Innovating Tomorrow, Securing Today: Your Trusted IT Partner


Alcor Technical Solutions, LLC. (est. 2012) focuses on identity, authentication, and access solutions for government and private industry organizations. An SBA-Certified (8a) company, Alcor enables companies and organizations in regulatory environments to understand and modernize trusted security and identity infrastructure; then works alongside to ensure secure and innovative uses of the services and products.

Alcor banner image - Managing Partner Nick Collingham presenting Active Directory modernization with a customer

Identity Credential & Access Management

As Information Technology (IT) continues to increase in complexity, many organizations struggle with the management of identities and associated access along with with an overabundance of application-specific user accounts and access controls. This problem is further complicated by today’s mix of cloud applications, legacy applications, mobile workforce and the need to access critical information anywhere, and anytime.

External threats such as malware, phishing, and social engineering create an environment where proper selection of Identity and Access Management solutions is critical. Organizations are now working to establish unified, robust, and enterprise-wide user authorization and authentication frameworks to enable streamlined access without compromising the security that more sensitive applications and data demand.

Alcor helps our customers deploy Identity and Access Management solutions that result in significant secure, operational and business process improvement. Our full lifecycle Identity, Credential and Access Management (ICAM) practice is focused on solving difficult enterprise issues associated with user registration, credentialing, authentication, and authorization to physical and logical assets. Our services include:

• Strategic Planning and Program Management: Effective ICAM solutions demonstrate a balance between usability and security. We leverage our full lifecycle understanding of ICAM to support a collaborative benchmarking process that provides our clients with insight into numerous other organizations that share similar challenges. Our subject matter experts bring extensive experience with federal ICAM policy, guidelines, and technical standards. We have conducted in-depth analyses of these standards to support client efforts to develop compliant, cutting edge solutions that maximize user adoption. This includes:

  • ICAM Policy Analysis and Development.
  • ICAM Technology and Implementation Analysis.
  • ICAM Strategy and Implementation Roadmap.
  • ICAM Governance and Oversight.
  • Program Management.

• System Architecture, Design, and Integration—Vital components of the design process are a practical concept of operations and realistic cost model to enable program decision makers to understand the core functional elements and forecast anticipated costs of the program. This includes:

  • Concept of Operations (ConOps).
  • Operational Lifecycle Cost Model.
  • ICAM / Federated Identity Architecture.
  • Registration and Credentialing Workflow Development.
  • System component design and integration.

• Process and Application Enablement—Enabling process and applications for ICAM services requires that stakeholders define the business need, identify critical requirements, and develop comprehensive use case scenarios for “as-is” and “to-be” processes. Our team’s comprehensive understanding of the technologies that enable these services ensures that our customers achieve their goals for increased efficiency and productivity. This includes:

  • PIV-Enabled Network Logon.
  • Single Sign-On (SSO).
  • Digital Signature, Encryption and Timestamp.
  • E-Authentication.

Risk Management and Compliance

Alcor’s Risk Management and Compliance services addresses the essential elements of cybersecurity, from strategy, governance, and enterprise risk management to security controls, architecture, implementation, and management.

Cybersecurity Risk Quantification:

• Enables enterprise risk management through the quantification of your cybersecurity risk or exposure that provides the insight necessary to articulate your cyber risk appetite, make risk-informed investment decisions, and illuminate risk transfer needs and options.
• Leverages strategic and financial company information to model your cyber operating environment and generate a dashboard view of the “Cyber Value-at-Risk” – the probability of breach, average and severe breach costs, and the top cybersecurity weaknesses.
• Based on data collected from an Enterprise-wide Cybersecurity Program Assessment and additional pertinent organizational information, such as enterprise and business unit revenue and business value of significant IT assets from the CISO and CIO point of view.

Security Technical Controls Review:

• Methodical review of your cybersecurity technical controls environment. • Assesses the enterprise cybersecurity architecture and technical controls for:

  • How well the controls implement policy.
  • How effectively they support the risk appetite.
  • How effectively they meet compliance requirements.

• Applies technical tools to evaluate the operational effectiveness of security controls.

• Based on a repeatable and traceable methodology that draws on accepted security technical controls standards such as Center for Internet Security Critical Security Controls, NIST SP 800-53, Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), and other sector-specific standards.

