INFORMATION SECURITY

Trofholz helps our clients secure their critical information from unauthorized access, use, disclosure, or destruction. We focus on the compliance of guidelines that came from the Federal Information Security Management Act (FISMA) of 2002. We utilize the best practices from the National Institute of Standards and Technology (NIST) to implement solutions for our clients.

With Trofholz You:

  • Prevent Unauthorized Disclosure of Information
  • Have Faster Detection and Remediation of Threats
  • Reduce Insider Fraud, Theft and Data Breaches
  • Diminish Risk
  • Simplify Operations

Trofholz Delivers:

  • Security Control Assessments
  • Information Assurance
  • Cyber Security
  • Risk Management Framework
  • Logical Security
  • Protection of Personal Health Information (PHI)


Security Control Assessments

Our security specialists perform thorough assessments to ensure the proper management, operational, and technical safeguards are in place to protect the confidentiality, integrity, and availability of a system and its information. We help you understand the risks posed to your information security infrastructure and propose solutions tailored to your specific needs.

Consulting, Design, & Support for:

Information Assurance (IA)

We have worked side-by-side with our government clients throughout the entire IA process. We help manage the risks related to the use, storage, and transmission of data. We created documentation required and managed the process for our clients to successfully complete the Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DIACAP) compliance.

Cyber Security

We understand the importance of protecting the underlying infrastructure from both physical and cyber threats. Cyberspace is the new generation of war that we must defend against. Cybersecurity, also known as IT Security, is a subcomponent to Information Security in which we protect hardware, software, and information on them. With the growth of the Internet of Things (IoT), this effort has expanded past the privacy of the internet on private data networks and into Bluetooth, Wi-Fi, and other related wireless networks.

Logical Security

We secure the flow of information across both logical and physical environments. Network Access Rights & Authority Levels are a critical element to ensure the appropriate rights are granted to users to create, alter, delete or view data within a network. We are able to provide ways to manage these rights, which can vary drastically from user to user. Network Authentications is utilized to confirm the identity of a user. We provide advanced solutions to give access to the authorized, while excluding those who are unauthorized.

Risk Management Framework (RMF)

We work with our clients to manage or support them in their efforts to go through the RMF process. We help ensure they:

  • Are compliant to the Federal Information Security Management Act (FISMA)
  • Follow the National Institute of Standards and Technology (NIST) practices
  • Meet the Federal Information Processing Standard (FIPS)
  • Transition from DoD Information Assurance Certification and Accreditation Process (DIACAP) to RMF

Protection of Personal Health Information (PHI)

Our knowledgeable professionals can assist our clients meet their compliance requirements to protect PHI as required by the U.S. Department of Health and Human Services Protection of Human Subjects Regulations Title 45 CFR Part 46 and HIPPA Privacy Rules.