Enterprise Security Services

The Corporate IT Support Enterprise Cyber Security and Privacy program continuously ensures that Veteran Personal Health Information (PHI). Personally Identifiable Information (PII), and all other sensitive information that is processed or stored in VA IT systems remains safeguarded at all times. The return on investment is significant as the damage and harm that could result from a loss of sensitive Veteran and VA information is prevented by the effective implementation of the Enterprise Cyber Security and Privacy Program. Security of Veteran information is a top priority at the VA, and the Program benefits both internal and external organizations and individuals by ensuring that VA is fully compliant with Federal IT security and privacy laws and policies. This benefits all Veterans, and also the employees and staff that make use of the data and systems maintained and operated by the VA. VA applies a risk-based approach to security and implements a defense in depth strategy that and lowers risk of system vulnerability by defending protects and defends the Veterans Affairs enterprise systems, applications and services from both internal and external security threats, and which is accomplished by vulnerability scanning, penetration testing, firewall management, forensic analysis, and intrusion detection monitoring. The program includes information security officer (ISO) staff that are located at all VA Medical Centers, Data Centers, and other key locations that provide direct day-to-day security operations support to the medical staff located at our facilities. The program also ensures that Veteran information is disposed of properly and within the confines of appropriate legal authorities. It also ensures that information that is deemed beneficial is made available to the public with an emphasis on protecting all Veteran and other sensitive information.

• Total
• Cost Pools