Cyber Security for Tribal Government Sectors
Customer Case Study
Creating a GCC High Environment for a Large Tribal Government
Summary
In 2022, a large Tribal Government in the United States contacted Conquest Cyber to help stand up a Government Community Cloud (GCC) High enclave. They needed the project executed under a tight deadline to bid on a high-profile Federal contract.
As a Microsoft Gold Partner, and Microsoft US Defense and intelligence 2022 Partner of the Year Winner, Conquest Cyber was a top contender to configure the GCC High enclave and provide full monitoring and management of the enclave. Considering the client’s level of urgency, Conquest addressed their concerns and set up a fully managed GCC High enclave 90% faster than traditional enclave builds and passed a pre-award assessment.
Problem
AN URGENT NEED FOR A GCC HIGH ENVIRONMENT
Government entities and their contractors are subject to heightened cybersecurity requirements. These organizations must comply with strict frameworks and regulations.
GCC High represents the gold standard for secure cloud storage and operations. Microsoft’s GCC High has the necessary controls in place to enable organizations to store and handle controlled unclassified information (CUI). Under Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012, organizations that store, process, or transmit export-controlled data that is controlled under International Traffic and Arms Regulation (ITAR), or the Export Administration Regulations (EAR) have been subject to safeguarding this information since December 2017. GCC High is the cloud environment that Microsoft attests to meeting these requirements.
For this Tribal Government entity, the business needed to set up a GCC High environment to prove compliance before being awarded a government contract. Failure to meet compliance due to the tight deadline would represent a significant lost opportunity for the business.
The Team at Conquest Cyber committed to building out the GCC High environment in less than a week to enable the Tribal Government entity the opportunity to win the contract. Native American and Alaska Native tribes face complex and increasing digital and physical threats. It is critical to their mission to strengthen the resilience of the critical infrastructure sectors. By responding quickly, Conquest ensured their ability to secure funding necessary to operate optimally and securely.
Solution
FULLY MANAGED GCC HIGH ENCLAVE POWERED BY CONQUEST CYBER AND MICROSOFT
Conquest equipped the Tribal Government Entity with its Fully Managed Enclave Bundle.
This bundle included the Conquest Cloud Engineering Team building out the Microsoft GCC High Enclave, and layering Conquest’s proprietary platform, ARMED ATK in the environment to provide:
Cyber Program Management through DEFEND: Provides a real-time view of overall program maturity
Integrated Risk Management through RISK: Helps visualize, frame, assess, and remediate risks
CMMC (Cybersecurity Maturity Model Certification) 2.0 and Publication 4812 Compliance Management through COMPLIANCE: Helps visualize and manage industry-specific regulatory requirements
24x7x365 Extended Detection and Response, Advanced Threat Hunting, and Managed Sentinel Service through SECOPs: Provides one centralized Security Operations Center (SECOPs) for all security alerts and incidents
Attack Surface Management through SHIELD: Provides real-time critical asset inventory and vulnerability insights, along with patch management, vulnerability management, firewall management, and phishing testing and awareness management.
Distinctives
ENHANCED CAPABILITIES THROUGH MICROSOFT PARTNERSHIP
How can Conquest implement solutions like GCC High environments so quickly and effectively? This capability is due in part to a close relationship with Microsoft.
As a Microsoft Gold Competency and FastTrack Partner, Conquest is qualified to build and manage secure cloud solutions through digital transformation services.
SOC monitoring tools like ARMED ATK integrate directly with the Microsoft ecosystem to provide additional layers of protection through detection, isolation, remediation, and process design. This holistic visibility empowers organizations to harness the full capabilities of a Microsoft Security, Compliance, and Identity suite.
To ensure a swift audit, the Tribal Organization was able to implement audit logging and reporting capabilities using the ARMED ATK platform. This reduces audit burden and allows them to continuously implement their evidence to support their cyber strategy and maintain compliance.
Thanks to multiple successful projects like this one, Conquest won the Microsoft US Defense and Intelligence Partner of the Year Award in June 2022.
Outcomes
CONTINUED SUCCESS WITHIN THE TRIBAL ORGANIZATION
Because Conquest understood the criticality of the client’s needs, it was able to deploy all its resources to quickly and effectively create a GCC High environment. As a result, the tribal government was able to win the high-profile contract with the federal government.
The tribal organization encompasses a large number of government and business units, and through this initial experience with Conquest, others began to see the value of its services.
- In the following months, one tribal business reached out with security concerns of its own. Conquest again executed a rapid same-day deployment to meet the urgent need, equipping them with Microsoft Sentinel and SOC monitoring services.
- A second business unit followed, and Conquest set up another managed GCC High environment with 24/7 SOC monitoring.
- Looking forward, Conquest is already helping the client through complex business decisions impacting risk and cybersecurity for multiple subsidiary companies.
Tribal governments are complex, highly regulated organizations. Conquest’s advanced capabilities make it the perfect partner to enhance cyber resilience and support the tribe, its citizens, and its business needs.
