Cyber Security & Information Assurance Engineering
Cyber Security & Information Assurance Engineering
YarCom® Inc. is an expert in total cyber security and information assurance solutions. We work closely with infrastructure designers, application developers, e-commerce providers, and web services implementors to provide complete and secure computing, networking, and internetworking solutions.
We address all the Cyber SECs: In 2001, YarCom was the first organization to define a comprehensive Cyber-IO applied programming interface with a unified XML information exchange process.
We are the only ones who will address all the SECs, both actively and passively. The only way to provide true Defense-in-Depth is to build-in cyber security at all seven layers of the OSI stack, plus the difficult layer 8 (people) and layer 9 (policy), and layer 10 (budget).
COMSEC - Communications Security
Cryptosecurity: Provision of technically sound cryptosystems and their proper use.
Emission Security: All measures taken to deny unauthorized persons information of value which might be derived from intercept and analysis of compromising emanations from crypto-equipment, information systems, and telecommunications systems.
Physical Security: All physical measures necessary to safeguard classified, proprietary, sensitive equipment, material, and documents from access, observation, or theft by unauthorized persons.
Transmission Security: Application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis.
EMSEC - Emanations Security
All measures designed to deny unauthorized persons information of value that might be derived from intercept and analysis of compromising emanations from other than crypto-equipment and telecommunications systems.
COMPUSEC - Computer Security
Measures and controls that ensure confidentiality, integrity, and availability of the information processed and stored by a computer. Synonym for automated information systems security.
Application of hardware, firmware and software security features to a computer system in order to protect against, or prevent, the unauthorized disclosure, manipulation, deletion of information, or denial of service.
NETSEC - Network Security
Measures designed to provide a secure interconnecting infrastructure supporting data communications.
E2SEC - End-To-End Security - the YarCom® Inc. Advantage
Measures taken to ensure availability, confidentiality, integrity, identity, and non-repudiation of information systems from source to recipient.
Process-Driven Engineering
YarCom® Inc. has experience engineering all aspects of ISO/IEC 17799/27001, NIST 800-53, CNSSI 1253, DODI 8500.01, and ICD-503. We engineer solutions that can be validated within the National Information Assurance Partnership (NIAP) and the Common Criteria Evaulation and Validation Scheme (CCEVS), including supporting documents and process engineering.
Turn to YarCom® Inc. when you need the latest designs, products, services and information on Information Assurance issues including:
Personnel policies & employment contracts
User training & threat advisories
Cryptographic implementations, IPSec VPN, TLS VPN, SSL-enabled web servers, including US Government high assurance
Clandestine channel detection, including steganography
Virus and other malicious code protection
Public Key Infrastructures (PKI) and Public-Key Enabled (PKE) applications
Firewalls and enclave boundary protection
Intrusion detection sensors and monitoring
Disaster recovery and off-site secure storage
Vulnerability audits
Emergency power systems
EMP and lightning protection
Work practices & secure applications
YarCom® Inc.: The source for your cyber security and information assurance expertise.
For additional information contact: