Security (Insider Risk, PII, etc)

• Do you worry that innocent mistakes by employees could somehow open security holes?
• Is there a desire to closely watch third-party/contractor network activity?
• Do systems containing personally identifiable information (PII) need to be closely monitored so only permitted users access them?
• Is it complicated (or even possible) to apply US-CERT alerts across an organization with well over 10,000 users - in a matter of hours?

Compliance (FISMA, HSPD-12, various audits)

• Is your agency struggling with monitoring against controls to improve FISMA scores? Is your agency so large that it has been complicated to take an enterprise approach to FISMA?
• Does your staff devote countless hours preparing for periodic IT audits?
• Do you have the ability to verify that users who changed roles only have access to systems for their current job (and are you able to know if they somehow have access to systems for which they should no longer be accessing)?
• Is the FISMA certification and accreditation (C&A) process painful? Are you able to fully account for all of the assets on your network? Are you able to quickly perform discovery to identify all addresses of access points?
• Is your agency able to constantly monitor and verify that the concept of least privilege is being followed?

Infrastructure Change/Infrastructure Issues

• Is your agency attempting to combine multiple networks, perform data center consolidation or manage other complex change?
• Do you have a highly accurate "as is" depiction of users and how they are relating to applications, servers and other infrastructure?
• Is your network comprised of any legacy systems? Are you totally aware of the traffic and applications on these systems? Are you confident older systems are not introducing security vulnerabilities?

Why Are Customers Purchasing Securify?

• Securify has the experience across the federal government in delivering results to high-profile, enterprise-wide cybersecurity/network operations initiatives.
• Our network appliances are easy to install and begin delivering results in a matter of days.
• With over 2 million network users across the federal government already being monitored by Securify, we are a logical choice when agencies seek solutions to monitor access and behavior.
• We are a proven, certified provider for the most sensitive government networks.
• We can be used in small environments or across decentralized networks with tens of thousands of users.
• Securify was one of the first solutions in its class to achieve EAL2 and is the only solution of its type to have now achieved EAL3.*
• Securify has been granted Authority to Operate (ATO) on SIPRNet, NIPRNet and JWICS for a 3 year period commencing February 2006. Securify appliances and software releases are also tested iteratively by FSO to verify STIG compliance.

Who Has Purchased Securify?

Fifty of the most sensitive and complex federal enterprises including the Defense Information Systems Agency (DISA), Special Operations Command (SOCOM) and the Department of Health and Human Services (HHS) use Securify.

*The documentation regarding this evaluation can be found at http://niap.bahialab.com/cc-scheme/st/ST_VID10047.cfm. The certification can be reviewed in Section 5 of this document.