Inalab Consulting is a leading information technology, program management and security consulting firm focused on providing capabilities and resources to defense and civilian federal agencies by efficiently and dependably bridging the gap between business needs and technology.
We are committed to providing high quality solutions that are on time, within budget and tailored to satisfy customer’s unique requirements.
Big Data Analytics
In today’s data centric world, the volume and complexity of data requires the ability to model, cleanse and transform and store data to support greater operational efficiency and business decision making. Business users in every organization and demanding full scale analytics of the terabytes of data stored in an easy to view dashboards. Big data analytics is the process of examining big data to uncover hidden patterns, unknown correlations and other useful information that can be used to make better decisions.
Inalab combines business analytics solutions with proven project management processes, CMMI level 3 based process-oriented delivery of services. This provides customers with integrated, secure data-sharing solutions. Our business intelligence solutions provide cleansed and filtered standard and ad-hoc reports, dashboards, and alert notifications on any device. Using big data tools, Inalab provides proactive future analytic solutions that include data optimization, predictive modeling, text mining, forecasting, and statistical analysis. Big data analytics allow you to extract and analyze only relevant information from terabytes of data to transform your business decisions for the future.
Inalab has extensive experience in deploying tools, analyzing business intelligence requirements, and developing highly effective solutions for achieving customer business intelligence goals. We employ commercial tools and products along with customized software tools and methodologies to deliver customized business intelligence solutions. Our business intelligence solutions can be applied in both structured and unstructured environments to collect, correlate, and present dispersed enterprise data into multiple operation views. This diversified data-solution approach allows for the delivery of multiple views of data to support various management and decision-making requirements throughout various part of the customer’s organization. Inalab will leverage proven methodologies and best in breed of tools and security practices to solve your data integrity requirements and facilitate the effective use of data in support of data optimization, predictive modeling, forecasting, and statistical analysis objectives.
Today’s competitive high-tech landscape is full of threats and intrusions that may undermine an organization’s success. Cyber threats and security incidents are the silent enemies that can strike any organization without warning. While these threats can go unnoticed until they cause operational disasters, there is no single solution for cyber and organizational security threats. According to Ponemon Institute the costs associated with cyber-crimes is has gone up by 82% over last six years. Inalab’s Cyber Security program enables organizations significantly increase security or information assets and enhance resilience against cyber-threats. Our information security portfolio of services includes:
Security Control Assessments (SCA): Inalab provides cyber security and information assurance support to government agencies. All activities are conducted in compliance with FISMA, FIPS, OMB A-130, and NIST SP 800 series. Our Security Control Assessment process includes:
- Security Test and Evaluation (ST&E): Conduct independent security tests and evaluations to ensure technical security controls meet specified requirements and work as intended. Include the development of ST&E plan and ST&E report. Tests for systems are done via vulnerability scanners, manual security test and manual reviews of security configuration profiles.
- Conduct risk assessment in accordance with NIST SP 800-30, Risk Management Guide for Information Technology System. Identify threats and vulnerabilities, assessed potential risk exposure and recommend cost-effective safeguards to mitigate risk.
- System Security Plan (SSP): Develop system security plan in accordance with NIST SP 800-18. The plan documents the status of necessary safeguards, i.e., in-place, planned, in-place and planned, or not applicable.
- Continuity of Operations Plan (COOP): Develop business continuity plans in accordance with NIST SP 800-34, Contingency Planning Guide for Information Technology Systems. Develop and document preparatory, emergency response, and recovery actions and procedures, as well critical resources required to continue operations after a catastrophe. Also prepare and conduct test plans; and updated continuity plans based on test results; and conduct training on business continuity plan execution and related procedures.
