Cybersecurity
Ntrepid recognizes the security and privacy of its customers and works hard to ensure information is protected to the fullest possible capacity. We are committed to cybersecurity, and we strive to implement and maintain effective security strategy, governance, processes, procedures, standards, and technology. We apply appropriate administrative, operational, and technical security controls to help ensure data is processed in a responsible and secure manner. We use reasonable physical, electronic, and managerial procedures to safeguard and secure information against loss, misuse, or unauthorized access.
Dedicated Security Professionals
Our security experts administer everything from system and services acquisition to personnel security, and from physical, cloud, and environmental security to incident response and every facet of the cybersecurity spectrum. Our seasoned security professionals hold a variety of GIAC, ISC2, and other reputable certifications and are highly trained in technology and security. Many have worked in the Federal Government space and hold a security clearance. By collaborating closely with DevOps personnel, our security experts ensure effective security practices across the system development life cycle.
Risk Management
Our approach to security focuses on security governance, risk management and compliance. As part of our People, Process, and Technology approach, this enables us to make specific recommendations to our leadership for the security masteries requiring attention and the talents and skills we must cultivate in order to lower our risk posture.
Compliance
All Department of Defense contractors and subcontractors are required to comply with DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting, imposing baseline security standards and expanding the information that is subject to safeguarding. CMMC, a new requirement for existing U.S. DOD contractors, replacing the self-attestation model and moving towards third party certification, is also on the horizon. The CMMC effort builds upon existing regulation (DFARS 252.204-7012) that is based on trust by adding a verification component with respect to cybersecurity requirements.