Services and Solutions

01
Cloud
FinCEN Enhances Security, Heightens Innovation, and Streamlines Efficiency Through Successful Cloud Implementation
Customer Mission

The Financial Crimes Enforcement Network (FinCEN) is responsible for safeguarding the country’s financial system from illicit use, combating money laundering and its related crimes including terrorism, and promoting national security through the strategic use of financial authorities and the collection, analysis, and dissemination of financial intelligence.

Challenge

The agency wanted to shift from legacy infrastructure and adopt a modern cloud-based infrastructure that offered a more flexible and cost-effective solution to stand up its Beneficial Ownership (BO) regulatory framework, along with the Beneficial Ownership Secure Systems (BOSS). The new infrastructure needed to comply with the highest Federal Information Security Management Act (FISMA High) level, ensuring that only authorized users could access beneficial ownership information.

Solution

TIAG developed and implemented a cloud-based solution for BOSS using a multi-phased approach that included determining which strategy to use and creating a road map for application, designing and creating the architecture for the application focusing on the distributed nature of the system, performing trial cloud-native and piloting a Minimum Viable Product (MVP) to demonstrate the application’s viability, migrating and porting over needed data, and continuing to improve the cloud application, whether from a product feature perspective or from a performance perspective. Our approach also included:

  • Cloud Migration Strategy: TIAG created an agency-specific plan that covered the process and requirements for transitioning data and services from an on-premises environment to a cloud environment. This strategy identified the appropriate services and capabilities to implement from the start, ensuring a secure and efficient cloud environment.
  • Data Integrity and Encryption: TIAG ensured data integrity during the transfer by encrypting data and making sure it remained secure when it reached its final storage location.
  • Human-Centered Design and DevSecOps Cycle: TIAG employed a human-centered design approach and a dynamic development and engineering DevSecOps cycle to prioritize the design, development, and delivery of capabilities. By building, learning, and iterating on solutions, TIAG helped FinCEN transition and adapt to the new cloud environment.
  • Zero Trust Architecture: TIAG provided guidance for FinCEN to securely transition to, deploy, integrate, maintain, and operate cloud services, adopting a zero trust architecture to further enhance security.
  • Public-Private Partnership: TIAG established a public-private partnership to promote innovation and the advancement of more secure information technologies, thus strengthening FinCEN’s long-term IT infrastructure.
  • Staff Training and Sandbox Environments: TIAG also provided training for staff and users, giving them the opportunity to practice new skills through access to sandbox environments.
Result

I addition to successfully obtaining the Authority to Operate the new FISMA High Government Cloud Environment (FinCloud), our work with FinCEN resulted in:

  • Enhanced Security: TIAG migrated the data and BOSS systems/architecture into a FISMA-High Government cloud environment, ensuring the secure collection, storage, and management of BO information.
  • Heightened Innovation: FinCEN’s competitive edge and ability to meet digital product demands increased significantly, with robust features and data supported by cloud services.
  • Reduced Inefficiencies: Duplicative efforts, inconsistencies, and cost inefficiencies were successfully eliminated and mitigated.
  • Streamlined Adoption of Cloud Computing: FinCEN leverages security authorizations on an enterprise-wide scale, resulting in faster adoption of ongoing cloud computing and the accelerated development and scaling of new applications and services, particularly for artificial intelligence and consumer-facing applications.
02
Cybersecurity
FinCEN Partners with TIAG to Bolster Cybersecurity Ahead of Audit
Customer Mission

The Financial Crimes Enforcement Network (FinCEN) is responsible for safeguarding the country’s financial system from illicit use, combating money laundering and its related crimes including terrorism, and promoting national security through the strategic use of financial authorities and the collection, analysis, and dissemination of financial intelligence.

Challenge

FinCEN contracted TIAG to strengthen its cybersecurity infrastructure in preparation for an upcoming audit. 

Solution

TIAG’s Mentor-Protégé joint venture with Saliense, SynergisT JV, provided a secure environment where FinCEN’s applications could be scanned, tested, and patched. SynergisT JV also supported FinCEN’s risk management framework through vulnerability mitigation and management, which included modernizing and tailoring FinCEN documentation and cross-training staff to increase personnel flexibility and capabilities. Additionally, the team:

  • Conducted a thorough analysis of FinCEN’s security infrastructure and identified issues with the Nessus Tenable instance.
  • Designed, built, and established a resilient vulnerability management infrastructure utilizing Nessus Tenable and bespoke processes for enhanced automation.
  • Revamped FinCEN’s SSP (System Security Plan) and supporting artifacts for a robust and secure foundation.
  • Modernized and customized FinCEN documentation and cross-trained staff to increase personnel flexibility and capabilities.
Result

TIAG’s cybersecurity overhaul for FinCEN propelled the organization into a secure and compliant cloud environment. With over 1,000 previously undetected vulnerabilities addressed and substantial improvements to the security infrastructure, TIAG’s work with FinCEN yielded impressive results:

  • Significant improvement in FinCEN’s cybersecurity posture and compliance levels.
  • Reaffirmed leadership’s confidence leading up to the annual Cyber Security audit.
  • Expansion of TIAG’s services to support a new area of FinCEN’s operation, resulting in two additional contract positions.
  • Ongoing talks about a direct 5-year award to TIAG.
  • Increased efficiency in maintaining FinCEN’s cloud environment.