Information Systems Security Solutions, Inc.

1
Information Systems Security Solutions,
Inc. Corporate Qualifications Brief
Finding Tomorrows Business Solutions Today
Now!
2
Company Overview

• Incorporated October 2002, Award Winning,
  Industry recognized as one of the nations
  fastest growing small businesses
• 2M Business Credit Line (Flexibility to Expand
  Based on Contract Op)
• Top Secret Facility Clearance
• Qualified Full-time IT professionals,
  Information Assurance Strategists, Installation
  Technicians, Certified Enterprise Architect,
  Radio Frequency Consultants and Engineers
• Veteran (VOSB), SBA 8(a) Certified, Certified
  Small Disadvantage Business (SDB), Certified
  Local Disadvantage Business Enterprise (LDBE),
  DOT Disadvantaged Business Enterprise (DBE), GSA
  IT Schedule 70 Holder
• Association / Member Affiliations- IEEE, BICSI,
  AFCEA, NVTC, NDIA, MDBA, National Board of
  Forensic Examiners

Finding Tomorrows Solutions, Today!
3
Mission
Our mission is to provide our clients with the
best quality of service, while maintaining a
client centric approach, that meets and or
exceeds their expectations. The main objective of
IS3 is to provide FAST, innovative, quality
service that unites the client with the
technology of today as well as tomorrow. This
creates security for the client, as well as
allowing them to maintain a competitive edge in
the information technology market. Let IS3 show
you why we find tomorrow's solutions today!
Finding Tomorrows Solutions, Today!
4
Methodology
IS3 provides total 'turn-key' solutions. We offer
our clients one single point of contact. We are
with them from start to finish. Our approach is
simple, we provide our clients with the
consultation, the recommendation, the
installation support (if required), the
implementation and integration and finally, the
commissioning. One company, one mission, one
goal.client satisfaction!
Finding Tomorrows Solutions, Today!
5
Territory

• With Headquarters located in Sterling, VA with
  additional operational locations
• Stow, OH
• Crystal City, VA
• Washington, D.C.
• IS3 currently performs enterprise network
  installations/support/integration, central office
  upgrades and services and Radio Frequency,
  Broad-band, WiFi engineering for clients in most
  major cities throughout the continental United
  States and Hawaii.

Finding Tomorrows Solutions, Today!
6
Corporate Business Structure

• Sectors
• Federal/DoD
• Commercial
• State/Local
• Contract Vehicles
• GSA-IT Schedule 70, Millennia Lite, Connections
• DISA NexGen
• Navy Seaport-e (Multiple Teams)
• ETSS
• NAICS Codes
• 541512 (PRIMARY), 541513, 541618, 541690, 541710

Finding Tomorrows Solutions, Today!
7
Company Awards/Recognition
Ranked 14 of the Top 25 Small Technology
Businesses Washington Business Journal November
2006
Ranked 10 of the Top 25 Small Technology
Businesses Washington Business Journal October
2005
Washington SmartCEOs 2005/2006 Future 50 Winner
SmartCEO November 2005/2006
Selected as a Top Minority-Owned Small
Business  DiversityBusiness.com. November
2005/2006
8
Clientele (Partial List)
Finding Tomorrows Solutions, Today!
9
Core Competencies
IS3 Proprietary Services and Solutions Information
Assurance (IA) Enterprise Architecture
(EA) Information Transport Systems (ITS)
Finding Tomorrows Solutions, Today!
10
IS3 Proprietary Services Solutions
You Deserve the Best in Security IS3 has the Key
Compliant Security Integration Secure and
Compliant...from the Desktop to the Door
11
Compliant Security Integration CSI
IS3, Inc. has developed a program that outlines
the processes necessary to map critical data and
business processes to services and assets to
provide an integrated view of security assurance
and guide clients in making better security
investment decisions. In addition, this process
will assist the client in aligning their critical
data and business processes to the appropriate
regulatory compliance policies and procedures and
develop a consistent, proactive
security-monitoring environment. This program is
called Compliant Security Integration (CSI).
The main focus of CSI is to develop a program
that integrates the various security policies and
procedures, technology and regulatory
requirements into one cohesive program that
allows the client to focus on their day to day
business processes with the assurance that
security has been seamlessly integrated within
their organization and is consistently improving
regardless of how volatile the environment may
be.
CSI Methodology
12
Secure Operational Sustainability SOS
The Secure Operational Sustainability (S.O.S.)
Program? evolved from extensive practical
experience of security program management and
network security engineering, design, and
implementation. Based on our observations, in the
Pentagon and other Department of Defense (DoD)
agencies, and practical application, IS3 believes
there are five key and correlative components
that every information technology and or network
security organizations should possess to sustain
their network operations. These components are
Security Management Program, Security Policy,
Security Plan, Security Procedures, and a
Security Processes Five Ps of S.O.S. ? The
Five Ps are designed to work together, which
will promote seamless organizational reformation.
This is the premise behind the IS3 S.O.S.
Program?, and based on our research we have found
no other programs that offer the same intricate
services.
13
IS3 Partners with

