-
14 years after 9/11, more connected, more social, more violent
Friday, today is the 14’th anniversary of the Al Queda attack on the US in New York on 9/11/2001. The world today is more connected, more always-on, more accessible…and more hostile. There are threats from Islamic terror, identity theft, hacking for pay, custom spyware, mobile malware, money laundering and corporate espionage. For those of us […]
-
Dealing with DLP and privacy
Dealing with DLP and privacy It’s a long hot summer here in the Middle East and with 2/3 of the office out on vacation, you have some time to reflect on data security. Or on the humidity. Or on a cold beer. Maybe you are working on building a business case for DLP technology like Websense or Symantec or Verdasys, or Mcafee or Fidelis in […]
-
10 ways to detect employees who are a threat to PHI
Software Associates specializes in software security and privacy compliance for medical device vendors in Israel. One of the great things about working with Israeli medical device vendors is the level of innovation, drive and abundance of smart people. It’s why I get up in the morning. Most people who don’t work in security, assume […]
-
Snake Oil 2.0 – why more data is bad
Why more data is bad Remember the old joke regarding college degrees? BS = Bull Shit, MS = More Shit and PhD == Piled Higher and Deeper and HBS == Half Baked Shit. In Western society, we are schooled to believe that more and faster is better – even though we can see that big data […]
-
The best cybersecurity strategy may be counter-terror
Danny Lieberman suggests that a demand-side strategy with peer-review may work best for cyber-security. A conventional military paradigm does not work for cyber-security Government cyber security policy, molded by the military; traditionally frames cyber-security in the context of a defensive strategy based on intelligence gathering, threat analysis, modeling and monitoring with deployment of defensive network […]
-
Clinical trials in the cloud
Ben Baumann from Akaza and Open Clinica fame, recently blogged about clinical trials in the cloud. Ben is pitching the relatively new offering from Akaza called Open Clinica Optimized hosting that offers quick startup using validated Open Clinica instances and resources on-demand on a SAS-70 compliant platform. As Ben noted that in the clinical research field, […]
-
Is network PVR the best direction for the big studios ?
The distribution of video over multicast-broadcast networks and content storage at by users with Windows PCs and PVRs has created a huge threat surface for digital content. Typical to flawed security countermeasures, HDCP and AACS exacerbate and enlarge the threat surface rather than enhance revenues and reduce risk. In this article we will show that […]
-
Comply with HIPAA
Software Associates helps medical device and healthcare technology vendors achieve compliance with the HIPAA Security Rule using a unique 6 step business threat analysis methodology. This unique program helps accelerate your security and compliance activities and reduce time and cost to provable HIPAA compliance. The objectives of threat modeling The objective of a threat modeling […]
-
Weekly security lessons learned
We specialize in security and compliance for the health care and bio-med space, helping clients build security into their products, instead of bolting it on later. There are plenty of challenges to go around and it often seems like you’re trying to drink from a fire-hose. Lots of water, a few drops into your mouth, […]
-
Why your IT vendor doesn’t want you to do a risk analysis
Did you ever have a feeling that your IT integrator was treating you like a couple of guys selling you a Persian rug? “Take it now – it’s so beautfiful, just perfect for your living room, a steal for only $10,000 and it’s on sale” and when you ask if it will last, they tell […]