System Authorization: Inalab offers a full suite of system security services that support risk management and system authorization in the areas of:
- Risk Management and Risk Mitigation
- System Security Testing
- Application Source Code Checking and Validation
- Network Intrusion Detection
- Mobile Device Tracking and Access Privilege Management
Infrastructure Design Review: A high performance, stable and secure network infrastructure is critical to maintaining continuity of operations and customer confidence. Periodic review and continuous monitoring of strategic technology and security programs can ensure their adequacy, effectiveness and resilience against the evolving threat environment. Technology and information security plans can easily become outdated with changes in technologies and integrations. Organizations need to continuously monitor their strategic technology and information security programs to ensure their continued adequacy, effectiveness and resilience against the evolving threat environment. Information security program needs to be regularly reviewed, challenged and updated to ensure its alignment with both current technology and organizational business and security needs. Our infrastructure review is designed to help organizations ensure that the People, Processes and Technologies in place are the most cost effective, efficient and reliable solution to meet the information security needs of the business. Our team of security experts will provide expert analysis of your detailed design document, understand your goals and objectives and technical requirements and recommend improvements that will ensure a secure, efficient and a resilient operating IT environment. Inalab has the knowledge and expertise to help organizations understand the threats and evaluate their readiness against these threats.
Vulnerability Scanning and Assessment: The challenge of securing an organization assets and maintain regulatory compliance continues to evolve. As the complexities of evolving technologies create new security challenges across industries and organizations have to ensure that the sensitive data in their environment is protected from intentional and/or accidental disclosure, failure to do so can result in penalties or significant financial loss.
Although securing information and information systems is an essential factor in ensuring security of your organizational and customer information, understanding the risks and having knowledge of threats and vulnerabilities will significantly reduce the cost of protecting these sensitive information assets.
A first step toward protection is identifying the vulnerabilities in the organizations operating environment. Our vulnerability scanning services can help determine the vulnerabilities in your network while demonstrating how attackers can negatively impact your business. Our vulnerability scanning services is a safe and controlled exercise performed by security experts. The result is a detailed remediation roadmap for reducing risk to information assets, prioritized based on severity and impact. With the knowledge of vulnerabilities and understanding of threats, organizations can prioritize security investments and ensure compliance with regulatory mandates.
Data Loss Prevention (DLP): Protecting sensitive data like personally identifiable information or intellectual property from unintended accidental or intentional disclosure by an employee, vendor or third party is a challenging task for IT managers and security professionals. Additionally, with the usage of cloud and the interconnectivity of networks with outside vendors and third parties is making this task more challenging and resource intensive. Understanding the organizations needs and the associated culture is very critical in successful implementation and execution of DLP program. We develop a solution that meets your needs and delivers results.
Penetration testing: is an essential component of a comprehensive security program. Penetration testing helps organizations determine how vulnerable a system is by allowing experience team like Inalab to simulate the hacking methods a hacker would take to compromise the system. Our “Pen Testers” are equipped with the knowledge, tools, and industry certifications, providing our clients with the best in the industry. We utilize the NSA Red Team Blue Team methodology for penetration testing.
We perform penetration testing using the approved rules of engagement and security policies, and applicable Federal Regulations. Our penetration testing methods may include, subject to policy and rules of engagement, two facets of social engineering techniques. With our experience responding to advanced persistent threats (APTs), we can also mimic the methods and techniques used by some very creative and malicious actors.
Driving Cost savings and Value
Proven approach to transform the government and provide value
Enterprise Architecture (EA) is a complete view of the enterprise’s processes, information and technology assets that provides a vehicle for aligning business and IT in a structured, efficient and sustainable way. EA provided a tight cohesion and coupling between the business and IT strategies. It is the glue that allows both business and IT to enable and drive each other.
Today’s IT organizations are faced with a seemingly insurmountable challenge: How to drive quantifiable value to the business in a cost efficient and timely manner. Conventional wisdom states that you simply can’t have high value, low cost, reduced risk, and timeliness simultaneously. To add to this challenge, IT organizations must contend with the constantly accelerating pace of the business along with IT innovations like Cloud Computing, mobile solutions and SOA.