• IS3 has partnered with Modulo Security the Latin
  American market leader in Information Security to
  become a value-added reseller and U.S. Consulting
  Arm for their proprietary Security Risk Manager.
  Its exclusive solutions use PESI - an ISO
  9001-certified methodology conforming to the
  ISO/IEC 17799 standard.
• MÓDULO's continuous concern with excellence in
  quality standards has resulted in three important
  achievements. First, it became Latin America's
  pioneer company to obtain the BS 7799
  certification - the International Information
  Security Management standard. It also received
  certification for ISO 9001, and has been
  re-certified since 1998.
• Second, was the launch of Security Risk Manager,
  a software program for risk assessment,
  compliance and Knowledge Management System.
  Modulo Security Lab, one of the most complete IT
  laboratories in Brazil, provides support in
  technology research and updates the information
  security knowledge-base used by Security Risk
  Manager. The company also has an Education Center
  specialized in training and certifying
  information security managers.
• And most recently, Modulo has become the first
  information security company in the world to
  achieve the ISO 27001 certification. ISO 27001 is
  the first international information security
  certification standard and an evolution on
  British Standard BS 7799-2. It addresses the
  definition of requirements for implementation of
  an Information Security Management System - ISMS.
  The standard was adopted in October 2005 by the
  International Organization for Standardization
  (ISO), which handles international certification
  standards. Modulo Security achieved this
  certification in record time thanks to the use of
  Security Risk Manager.

14
Modulo Risk Manager

• Security Risk Manager is the evolution of a tool
  that has been used by Modulo Security in more
  than 800 projects over a five year period.
  Quickly and easily, the system provides
  structured risk assessments for technological
  assets (such as software and equipment) and
  non-technological assets (such as people, process
  and environments).
• Its proprietary Risk Wizard technology enables
  you to automatically issue consolidated reports
  and charts for business executives, as well as
  detailed instructions to technicians on how to
  conduct assessments and solve each identified
  risk. It also allows the definition of security
  indexes for each company/organizations assets,
  linking them with their corresponding business
  impact.
• Security Risk Managers framework is based on the
  definitions provided by ISO Guide 73 and by Risk
  Management standard AS/NZS 4360. This solution
  automates the risk assessment process based on
  each area of risk knowledge. It also provides
  reports and scoreboards which significantly
  support decision making processes. After all, you
  can only manage what you can measure.

15
Modulo Risk ManagerAward Winning Security
Solution
"Check-up Tool elected best security solution in
Latin America"Microsoft Partner Program Awards
2005 and 2004
"Winner of the B2B Quality Standard Award 2005 in
the Risk Management Category"B2B Magazine
"Check-up Tool elected best solution for the
financial segment"E-finance Award 2004
"Best Information Security solution"Rio Info
2005 Award
Highlight 2005 AwardBank Report Magazine
16
IA Division
IS3s IA Divisions mission is to provide a
holistic approach to Network Security Program
Management and Development. While assisting our
clients with maximizing the value of their
security environment and posture. The main
objective of IS3s IA Division is to identify
information systems security solutions that
protect and enhance the business needs of an
organization. This will enable clients to
realize an inherent return-on-investment (ROI)
that is not generally associated with network
security.
17
IA Capabilities

