CYBERSECURITY SERVICES
Delivering Secure Solutions for Enterprise Cohesion
In support of the Department of Defense (DoD) Enterprise Collaboration and Productivity Services (ECAPS) strategy, the DoD sought a solution for securing and seamlessly integrating a commercial cloud-based service in alignment with the Secretary of Defense memo “Accelerating Enterprise Cloud Adoption,” to replace legacy, enterprise information technology (IT) services. Soliel provided systems architecture, engineering, and development support, building the system using cloud-native constructs.
Soliel cloud and security engineers implemented Systems Compliance requirements using Infrastructure-as-code (IaC), Compliance-as-code (CaC) and Policy-as-code (PaC), enabling programmatic verification of compliance with all applicable agency policies and directives. User authentication and authorization were established based on Role Based Access Control (RBAC), with least privileged and Just in Time (JIT) controls implemented for highly privileged users/accounts.
Micro-segmentation was implemented to group various functions such as Security Management, Log Archiving, Infrastructure, Workloads, and Shared Services into Organizational Units/Accounts, enhancing control over access and minimizing exposure.
Soliel delivered the system with continuous monitoring components that allow for proactive monitoring of the solution, including Threat Hunting capabilities to search for Indicators of Attack (IoA) and Indicators of Compromise (IoC).
Our focused secure systems development and deployment approaches resulted in an on-time delivery of the cloud management solution and the issuance of multi-year Authorization to Operate (ATO) for systems utilizing the Out of Bounds (OOB) services for their cloud security monitoring and management.