Capabilities Overview



Similar documents
Hosting Services VITA Contract VA AISN (Statewide contract available to any public entity in the Commonwealth)

Data Security Standard (DSS) Compliance. SIFMA June 13, 2012

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

FISMA Cloud GovDataHosting Service Portfolio

IT Security & Compliance Risk Assessment Capabilities

BMC s Security Strategy for ITSM in the SaaS Environment

HOW SECURE IS YOUR PAYMENT CARD DATA?

How To Manage Information Security At A University

Automated Risk Management Using NIST Standards

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA Office: Fax:

Health Insurance Portability and Accountability Act Enterprise Compliance Auditing & Reporting ECAR for HIPAA Technical Product Overview Whitepaper

A Flexible and Comprehensive Approach to a Cloud Compliance Program

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

White Paper September 2013 By Peer1 and CompliancePoint PCI DSS Compliance Clarity Out of Complexity

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

Security Considerations

Client Security Risk Assessment Questionnaire

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

Western Australian Auditor General s Report. Information Systems Audit Report

PCI DSS COMPLIANCE DATA

PCI DSS. Payment Card Industry Data Security Standard.

Cyber, Security and Privacy Questionnaire

9/14/2015. Before we begin. Learning Objectives. Kevin Secrest IT Audit Manager, University of Pennsylvania

MASSIVE NETWORKS Online Backup Compliance Guidelines Sarbanes-Oxley (SOX) SOX Requirements... 2

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

Amazon Web Services: Risk and Compliance January 2011

With Eversync s cloud data tiering, the customer can tier data protection as follows:

[Insert Company Logo]

PCI Data Security. Meeting the Challenges of PCI DSS Payment Card Security

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers

Data Security & PCI Compliance & PCI Compliance Securing Your Contact Center Securing Your Contact Session Name :

INFORMATION SECURITY SPECIFIC VENDOR COMPLIANCE PROGRAM (VCP) ACME Consulting Services, Inc.

Cloud Services Overview

HIPAA COMPLIANCE AND

HIPAA Privacy & Security White Paper

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant

Payment Card Industry Data Security Standards.

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

CHIS, Inc. Privacy General Guidelines

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Security Controls What Works. Southside Virginia Community College: Security Awareness

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

SOC & HIPAA Compliance

Governance, Risk, and Compliance (GRC) White Paper

HIPAA: Compliance Essentials

Appendix 10 IT Security Implementation Guide. For. Information Management and Communication Support (IMCS)

ADMINISTRATIVE POLICY # (2014) Information Security Roles and Responsibilities

Compliance and Industry Regulations

Whitepaper: 7 Steps to Developing a Cloud Security Plan

3rd Party Assurance & Information Governance outlook IIA Ireland Annual Conference Straightforward Security and Compliance

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:

Don Roeber Vice President, PCI Compliance Manager. Lisa Tedeschi Assistant Vice President, Compliance Officer

Preparing for the HIPAA Security Rule

Transparency. Privacy. Compliance. Security. What does privacy at Microsoft mean? Are you using my data to build advertising products?

Delivering IT Security and Compliance as a Service

PCI Compliance Training

EARTHLINK BUSINESS. Simplify the Complex

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance

Are You Prepared to Successfully Pass a PCI-DSS and/or a FISMA Certification Assessment? Fiona Pattinson, SHARE: Seattle 2010

Vendor Management Challenges and Solutions for HIPAA Compliance. Jim Sandford Vice President, Coalfire

HIPAA-COMPLIANT PRIVATE CLOUD DELIVERS LIFE-SAVING MEDICAL HELP

Why Encryption is Essential to the Safety of Your Business

PCI Requirements Coverage Summary Table

Digital Healthcare: Author. A HIPAA compliant cloud strategy. Choosing a Cloud Service Provider. Alex Ginzburg

igrc: Intelligent Governance, Risk, and Compliance White Paper

Whitepaper. Identifying, Classifying, and Protecting Personally Identifiable Information in Google Drive (Docs) Introduction.

