SECURITY ASSESSMENT
SCI defines each organization’s current conditions and we work to assess the degree to which systems need to comply with compliance standards and/or best-practices in order to identify intersections with strategic plans, and mitigate potential impact to attaining the best result. Critical evaluation will determine solutions and alternatives, prioritizing efforts that prudently remediate and implement the desired systems.
Violence, vandalism, and terrorism are prevalent in the world. Managers and decision-makers must have a reliable way of estimating risk to help decide how much security is needed. An assessment methodology will assess risk, including a characterization of the facility, and identification of the undesired events to critical assets. In the event that the value of risk is deemed to be unacceptable (too high), the methodology addresses a process for identifying and evaluating security system upgrades in order to reduce risk. The risk assessment, available/potential physical security, vulnerability analysis, security effectiveness, consequence, and likelihood of attack are included in each critical evaluation, in order to address the phases of preparedness; Prevention, Protection, Mitigation, Response, and Recovery.
SCI has experience with a broad range of compliance standards, for example, JCAHO Environment of Care Standard, HIPAA Privacy and Security Standards, National Safety Council Emergency Preparedness, North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP), Department of Homeland Security (DHS) HSPD-12, Sarbanes-Oxley Act, National Institute of Standards and Technology (NIST-Framework), National Fire Protection Association (NFPA), International Building Code (IBC), National Electric Code (NEC), etc.
ENGINEERING, DESIGN & CONSULTING
SCI provides engineering, design and consulting services that apply to the development of electronic security systems and their applications. Customer’s needs and expectations are assessed, site and document surveys are performed, the impact of various systems on operations, sites and personnel are analyzed in order to validate the capabilities of a potential system operation.
SCI services may begin with a design/build partnership and/or various scope deliverables that include project management, installation supervision, project specifications, bill of materials, system drawings, budgetary pricing, test plan preparation, bid document preparation, bid response evaluation and review, project coordination, and system acceptance.
SCI addresses the milestones and tasks that meet the specified requirement of the final order, and our Design Team is responsible for ensuring that a system design is furnished and complete. This includes providing specifications and descriptions of functionality, verification that proposed equipment, devices and software are adequate for the intended purpose, and performing a layout to ensure that adequate information is available.
INSTALLATION
The SCI Operations Department Staff is licensed by the appropriate Construction Industries jurisdiction; authorized with factory certifications from all key manufacturer partners; contractor clearance trained, background authorized, and certified for policy compliance under the Homeland Security Presidential Directive (HSPD), US GSA NACI, the North American Electric Reliability Corporation (NERC), the National Indian Gaming Commission, the National Fire Protection Association, the Professional Security Alliance, the ISNetworld Platform, Detention/Corrections, and others; bonded and insured; and part of a team with more than 200 years of security system installation experience.
SCI Staff is bonded, licensed per State, Municipal, and Federal Government requirements, authorized with factory certifications from all key manufacturer partners, and certified for policy compliance under the Homeland Security Presidential Directive (HSPD), the North American Electric Reliability Corporation (NERC), the National Indian Gaming Commission, the National Fire Protection Association, the Professional Security Alliance, and the ISNetworld Platform.
Labor and resource allocations vary depending upon the installation environment, and include all aspects of a system, from high voltage, low voltage and network cable to field devices, from hardware to software, from simple to complex configuration, from final commissioning to a comprehensive training program.
SCI Installation Teams are conversant with construction and building management, network and desktop administration, architectural and engineering supervision, traveling when necessary, and understand the unique differences between a military base, city center, detention, gaming, education, healthcare, research, laboratory, call center, power generation/distribution, financial, transportation, office, and industrial environments.
MAINTENANCE
The goal of System Maintenance is the ongoing Life Cycle Management of a system that supports reliability and underlying cost mitigation. SCI offers multiple Tiers of Support as a flexible menu approach for each Customer, from optional Block Labor Packages; to standard Business Hours that includes materials, labor, preventive and emergency support; to comprehensive 365x24x7 coverage and availability.
Disaster/Emergency Planning and Support Programs provide critical-need packages, built uniquely for each condition and situation, with site-specific material inventories, staff augmentation, crisis response training, reserve remote access, multiple data path infrastructure, redundant performance design, and escalation policies. SCI currently supports Customers with similar requirements: Homeland Security, Critical Infrastructure, Bio-Hazard, Munitions, Department of Defense, Detention, Drug Enforcement, Chemical Storage, and other critical-need facilities where this level of support is warranted.
SYSTEM MONITORING
Integrating detection, monitoring, annunciation, response, and support protocols is an overall System Monitoring Plan. Monitoring systems are addressed for their unique site-specific aspects, and Customer standards will assist defining the functionality in support of an appropriate response. Annunciation of system status, regardless of the system type (access control, intrusion, fire, video, etc.) is dependent on the available infrastructure or services, whether by Central Monitoring Station, Command Control Center, locally or with network connectivity, mobile application, or by multi-communication formats (email, SMS text, text-to-voice, messaging on local and/or global displays, distributed emergency notification, etc.).
HSPD FIPS HIGH ASSURANCE COMPLIANCE
SCI works with Customers that require a HSPD-12 FIPS 201 mandated and compliant platform. High Assurance solutions leverage the features of PIV and PIV-I credentials, assuring strong (multi-factor) authentication and certificate management. SCI provides and supports equipment and software that is GSA Approved and Certified, FICAM (Federal Identity, Credential, and Access Management Architecture) compliant with the www.idmanagement.gov approved products, including the requirement for High Assurance Certificate Verification at the door via the Federal Bridge.
NERC/CIP AND CIP-013 SUPPORT
SCI has practical experience in the deployment of security hardware, software, and services that support NERC/CIP. The North American Electric Reliability Corporation (NERC) (https://www.nerc.com) is the regulatory authority whose mission is to assure the effective and efficient reduction of risks to the reliability and security of the power grid. NERC Critical Infrastructure Protection (CIP) refers to the set of requirements that are standards designed to secure the assets required for operating North America’s Bulk Electric System (BES). CIP-013-1 refers to the Cyber Security-Supply Chain Risk Management, implementing security controls that mitigate cyber security risks to the reliable operation of the Bulk Electric System.