Cybersecurity for Classified Environments
Classified System Hardening
Totem Tech will configure (“harden”) your Windows PCs to the specifications required by the Defense Counterintelligence Security Agency (DCSA) and Assessment and Authorization Process Manual (DAAPM) Appendix A multiuser standalone (MUSA) machine standards for operation in a SECRET classified environment.
As part of the system hardening process, Totem Tech will develop a system administrator guide that the client can use to:
- Build the system back from scratch
- Restore system from backup
- Manage Windows BitLocker from backup keys
- Maintain the ACAS and STIG compliance of the PC
- Manage user accounts on the PC
- Engage multi-factor authentication for user accounts
- Update and execute local antivirus scans
- Burn files to CD/DVD removable media
- Partition the hard drive and apply group permissions to partitions based on user need-to-know
- Log maintenance, OS, and software changes
- Use installed encryption tools
- Securely transfer data into and out of the system
- Sanitize the system media
- Analyze system audit logs
- Install custom software where required
Additional details about the classified system hardening service
- You’ll procure the hardware you need, including workstation and any peripheral devices, e.g. DVD burners, microscopes, printers.
- Ship the hardware to us, and let us take care of the rest. We’ll install the Windows operating system and begin the hardening.
- Classified system hardening and Administrator Guide development take about 3 business days for a PC with up to three software applications installed.
- NOTE: Make sure any software packages do not require administrative privileges to run, as this will not be possible in the classified environment.
- Prior to the hardening, we’ll also support your organization during planning discussions with DCSA.
- The Administrator Guide will address several dozen classified system hardening controls listed in the DAAPM, and serve as a primary artifact supporting the DCSA Assessment and Authorization.
- Along with the Administrator guide we also provide template System-Level Continuous Monitoring Strategy (SLCM) comments for your Information System Security Manager (ISSM) to customize in eMASS.