YOUR Secure Connection to the Internet

Premier Small Business Virtual Private Network (VPN) Service

SPAN increases security for your valuable business data, intellectual property and operations communications. The SPAN VPN uses industry leading encryption and protocols to secure your communications to the Internet.

What is a SPAN?

In Bridge Engineering terms, a span is the distance between two supporting structures, often the endpoints of the bridge. The Assured Bridge
Virtual Private Network “Spans” the chasm between an endpoint device (your computer) and the Internet. The chasm may encompass an untrusted network, somewhere being visited, or a public Wifi access point. The
Assured Bridge VPN creates a safe path through which your sensitive business and personal information travels.

When is SPAN VPN needed?

Any time your connection to the Internet is not fully trusted or trustworthy:

  • Using public Wifi at restaurants, hotels, coffee shops, airports or vendor locations
  • Shared office environments
  • Telecommuters and remote workers
  • Virtual Organizations with no home or HQ offices

SPANS unique features:

  • U.S. Based endpoints – outbound Internet connections are established through regional security gateways at leading certified Cloud providers in the United States
  • Malware and Malicious Site Protection – Internet connections to questionable, malicious or dangerous links, sites and pages are filtered and blocked protecting your employees, systems and information
  • FIPS compliant operating modes and modules
  • Auditing and Compliance – Usage of the VPN is logged for auditing and compliance reporting purposes. However, NONE OF YOUR BUSINESS DATA is stored. Periodic reporting is available for your record-keeping needs.
  • Your SPAN is YOURS – This is not a shared service. Assured Bridge creates a new SPAN for each of it’s valued customers. This reduces the risk of anyone else getting access to YOUR data. Assured Bridge maintains the service, but you are your SPAN’s only customer.

SPAN helps address security requirements from the NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations control families:

  • 3.1 Access Control
  • 3.3 Audit and Accountability
  • 3.5 Identification and Authentication
  • 3.6 Incident Response
  • 3.11 Risk Assessment
  • 3.12 Security Assessment
  • 3.13 System and Communications Protection
  • 3.14 System and Information Integrity

SPAN helps address security requirements noted in Federal Acquisition Regulations 52.204-21 Basic Safeguarding of Covered Contractor Information Systems:

  • 1 – Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
  • 3 – Verify and control/limit connections to and use of external information systems.
  • 5 – Identify information system users, processes acting on behalf of users, or devices.
  • 10 – Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.
  • 13 – Provide protection from malicious code at appropriate locations within organizational information systems

These security features support compliance requirements for Cybersecurity Maturity Model Certification (CMMC), a mandated standard for all Department of Defense Contractor Organizations.

Note: Full compliance with National Institute of Standards and Technology Special Publication 800-171 requires a complete security risk analysis, policy, plan, implementation and other controls not included in the SPAN service.