Web Application Penetration Assessments include in-depth testing of internal or external web applications to help identify common vulnerabilities inherent in web applications and provide detailed recommendations to improve security.
Data Center Assessments help identify and measure the security posture and resilience of a data center used by an agency or board. Security gaps are identified, validated and classified. Subsequently, a detailed list of recommendations are provided to take further action as necessary.
Identify possible security gaps across an agency environment and provide recommendations to address them.
Advanced Endpoint Protection (AEP) is a software solution that provides next-generation protection of endpoints through the use of artificial intelligence and machine learning to identify malware.
Email Encryption allows email messages and attachment to be easily protected while maintaining control wherever they are shared. This service is currently provided through Virtu.
Prevents unauthorized access or disclosure of confidential information. Protects confidential information stored and sent through insecure email.
Multi-Factor Authentication (MFA) is a security mechanism that requires multiple factors of authentication to verify a user's identity for a login or other transaction. Factors for authentication may include knowledge (something a user knows, like a password), possession (something a user has, like a key card), and inherence (something a user is, like biometrics). MFA provides an extra layer of security to prevent unauthorized access to systems.
This service provides the capability for an agency security team to conduct simulated phishing attacks against their employees, or have them conducted by Cyber Command. This involves sending emails that mimic real phishing attempts as seen by outside threats. Employees who click on any links or open any attachments are notified that they failed to recognize the simulated phishing attempt and are directed to additional Security Awareness Training.
The ADOA-ASET Digital Government team provides access to a Website Quality Assurance Monitoring service for all agencies with websites on the Agency Platform.
It is common for websites to contain errors or fail to fully conform to accessibility standards. This service provides tools and reporting to find and correct these issues to improve the experience for website visitors.
Security Awareness Training (SAT) features user-friendly online training courses that cover the latest cybersecurity best practices to educate employees on how to keep state data and devices safe. This training is mandatory for all state employees and must be completed annually.
A Security Operation Center (SOC) is a function within Cyber Command which employs people, processes, and technology to continuously monitor the security posture and potential threats to the State, while preventing, detecting, analyzing, and responding to cybersecurity incidents. The SOC also coordinates State and Federal agencies in the event of a cybersecurity incident as needed, sharing cyber threat information and resources for optimal response.
Cyber Command provides the tools for agencies to evaluate their systems against a variety of hardening guidelines and provides a detailed report of the security risks associated with any identified gaps. Recommendations on policy and configuration changes, as well as technical assistance to make them, are provided to address those gaps resulting in a more secure operating environment across the State.