• Information Assurance Programs
• Secure Operational Sustainability (S.O.S.)
  Program Implementation
• Compliant Security Integration (CSI) Program
• Security Compliance
• Delivers compliance with all relevant Federal
  laws, directives, policies, standards and guides
  such as FISMA, DITSCAP, NIACAP, NIST, PDD 67,
  Sarbanes-Oxley and OMB Circular A-130
• Physical Security
• Focuses on the protection of assets, people and
  structure against perceived threats
• Site Surveys, Entry Point Design Considerations,
  Personnel Security
• Security Engineering
• Threat/Vulnerability Assessments, Policy
  Development, Strategic Planning, Disaster
  Recovery / Continuity of Operations
• Certified Information Systems Security
  Professionals (CISSP)
• Certified Information Assurance Managers (IAM)

Finding Tomorrows Solutions, Today!
18

IA Division Past Performance

• Network Security Services Pentagon (NSS-P)
• -  Conducted a security architecture review of
  information technology security deployment,
• practices, and policies to assess the
  organizations security posture
• Washington Headquarters Services (WHS)
• Support the WHS Chief Information Officer (CIO)
  and the Designated Approving Authority (DAA), in
  the operations, implementation, assessment,
  documenting, preparation, development, technical
  review, and certification for WHS. Direct support
  for the overall Information Assurance Program
  Management Office (on-going)
• United States Department of State (DoS)
• Supporting the Bureau of Human Resources
  Executive Office with 1) safeguard systems and
  information nationwide, to 2) ensure systems are
  certified and accredited, 3) manage
  enterprise-wide configurations and changes, 4)
  continuously monitor, mitigate and prevent system
  threats and vulnerabilities and 5) ensure
  regulatory compliance (on-going)
• United States Navy Medical Information
  Management Center (NMIMC)
• Ensures coordination of all security programs
  and activities for IT applications and
  infrastructure this includes ensuring that all
  information systems are properly certified and
  accredited, monitored, audited, tested,
  documented and compliant with HIPAA, NIST, OMB,
  FISMA and other pertinent regulatory
  requirements, policy and guidelines
•  

Finding Tomorrows Solutions, Today!
19
EA Division
IS3s EA Divisions mission is to develop
strategy, planning, and resource allocation
related to the development and maintenance of
enterprise architecture products that enables our
clients to gain strategic direction and return on
investment, while reducing total cost of
ownership.
20
EA Capabilities

• Enterprise Architecture Programs
• EA Blueprint/Roadmap Development
• EA Governance/Program Management
• Technology Insertion Review
• As-Is/To-Be Architecture Assessment
• Gap Analysis
• Security Architecture
• Performance Measures
• Certified Enterprise Architects (Chief
  Architects)
• FEAC Institute Affiliation
• EA Tool Repository Management/Model Development

Finding Tomorrows Solutions, Today!
21

EA Division Past Performance

• Washington Headquarters Services (WHS)
• - Supporting the WHS Chief Information Officer
  (CIO) and the Designated Approving Authority
  (DAA), in the operations, implementation,
  assessment, documenting, preparation,
  development, technical review, and certification
  for WHS. Direct support for the overall
  Enterprise Architecture Program Management Office
  
•  
• United States Department of State (DoS)
• Supporting the Bureau of Human Resources
  Executive Office with developing a consistent
  release process for all production systems and
  infrastructure elements, and define the phased
  change process. Direct support for the overall
  Configuration Management and Change Control
  Program
• (on-going)

Finding Tomorrows Solutions, Today!
22
ITS Division
IS3s ITS Division provides technical services
based on the transport of information through
Wired or Wireless means. ITS covers the bottom
four layers of the Open Systems Interconnect
(OSI) model developed by the International
Standards Organization (ISO).
Finding Tomorrows Solutions, Today!
23
ITS Division Capabilities

