Cybersecurity

CASE STUDIES

OIG Analytics Center of Excellence - ZTA

i3 implemented a secure and scalable cloud infrastructure for the Office of the Inspector General (OIG) Analytics Center of Excellence. By deploying a Zero Trust Architecture (ZTA) and robust role-based access control, i3 ensured the integrity and confidentiality of sensitive data, achieving critical milestones including obtaining Authority to Operate (ATO) and supporting secure data analysis for OIG partners.

Challenge

The OIG Analytics Center required a secure and compliant cloud infrastructure to investigate fraud, waste, and abuse. The challenge was to implement an advanced cybersecurity framework that protected sensitive data and enabled seamless collaboration among OIG partners, all while adhering to federal data security regulations. Without robust security measures, the OIG risked data breaches and disruptions to mission-critical operations.

Solution

i3 implemented a ZTA within an Azure-based environment, integrating advanced security measures with enhanced data analytics capabilities tailored to the OIG’s mission requirements. This included:

Performing security engineering and compliance of the Azure data analytics platform and achieving ATO in compliance with the NIST Risk Management Framework (RMF).
Securing access at every layer with a ZTA and introducing role-based access control to ensure only authorized users accessed sensitive data.
Implementing Microsoft Purview as part of our ZTA strategy to enhance data governance, ensure comprehensive visibility, classification, and protection of sensitive information across cloud environments.

"You did an exceptional job managing the Policy and Procedure domain for my strategic plan. I had a hard deadline, and you did not ask, nor did you lower the bar. We can say that no one in the IG Community has updated their policies to reflect the most current risk management standard and framework. Well, over three thousand pages were reviewed to strengthen over one thousand controls and enhancements for one of the largest privacy holdings for any agency in the federal government.”

– Chief Information Security Officer

Achieved ATO under NIST SP 800-53 Revision 5, establishing it as one of the first cloud environments in the federal government to meet this rigorous security standard.

Achieved real-time monitoring and continuous evaluation of user behavior.

Successfully passing all security audits and tabletop disaster recovery exercises.

Implementing a scalable security model that adapts to evolving threats and supports secure integration of cloud services, third-party applications, and remote work environments.