. Help define security risk tolerance posture for the organization and an approach for making cost-benefit decisions with respect to accepting security risk. Define the desired end-state for security and identifying gaps from the current state. Establish short and long-term plans for achieving the end-state.
We will guide you through drafting a suite of security policies, procedures, and standards that are customized to the specific needs and risk posture of the organization. Clarify roles and responsibilities for key security control requirements. Identify mechanisms to demonstrate compliance and measure/report violations.