• ITS Wired Solutions Group
• Provides fiber optic and copper structured
  cabling solutions for facility low voltage
  systems including voice, data video, life safety
  and security
• Building/Office Inside Plant Cabling
• Central Office/Data Center Cabling
• ITS Wireless Solutions Group
• Provides wireless solutions for facilities, that
  require voice and data wireless coverage to
  support Cellular, WiFi and Public Safety
  applications
• Distributed Antenna Systems
• Neutral Host based systems
• ITS Engineering Group
• Provides Engineering support to internal groups
  and external clients
• BICSI Engineers (RCDDs)
• Cisco Certified Engineers
• Radio Frequency Engineers

Finding Tomorrows Solutions, Today!
24
In-Structure Distributed Antenna Systems
(IS-DAS)

• IS3 designs and engineers In-Structure
  Distributed Antenna Systems (IS-DAS) within large
  facilities or venues that provide wireless
  coverage for cellular phones, wireless LANs
  (WLAN), radios and other wireless-enabled
  devices providing seamless coverage for multiple
  internal and external service providers of voice
  and data services. Venues such as
• Airports
• Metro Rail / Subway Systems
• Large Federal Government Facilities, Campuses
  and Bases
• State Local Government Facilities
• Office Buildings
• Court Houses/Jails
• Schools
• The net benefit of a DAS system is a less
  expensive solution with equipment that is more
  efficiently utilized, is less intrusive and does
  not disrupt the surrounding overall network.

Finding Tomorrows Solutions, Today!
25
IS-DAS
2.4 GHz
700 MHz
700 MHz
800 MHz
400 MHz
Facility Management Radio
Public Safety Radio
Single-Carrier Cellular
Multi-Carrier Neutral Host Cellular / WiFi
WiFi
Service Providers

• Sprint Nextel
• Verizon
• ATT Cingular
• T-Mobile
• Private/Internal
• Wayport
• Boingo

• Private Internal
• Wayport
• Boingo
• T-Mobile

• Sprint Nextel
• Verizon
• ATT Cingular
• T-Mobile

• Private Internal

• Government
• EMS

26
ITS Division Past Performance

• Sprint Nextel Corporation
• Nationwide Switching Center ITS Build-outs and
  Support
• Nationwide Engineering Services OM Support
• Computer Sciences Corporation
• Nationwide ITS Build-out (Voice / Data / Video)
• Metropolitan Washington Airports Authority (MWAA)
• Supplemental Radiating System (SRS) National,
  Dulles Udvar Hazy Center
• Dulles Vehicle Maintenance Facility
• Dulles National Neutral Host System
• IS3 is represented the four Major Wireless
  Carriers in the United States, and was primary
  Client Liaison to the Owner, Metropolitan
  Washington Airports Authority (MWAA) and Systems
  Integrator for the CWAS project. The CWAS
  initiative included the management, planning,
  detailed design engineering, construction,
  operation and marketing for Wireless Voice and
  Data applications and two Complete Information
  Transport Systems, consisting of Fiber and Copper
  at both of the Nations Capitols Airports.
• State of Maryland, Wicomico County
• Courthouse, Government Center and Two High
  Schools 800MHz Public Safety
• Washington Metropolitan Area Transit Authority
  (WMATA)
• Tunnels Wireless Neutral Host Based System
• General Services Administration (GSA)
• Presidential Transition Team Building
• Facility ITS Build-outs (Headquarters Building)

Finding Tomorrows Solutions, Today!
27
Contact Information

• Information Systems Security Solutions, Inc.
• 45150 Business Court
• Suite 500
• Sterling, Virginia 20166
• Office (703) 707-8400
• Fax (703) 707-8441
• Web http//www.infos3.com
• Information request info_at_infos3.com

Cage Code 3C334 GSA Schedule Contract
GS-35F-0776P
Finding Tomorrows Solutions, Today!
28
IS3 CORE VALUES
PERSONAL COURAGE
INTEGRITY
MORALITY
HONESTY
LOYALTY
SELFLESS SERVICE
Finding Tomorrows Solutions, Today!