IT requires strategic planning and enterprise architecture now more than ever. As organizations face new strategic challenges like geographic expansion, cost-reduction programs, government cost cutting and sequestration, regulatory requirements and financial-performance pressures,IT must keep pace with providing the right information in support of critical business decisions.
Enterprise architecture is meant to be incremental and can be approached like a jigsaw puzzle. Just as in a jigsaw puzzle, you find the corner pieces, then all the pieces on the borders, then you focus on one part of the puzzle and fill that all in. Similarly organization should start by doing projects that deliver real business value immediately, but at the same time lay the foundation for a long term architecture. Lastly you can follow up by doing projects that also deliver value in the short term while building on and extending that foundation.
The danger in all this is that the process gets lost somewhere in the monolithic documents called shelf ware of and stops being about diagnosing the state of the business and instead becomes an abstract exercise in methodology. This is what critics refer to when they declare enterprise architecture dead.
The largest value of value based enterprise architecture comes from being able to quickly navigate the world of new technology. If you understand your technology needs and your framework, you can quickly decide what makes sense for your organization, which can save enormous time and money. Instead, you can find that small subset of technology like Cloud computing, open source etcthat will make a huge difference and focus on making the most of that.
Today’s business must embrace cloud computing architectural demands and this grows and matures, federal government and other organizations leverages its capabilities and services or provides “cloud-like” services to others. Inalab believes that the cloud computing will take the EA a step forward and fully enable the integration of advanced concepts and practices that have become government standards like such as Service-Oriented Architecture (SOA), open source initiatives, shared services and Segment Architecture.
EA is a core element of the government, and the role EA from a variety of perspectives—such as enhancing business architecture, applications architecture, services architecture, data architecture, technology architecture, and security – Inalab thought and action leadership will enable the government to make a successful transformation along with measured savings for years to come.
Inalab has successfully conducted major EA efforts for many government agencies, including the US Patent and Trademark Office, Department of Labor, Equal Employment Opportunity Commission, and Department of Energy. Over the past several years, we have been developing internal prototypes and client-specific efforts in areas of general and mission-specific importance.Our experience has given Inalab an unparalleled view of value based EA delivery and has provided an industry-leading knowledge and skill set in EA and related operational areas.
Achieving True Enterprise Mobility
MDM and BYOD Is Only Half the Battle
To achieve true enterprise mobility, mobile device management (MDM) and BYOD is only half the battle. On its own, MDM only controls the shell of a device, and not the personality—applications. Organizations today need to enable and simplify distribution, management, security, compliance, and updating for these apps. It’s a management battle with many fronts and shifting targets. MDM offers part but not all of the solution. Organizations need fast, low-cost solutions for enabling employees to comply with legal, corporate, and IT requirements. They need a holistic approach to enterprise mobility, as more staff brings their own devices (BYOD) to work and expect IT to support them—while IT maintains the security and integrity of corporate data and applications on those devices. If you need to enable consumer smartphones and tablets in the enterprise, you’ll need more than MDM.
To date, IT has led the MDM charge. But now line-of-business teams are also leading the charge for mobile apps to increase productivity, customer satisfaction, and competiveness. Enabling these apps requires comprehensive mobile application management (MAM) as well as device-level control. Devices and apps seek to be harmonized, if things are off key—the result is enterprise mobility deployment with gaps. For instance, if you don’t have a document-sharing application for corporate files, users might download a consumer app, like Dropbox, and open security holes. Just like that, your business plan could end up in the wrong hands.
Security, Scale, and Simplicity
Managing enterprise mobility is multi-dimensional. You need security. You need scale to meet the needs of myriad users. And somehow, you need to keep all this simple.
It’s one thing to build an app and push it out to your staff, but how do you ensure that:
- Users get access to only their authorized apps?
- You can remove apps when users leave the company?