Incidence Response and Management

Any organization using information technology is a target for data theft, ransomware, denial of service attacks, and other nefarious attacks – no one is immune. For companies holding customer-sensitive information, federally or state-protected information, personal health information, or even trade secret information, developing an effective incident response plan is crucial.

Alcor provides a broad set of Incident Response and Management Services:

• Prepare – Develop the plan, tools and support when an incident occurs.
• Analyze – Identify the type of incident and defining the scope and potential impact.
• Contain – Limit the exposure and expanse of the incident.
• Remove – Eliminate the threats and threat actors responsible for the incident.
• Recover – Restore normal business operations while reducing the likelihood of a repeat cyber incident.

Business Continuity & Disaster Recovery

An organization reputation is built on the business continuity, Alcor ensures its clients business continuity with the plan of the action during a business disaster, this involves in creating policies and plans that ensure necessary business functions during a disaster by providing business impact analysis, change management and reporting potential issues. Disaster recovery involves in restore important systems this also involves in reducing business downtime.


Security Information and Event Management (SIEM) is an important piece of any organization’s security strategy. Managed effectively, it can help organizations to protect business operations and intellectual property, meet compliance regulations and enable better detection and faster response to security incidents.

Demand for SIEM technology is high, but that doesn’t mean that every business has deployed a SIEM solution or that all existing implementations are running smoothly.

Alcor utilizes its SIEM expertise to provide you with services at all stages of implementation, from product selection and testing, to implementation, tuning, and functional testing.

Vulnerability Scanning

Alcor performs vulnerability scanning using industry standard assessment tools as well as manual attack techniques meant to uncover weaknesses that are often missed with automated vulnerability scanning alone. In addition to reporting on the vulnerabilities we discover, Alcor provides remediation guidance and risk scoring to ensure your teams have the information necessary to prioritize remediation efforts.


  • CIO-SP3
  • Maryland CATS+

Alcor's capabilities successfully emphasize security, scalability, and usability.


Empowering Security, Ensuring Access: Unrivaled Identity and Access Management Solutions for a Safer Digital Future.

At the core of Alcor's proficiency and array of services is Identity and Access Management (IAM). Ranging from on-premise to cloud hybrid modernization, and expanding to encompass multi-cloud implementation, our capabilities empower organizations to effectively update their identity and access management systems. This dedication is reinforced by our commitment to staying at the forefront, adopting FIDO2 and other emerging standards through employing advanced methods such as FICAM and biometrics.


Securing Tomorrow, Today: Elevate Trust with Our Authentication Services.

Alcor offers cutting-edge solutions to fortify digital security and user access in today's dynamic landscape. Our comprehensive suite of services encompasses the deployment and optimization of advanced authentication methods, including Multi-Factor Authentication (MFA), biometrics, and adaptive authentication. Seamless integration these technologies bolster defenses against evolving cyber threats, ensures regulatory compliance, and enhances user experiences.


Securing Tomorrow's Digital Frontiers: Your Trusted Partner in Information Security Management Services.

Seamless connectivity is inadequate without a vigilant focus on security and its ramifications. Alcor draws upon its extensive expertise in both federal and private industry domains, guaranteeing adherence to industry-leading standards, including ISO/IEC 27001, NIST SP 800-53, FISMA, CIS Controls, PCI DSS, HIPPA and ITIL. Our approach integrates conscientious data practices, encompassing considerations for data-at-rest, in-transit, and robust governance measures.


Humanizing Innovation, Designing Tomorrow: Elevate Experiences with Human-Centered Brilliance.

Amidst the landscape of revolutionary change, user experience remains a steadfast focal point. Alcor's Human-Centered Design (HCD) methodology harmonizes quantitative and qualitative metrics, ensuring those responsible for maintaining a secure posture navigate their duties with minimal disruption, facilitating a seamless delivery of exceptional products and services.

CMS OSFLO - EFI System Security Office, Fall 2023

Based on our combined 70+ years of federal government service experience, we have encountered very few contract companies and/or individuals with their level of dedication, excellent communication skills, work ethic, and technical skills in delivering high-quality results that are truly impressive and exceeds most industry standards.


Learn more about Career Opportunities