Welcome to Our Newsletter
Welcome to ISEC7’s September newsletter! This month, we’re excited to explore end-of-fiscal-year procurement best practices, spotlight our solution ISEC7 CLASSIFY, dive into the new iOS 18 update, and keep you informed about our upcoming events and latest blog posts.
Procurement Needs at the End of the Fiscal Year
The end of the federal fiscal year is fast approaching, and procurement season is upon us. ISEC7 has an array of offerings to suit your unique digital workplace and budget. ISEC7 Government Services holds contracts with GSA MAS under IT Schedule 70 (GS-35F-162AA and 47QTCA19D00LZ), and we can provide all our proprietary solutions, including ISEC7 CLASSIFY, ISEC7 MAIL, and ISEC7 SPHERE, and have procurement vehicles available through a myriad of partners in various categories.
Additionally, if you have mandates to meet by the end of the fiscal year, ISEC7 can help with that. For example, Memorandum M-22-09 sets forth a federal zero trust architecture strategy requiring government agencies to meet specific cybersecurity standards and objectives by the end of the fiscal year 2024. ISEC7 can absolutely help government and nongovernment agencies alike deploy a Zero Trust security strategy and incorporate Zero Trust elements into their network so that you are in compliance as the new fiscal year begins.
ISEC7’s long-standing relationships prove our track record and trust factor, and we can do as little helping you fill in gaps or as much as a comprehensive overhaul of your ecosystem. The team at ISEC7 can provide an objective assessment of what tools can address the needs of your organization and/or risk mitigation needed to enhance your current solution, and we can assist with vendor selection, mobile strategy and ongoing support.
Solution Highlight: ISEC7 CLASSIFY for CUI
Controlled Unclassified Information (CUI) is information that is not classified but requires safeguarding or dissemination controls. Per the Defense Counterintelligence and Security Agency (DCSA), protecting CUI is a government-wide initiative directed by Executive Order 13556 that impacts more than 100 departments and agencies within the Executive branch. Defense contractors and FSOs who need to comply with CUI protection requirements must adhere to a detailed, complex, and somewhat daunting data marking system.
Our proprietary solution ISEC7 CLASSIFY simplifies this system by defining all CUI categories and controls, ensuring markings follow the most current CUI registry. The solution is designed to prevent users from incorrectly classifying their communications and provides templates for where classification markings need to be applied. The solution also verifies that proper permissions are granted to the sender and recipients before sending along with tracking for statistics and auditing. ISEC7 CLASSIFY support the Traffic Light Protocol (TLP) set forth by the Cybersecurity and Infrastructure Security Agency (CISA), which provides security officers for general businesses with best practice guidance on how to mark and share sensitive data within an organization or externally.
Providing a user-friendly experience to ensure that all documents are properly marked and compliant with laws and regulations, ISEC7 CLASSIFY is an essential tool for any organization with data protection requirements, and those needing to meet the new CMMC 2.0 requirements. Feel free to contact us about ISEC7 CLASSIFY, CUI, or CMMC 2.0, and we would be happy to answer any questions you may have and provide a demo.
Guidelines for Updating to iOS 18
iOS 18 is set for release on September 16th, with important enhancements in the areas of security and privacy, as well as enterprise device management. Users may have some trepidation about updating to the new OS, as there is always a risk of data loss, bugs and stability issues, compatibility concerns, and performance issues, among others. Managing OS deployment, especially with the upcoming iOS 18, involves several key steps to ensure a smooth transition and maintain control over your devices. Here are some strategies you can use:
-
Mobile Device Management (MDM): Admins can utilize an MDM solution to control when and how updates are installed and prevent updates until they are permitted.
-
Supervised Devices: For organization-owned devices, ensure they are in supervised mode. This gives you greater control over the devices, including the ability to enforce restrictions, manage apps, and control updates.
-
Automated Device Enrollment (ADE): Use Apple’s Automated Device Enrollment (ADE) to streamline the setup process for new devices. This ensures that devices are configured according to your organization’s policies right out of the box.
-
Software Update Policies: In Intune, you can manage iOS software update policies to control the deployment of updates. You can choose to deploy the latest update or an older version, depending on your needs.
-
Testing and Staging: Before rolling out iOS 18 to all devices, test the update on a small group of devices to identify any potential issues. This helps in mitigating risks and ensuring compatibility with your existing solutions and systems.
-
User Communication: Inform your users about the upcoming update and provide them with guidelines on what to expect to reduce confusion and ensure a smoother transition.
By following these steps, you can effectively manage the deployment of iOS 18 and maintain control over your organization’s devices. If you have any specific concerns or need further details, please don’t hesitate to reach out, and stay tuned for our next blog post where we will discuss the iOS 18 update and features in greater detail.
ISEC7 at TechNet Indo-Pacific
ISEC7 will be at TechNet Indo-Pacific 2024 on October 22 – 24 in Honolulu, Hawaii. The largest event of its kind in the Indo-Pacific Rim, the conference focuses on the regional issues military leaders have identified, including the full spectrum cyber operations. We’re looking forward to sharing our industry insights and solution and product updates with you. We will be at Booth 1439 during the event, and you can schedule a meeting with us to learn more about our solutions and services. We look forward to seeing you there! Please feel free to contact us if you have any further questions.
Check out our latest blog post
As quantum computing advances, the potential for cryptanalytically relevant quantum computers (CRQCs) to break current cryptographic systems becomes a pressing concern. In response, the Office of Management and Budget (OMB), mandated by the Quantum Computing Cybersecurity Preparedness Act, recently published a report on post-quantum cryptography, outlining a comprehensive strategy for transitioning federal information systems to post-quantum cryptography (PQC).
Part 1 of this blog series introduced the first three types of cybersecurity attacks – phishing, ransomware, and insider threats – that could be mitigated through training. In Part 2, we delved into Denial-of-Service (DOS), spoofing, and Man-in-the-Middle (MitM) cyberattacks, which call for adopting various solutions and products to enhance your network architecture.
While mobile devices like smartphones and tablets enable employees to work during foreign travels, their portability and always-on state make them vulnerable to compromise, theft, damage, and loss.
ISEC7 Cybersecurity Trivia
The concept of Zero Trust was first introduced in 2010 by John Kindervag, a Forrester Research analyst, to emphasize that no user or device, whether inside or outside the network, should be trusted by default. The principle of “never trust, always verify” became the foundation of this model. Initially, Zero Trust was more of a theoretical framework, and the technology to fully implement this vision was still developing. Today, Zero Trust is a widely accepted and practical security model, driven by cloud computing, remote work, and the increasing complexity of IT environments. Modern Zero Trust architectures leverage advanced technologies like machine learning and AI to dynamically assess and respond to threats, and it continues to adapt as new technologies and threats emerge.
Upcoming Events
Wednesday, December 4th – Thursday, December 5th, 2024
Kap Europa Congress Center
Osloer Str. 5 60327,
Frankfurt am Main Germany
Never miss an update! Follow us on LinkedIn:
ISEC7 Group & ISEC7 Government Services
ISEC7 Group
8 Market Place, Suite 402, Baltimore, MD 21202, USA
Tel: (866) 630-1893 | sales-na@isec7.com www.isec7.com