- Devices aren’t jail broken or rooted?
Employees who bring their own devices to the workplace expect access to corporate data. Most consumer applications and devices have limited security controls, leaving corporate data vulnerable. IT must protect sensitive corporate data from leaks or corruption. Yet if IT denies use of corporate apps and data, employees may “go rogue” and find a way around the policy.Data will be lost if devices are not adequately protected. Built-in cameras can photograph sensitive documents and instantly upload them to the Internet. Automatic syncing with cloud-based file sharing services such as Dropbox or iCloud can instantly launch your unreleased data into the universe for anyone to potentially see.
If you have been charged with distributing mobile apps to a large user base across multiple devices, you’re probably asking: How many people should access and download these apps at any given time? How will you keep up with upgrades and patches? What happens when 1,000 employees try to download the same app at once? Do you have native support for the latest mobile operating systems and devices, such as Apple iOS 5 and Android 4.0? Traditional, on-premise solutions are buckling under the strain of these questions, leaving breadcrumbs of failed downloads and varied versions across the range of mobile devices. These solutions are not designed to easily support elastic scalability or rapid growth in user adoption. A true software as a service (SaaS) platform running in the cloud lets companies easily add mobile devices and apps, as requirements change. Apps can be distributed and updated as needed without installing new infrastructure.
To be viable, your enterprise mobility strategy has to simplify mobility management. Enrollment and configuration are only the beginning. You have to quickly and easily apply policy and application updates. At the same time, you must often juggle competing demands for user support, device upgrades and updates, internal business policies, and external compliance regulations.Unless you plan to reconfigure existing systems and networks, think about enabling mobility through a cloud-based architecture. Consider how you will add devices and apps with simple, automated workflows and provide a seamless experience for managing both from a single console, efficiently streamlining time-consuming tasks. A cloud-based service for mobile devices and apps is dramatically easier to implement and manage, compared with heavyweight on-premise servers. For the employee, everything from device enrollment to app access and updates must be simple and similar to their native device experiences. When mobile device and mobile application management converge into a single solution, the three “S’s” can thrive.
A Tale of Two Mobile Management Paradigms
Individually, the two mobility management paradigms—mobile device management and mobile application management—have fallen short of their promise as total enterprise mobility solutions.
Mobile Device Management
Mobile device management (MDM) is a set of capabilities for controlling the more complex aspects of smartphones and tablets in the enterprise. With MDM, you can configure security settings, apply policy, automate actions, and enforce compliance.To further support security, MDM may offercontext-based rules, such as turning services on or off, depending on whether the user is in the workplace or offsite, heading off data loss and excessive roaming charges. On some platforms, you can remove documents if a certain user leaves the premises. Or, if a user downloads an unauthorized app, an automated action can block email access, restrict device features and apps (such as blocking use of the camera or iCloud), or remotely wipe the device.Using an MDM platform, you can empower individuals to manage their devices without calling IT, enhancing simplicity. For instance, if your tablet is missing, you can log into your company’s end-user portal and determine its location. Users can remotely reset passwords or wipe their device (if it’s lost or stolen).
Mobile Application Management
Mobile application management (MAM) provides the ability to distribute and update mobile applications, supporting scale, simplicity, and security. Rather than install servers, you can use a cloud-based SaaS solution to manage both public and in-house apps, delivering them through anapplication distribution system (scale) and presenting them to employees through a “company app store” (simplicity). This way,custom and public applications can both be delivered securely(security) from a single user interface, without straining your internal systems. You can automatically push updates and patches from a management console to your company app store.Further, MAM simplifies the process. You can manage volume purchases from Apple’s App Store and upload redemption codes to streamline the provisioning, license management, and administrative process—which definitely beat sifting through 1,000$1.00 expense reports.