Sage Nonprofit Online and Sage Virtual Services. Frequently Asked Questions

TNHFMA 2011 Fall Institute October 12, 2011 TAKING OUR CUSTOMERS BUSINESS FORWARD. The Cost of Payment Card Data Theft and Your Business

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA Toll Free: (877) IRON411

Firewall Administration and Management

Amazon Web Services: Risk and Compliance January 2013

PCI Policy Compliance Using Information Security Policies Made Easy. PCI Policy Compliance Information Shield Page 1

Transcription:

Premier Provider of egov Services to the Commonwealth of Virginia Capabilities Overview May 2015 Your One Stop Shop for egov Services CAI ITCL Statement of Work Contract Application Development VITA egov Hosting Contract VA-120416-AISN VITA egov Operations and Maintenance Contract VA-120413-BPI Virginia SWaM Small Business #697064 www.aisn.net/egov

Table of Contents Our Contracts... 2 Build: CAI Virginia IT Contingent Labor Contract Statement of Work (SOW)... 2 Host: VA 120416 AISN Hosting Services... 2 Maintain: VA 120413 BPI Web Applications Maintenance and Operations... 2 Our Services... 3 Application Development... 3 Application and Website Hosting... 3 Vulnerability Scanning for Applications and Websites... 3 HIPAA and FISMA Compliant Hosting... 3 Microsoft Azure... 3 Cloud Services... 3 PCI Compliant Payment Portals... 3 AIS Network Security and Compliance... 4 NIST Framework... 4 FISMA... 4 HIPAA... 4 SSAE 16... 4 PCI Compliance... 5 Contact Us... 6 Page1 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

Our Contracts Currently supporting almost two dozen agencies, AIS Network is your One Stop Shop for egov services. As a SWaM certified Small Business, we can help your agency meet its SWaM targets, while building, hosting, and maintaining your application, portal, or website using the following contract vehicles. Build: CAI Virginia IT Contingent Labor Contract Statement of Work (SOW) As an authorized sub contractor to CAI, AISN can build your application, portal or website as a fixed price, deliverables based project. AISN can also provide Staff Augmentation services under this contract. More information on this contract can be found here: http://vaitcl.compaid.com/ Host: VA-120416-AISN Hosting Services This egov Hosting Service statewide contract allows AISN to provide scalable hosting solutions for Web and non Web based applications and data to all public bodies in the Commonwealth of Virginia, including state agencies, universities, school systems and localities. There are no restrictions or limitations for nonexecutive branch agencies or other public entities. More information on this contract can be found here: http://vita2.virginia.gov/procurement/contractdetail.cfm?contract_id=1000731 Maintain: VA-120413-BPI Web Applications Maintenance and Operations As an authorized sub contractor to BroadPoint, AISN can provide: Operations and Maintenance for your new or existing web applications, and Payment Processing Applications (Including development, maintenance, and hosting). More information on this contract can be found here: http://www.vita2.virginia.gov/procurement/contractdetail.cfm?contract_id=1000729 Page2 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

Our Services Some of the common solutions we offer are found below. However, we realize one size doesn t fit all, and are always ready to help you customize a solution for your unique needs. Application Development AISN offers fixed priced, deliverables based application development services under the Virginia IT Contingent Labor SOW Contract (aka CAI Contract). AIS Network delivers high quality website and application development with a deep understanding of our clients requirements and a focused eye on the target audience. AIS Network maintains expertise in content management systems such as SharePoint, SiteCore and WordPress along with programming frameworks like PHP, ASP.NET and C#. Application and Website Hosting Organizations that have mission critical websites that absolutely must be available turn to AISN. Whether it is a high profile geo redundant site such as www.virginia.gov, or VDEM s www.vaemergency.gov, and whether you are using SharePoint, Wordpress, Sitecore, Drupal, some other CMS, or no CMS at all, AISN has a customized solution to meet your needs. Vulnerability Scanning for Applications and Websites AISN offers vulnerability scanning, reporting, and remediation services to help your agency meet its requirements under SEC 501. Our Base Package consists of a single scan and report for $995, but we offer volume discounts for agencies requiring scans of multiple sites, or periodic scans of the same site. Remediation services are provided based on an agreed upon Scope of Work for your particular situation. We are committed to providing a customized package to meet your needs, so give us a call to discuss. HIPAA and FISMA Compliant Hosting All AISN hosting services are HIPAA and FISMA compliant and include the high security required to safeguard PHI, PII, and other sensitive data. By supporting your most sensitive sites, applications and databases in our state of the art data centers, AISN can help you maintain Health Insurance Portability and Accountability Act (HIPAA) of 1996 compliance. Microsoft Azure in addition to our High Security/High Compliance services, AISN also resells Microsoft Azure public cloud services. Cloud Services AISN offers Cloud Based Disaster Recovery, Public Cloud (great for test/dev servers, public facing websites, or sandboxing), High Security Private Cloud (Organizations that require high levels of compliance, security, scalability, enhanced performance, and availability choose the AISN High Security Private Cloud) and Hybrid Cloud. PCI Compliant Payment Portals Any network involved in transmitting credit card data must maintain PCI Compliance. Through the BroadPoint O+M contract, AIS Network delivers Commonwealth Security Approved solutions to ensure that the transmission of data always remains secure and compliant. Page3 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

