Steadfast Commitment to Protecting Data
We believe in providing the best cybersecurity and compliance to our clients and the people we serve. At Knowledge Services, we are fully committed to strengthening our client’s security and protecting all personally identifiable information (PII), proprietary business information, client, and personal data entrusted to us.
Cybersecurity at a Glance
Knowledge Services recognizes and has fully committed to cybersecurity best practices and rigorous security procedures.
Our SaaS solution, dotStaffTM, is housed in the most secure environment available, ensuring that the infrastructure that powers our system has met more compliance and authorization initiatives than any other hosting provider.
Since its launch in 2003 as one of the first government cloud-based vendor management systems, dotStaffTM has added modules that help clients and our program services teams manage temporary workforce and project-based services.
dotStaffTM key functions
- Requisition Lifecycles
- Scope of Services Deliverables
- Recruiting & Vetting
- Onboarding & Certification
- Time and Expense Entry
- Project Tracking and Approval
- Survey Administration
- Dashboard Reporting & Business Analytics
The FedRAMP Ready designation applies to the proprietary cloud SaaS technology, dotStaff. Since its launch in 2003 as one of the first government cloud-based vendor management systems, dotStaff has been enhanced specifically to better serve government clients with added modules to manage workforce, vendors, credentials, surveys, and reporting.
To achieve FedRAMP Ready status, Knowledge Services had to demonstrate compliance with FedRAMP’s NIST-based cyber security framework. Knowledge Services worked with experts from Coalfire and A-Lign to reach this milestone. The FedRAMP Ready designation is a first step in Knowledge Services’ commitment to achieving a FedRAMP Authorization.
As founding members of the newly formed StateRAMP not-for-profit, Knowledge Services has been at the forefront of cybersecurity innovation for State and local governments across the country.
Security & Compliance
Our passion for cybersecurity naturally led us to further continue our work with government in their efforts to be compliant and secure in their programs.
To strengthen our commitment to security, we have specifically chosen to host our solution (dotStaff™) on Azure Government Cloud, which is FedRAMP Authorized by the Joint Approval Board as both an IaaS and PaaS provider to the government community. We also meet NIST SP 800-53 Rev. 4, which encompasses 17 control groups as well as 325 individual controls, providing a mature security position to protect your sensitive data. Knowledge Services requires CIS Level 1 Compliance of all systems hosted in the Azure Government Cloud, in accordance with the FedRAMP moderate baseline standard.
Not only do we protect your data, we monitor what is happening around it. In partnership with Splunk Cloud, our Security and Incident Event Monitoring Solution (SIEM), we can collect and index data, search and investigate events, correlate and analyze finds, visualize and report trends, monitor and alert on incidents, and respond anytime, anywhere, to any threat.
Due to the many data breaches, hacks, and incidents in the cyber world in recent years, Knowledge Services has fully committed to best practice and rigorous security procedures. Investing in a truly holistic Vulnerability Management Solution, Knowledge Services utilizes the Qualys Cloud Platform for Vulnerability and Patch scanning on Systems, Web Application Scanning, and policy compliance. This means we are implementing controls and meeting system benchmarks that our clients and partners not only want, but need.
- Latest Security News From RSAC 2021
- DarkSide Ransomware Variant Targets Disk Partitions
- 47% of Criminals Buying Exploits Target Microsoft Products
- DDoS Attacks Up 31% in Q1 2021: Report
- Rapid7 Is the Latest Victim of a Software Supply Chain Breach
- RSAC 2021: What Will SolarWinds' CEO Reveal?
- Agility Broke AppSec. Now It's Going to Fix It.
- Name That Toon: Road Trip
- Rapid7 Source Code Accessed in Supply Chain Attack
- How Faster COVID-19 Research Is Being Made Possible by Secure Silicon