Some of the contents of this paper were sponsored by Fiberlink and created by CITO Researchy
PMO and Acquisition
Inalab helps government with Program Management Office (PMO) to implement their strategic plans and initiatives. Rigorous data management, analytical tools, and compelling writing are keys to our deliverables, which include:
- Market survey analysis
- Small Business Office coordination package
- Cost, benefit, risk, economic, and affordability analysis
- Support for all AMS phases including Initial Investment Decision, verify initial key documents, justification documents, Independent Government Cost Estimate (IGCE), cost estimates
- Acquisition Strategy Review Board (ASRB) package
- Support Contracts Review Board (SCRB) package
- Industry day planning and implementation
- Contracting Officer’s Checklist
- Acquisition strategy, statement of work, and evaluation factors
- Exhibit 300 support
For agency’s acquisition and program management offices, Inalab provides with program management and technical support to develop, implement, and execute processes for the effective management of financial transactions related to Inter and Intra-agency agreements (IAAs), Service Order Agreements (SOAs), and other acquisition documents.
Inalab provides proven leadership, skilled developers, and proven approaches to ensure the success of your software and system engineering initiatives. We ensure that from definition, we are addressing your business needs and goals. Our primary objective is to place the customer at the forefront of all related decision points and maximize exposure with the customer throughout the entire process. We assign a project manager to meet with you and completely define the scope of the project.
Design and Development
Development includes software and middleware development services using Agile/Scrum and traditional software development life-cycle approaches. Through the scrum methodology, Inalab delivers the highest-value features first and avoids cost on features that are not used or provide minimum benefit. Our methodologies shorten development time, increase operational efficiencies, foster innovation through continuous incremental improvement, achieve higher quality through continual inspection and adaptation, and achieve higher degrees of customer satisfaction, given the focus on the customer interaction during the process.
Our process ensures that technology solutions are built to meet the customer’s requirements, and that those requirements, tasks, and deliverables are thoroughly studied prior to starting development efforts.
Inalab helps your organization identify and build teams in DevOps framework. DevOps framework is built around a group of people who believe that the application of a combination of appropriate technology and attitude can deliver great return on investment to the world of software development and delivery. Our approach is based on accepted industry best practices and takes into account people, business processes and technology (tool) frameworks essential for the successful use of DevOps methods.
Inalab’s proven testing processes ensure that system and user requirements are validated and that all software is free from security defects and vulnerabilities. Untested code and applications can lead to business delays and cripple the operations on any organization. Our testing staff includes network, architecture, and information assurance professions that support overall test efforts to ensure that requirements are met in a secure manner. We provide quality-assurance and Independent Testing and Evaluation Services to ensure bug-free software. We provide training solutions to ensure effective use, and we offer help desk support for the new application.
Modification of a software product after delivery is often needed to correct faults or to improve performance. Our approach to software maintenance provides your organization with updated software that meets user and system requirements.
Business Process Re engineering
In the context of budget cuts and emphasis on eliminating waste and improving deficiencies, Lean Six Sigma efforts can vastly improve ability to change processes and procedures and gain significant efficiency and cost savings for your organization. Our Lean Six Sigma Master Black Belts implements a structured process to execute improvement projects. They provide the required Lean Six Sigma expertise to mentor your team in successfully completing projects.
A robust and user friendly configuration management (CM) process is required to manage and evaluate proposed changes, track the status of changes, and establish a quality system to properly align all system interactions to include documentation. Our CM solutions are both robust and intuitive. Our solutions include the use of software versioning and revision control system to maintain current and historical versions of files such as source code, Web pages, and documentation.
Today’s networks must be designed to be interoperable with other infrastructures and computing environments. They must be scalable to user demand while at the same time provide a secure infrastructure. Our network architecture design processes create the most dynamic and secure networks with the least costs for your organization.
Our staff can maintain a customer support center using the Information Technology Infrastructure Library (ITIL) process to provide Tier I, II, and III support to all services, technologies, and applications. These services can be provided in-house or from our multiple locations across the country.