AIS Network Security and Compliance AISN understands security. We maintain high levels of compliance to serve customers ranging from federal agencies to state agencies to international pharmaceutical companies. We know how to handle and protect your sensitive information. NIST Framework AISN maintains a written Privacy Policy that governs the collection, maintenance, use and dissemination of personally identifiable information (PII). As part of its overall compliance strategy, including compliance with FISMA, AIS has implemented the NIST security control framework (800 53). These controls are reviewed annually by an independent third party as part of a comprehensive Risk Assessment process. FISMA AISN has successfully completed a FISMA Moderate Compliance Audit. This verifies that AIS Network recognizes the importance of information security by following a tailored set of baseline security controls from NIST Special Publication 800 53, and documents the physical, administrative, and technical safeguards AISN has implemented, the effectiveness of the AIS Network Risk Management Strategy, and how AISN s controls achieve FISMA Moderate compliance. HIPAA AISN s audit program ensures we stay abreast of the latest developments, including the recent changes to the HIPAA Security Rule. AIS Network offers HIPAA compliant hosting because we take the security and safekeeping of our clients PHI extremely seriously. All of our hosting services are HIPAA compliant and include the high security required to safeguard your Protected Health Information (PHI) data. We strive to comply with HIPAA regulations by implementing and maintaining a multi faceted, stringent Risk Assessment Process that takes into account the threats against PHI. AISN s Risk Assessment Program contains the following elements: Annual risk assessments Risk based selection and implementation of controls Ongoing monitoring of controls Semi annual testing and adjustment of controls Reporting to management for annual program update SSAE 16 Operating within an SSAE 16 audited data center does not make a hosting company SSAE 16 compliant. Our company AND our data centers maintain this level of compliance. SSAE 16 auditing standards focus on the controls of a service organization that are relevant to an audit of a user entity s financial statements. Federal regulations such as Sarbanes Oxley, Gramm Leach Bliley and the Health Insurance Profitability and Accountability Act (HIPAA) Page4 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

require corporations to audit the internal controls of their suppliers, including those that provide technology services. AISN has implemented best practice controls demanded by their customers to address information security risks, and has been continuously SSAE 16 audited, by independent third party auditors, since 2009. As a result of these audits, an independent, third party auditor has issued an opinion that validates these controls and has performed tests that provide assurance regarding the managed solutions provided by AISN. PCI Compliance The PCI Security Standards are technical and operational requirements set forth by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all organizations that store, process or transmit cardholder data. The AISN network infrastructure maintains PCI compliance and we provide PCI compliant services for agencies engaged in the transmission of PII through our network. AISN maintains compliance with Self Assessment Questionnaire C and, as an additional measure, this compliance is verified in our FISMA audits. Ongoing compliance measures include SSL Certificate Encryption, quarterly network scans by an approved scan vendor, server security monitoring and an annual self assessment. Page5 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

Contact Us Northern Virginia Office 8300 Greensboro Dr., Ste. 1100 McLean, VA 22102 Midwest Sales Office 1611 Colonial Parkway Inverness, IL 60067 Correspondence P.O. Box 1697 Falls Church, VA 22041 By Phone Main: 847.202.1400 Sales: 888.401.AISN (2476) Support: 888-352-AISN Fax: 847.202.4460 Jay Atkinson CEO 703.304.1523 jay.atkinson@aisn.net Kurt Baumann CTO 202.415.0088 kdb@aisn.net Bill Peters Director of Sales 888.401.2476 x. 123 bill.peters@aisn.net Page6 AIS Network 8300 Greensboro Dr., Ste. 1100, McLean, VA 22102 1611 Colonial Parkway, Inverness, IL 60067 Phone: 847 202 1400 x 123 888 401 2476 x 123 www.aisn.net

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information