Downloads
DRM or DLP - choosing the right data security technology PDF  | Print |  E-mail

A common question for a large company that needs to protect intellectual property from theft and abuse is choosing the right balance of technology, process and procedure. It has  been said that the Americans are very rules-based in their approach to security and compliance where the the Europeans are more principles-based.

 

This article presents a systematic method for selecting and cost-justifying data security technology to protect  intellectual property theft and abuse.

 The original presentation was given at the October 2, 2009 DLP-Expert Russia meeting in Istra (just outside of Moscow)

Click here to download the presentation
 
Data security threat assessment PDF  | Print |  E-mail

Business Threat Modeling(TM) is a practical way to diagnose and quantify threats to customer data, strategic plans, marketing and pricing data without disrupting the operation.

Delivered as a consulting study on a fixed-cost basis, with deliverables in 2 work-weeks. Executed by highly experienced consultants with specific experience in data security in global organizations.

  • Diagnoses threats
  • Analyzes value at risk in financial terms
  • Produces a plan for prioritized, cost-effective security.

 

Read how to plan for robust data security and prevent a major data loss event from impacting your business with a systematic threat assessment method- BTM - Business Threat Modeling
 
IPTV video on demand case study PDF  | Print |  E-mail
One of our more interesting projects in 2007 was in video on demand. We were called in to help IPTV specialist Araneo, manage their implementation risk and perform an application threat analysis.
Click here to download the article
 
Data leakage prevention - telecom service provider case study PDF  | Print |  E-mail
Our first implementation of digital asset protection solution followed on the heels of a business vulnerability assessment project at the Israeli telecom service provider 013 Barak.
Click here to download the article
 
Sygate 5.52 personal firewall PDF  | Print |  E-mail
You practice safe email, you don't download, you never get a virus and you are frustrated by bloatware from Symantec and McAfee. Uninstall your old PC firewall and install Sygate 5.52:
Click here to download the software
 
Customer convenience or Customer Privacy? PDF  | Print |  E-mail
This is a presentation I gave at the UPU (Universal Postal Union) EPSG (Electronic Products and Services working Group) working meeting in Bern on Feb 20, 2007. About 25 people from 20 countries were present and it was a great experience for me to hear how Postal operations see themselves and what they do in the B2C e-commerce space.
Click here to download the presentation
 
Practical software security PDF  | Print |  E-mail
A practical, proven methodology for practical risk assessment and security breach risk reduction in enterprise software systems.
Click here to download the article
 
How to Prevent Credit Card Theft PDF  | Print |  E-mail
A guide for IT and network security staff on how to prevent credit Card theft from your network.
Click here to download
 
How to protect your information when you outsource PDF  | Print |  E-mail
A presentation I gave at the Israeli CISO forum in 2004, on how to prevent data breaches when you outsource your I.T operation and/or software development group.
Click here to download the presentation
 
Data Leakage Prevention (DLP) Check List PDF  | Print |  E-mail
Based on our experience in the data loss prevention/DLP/data leakage prevention space, we've compiled a technology shoppers guide in PDF format
Click here to download
 
Free risk assessment software for data security and compliance PDF  | Print |  E-mail

  Download free risk assessment software

Software  Associates provides the compliance and data security community with it's Business Threat Modeling methodology and  popular PTA (Practical Threat Analysis) Professional risk assessment software as a free download package.

Download the PTA - Practical Threat Analysis software for free evaluation

Download the Business threat modeling methodology for free evaluation

 

What is Business Threat modeling methodology?

Business threat modeling is a risk assessment process designed to help a business understand it's operational risk in dollars and cents. Business threat modeling has proven it's effectiveness since 2003 in a wide number of domains:

  • Legacy applications modernization
  • Sarbanes-Oxley IT audit
  • Call centers
  • IT infrastructure modernization
  • Data loss prevention
  • Internal fraud detection, mitigation and quantification
  • New applications development
  • Systematic evaluation of vulnerabilities in third-party-vendor software

What kind of data is required ?

We collect data in a Business Threat Modeling project using human intelligence (individual or group interviews with TOP Mapping ) and electronic intelligence gathering (network surveillance) to provide quantitative measurement of existing data security violations at the level of channel (Web, FTP, IM and more....), application, organizational entity and data content.

What kind of results will I get? 

  • The output of a Business threat modeling study is a cost-effective data security plan.
  • The plan includes the most cost-effective data security countermeasures that reduce the risk level to a minimum.

 

How is risk calculated?

Business Threat Modeling uses the popular PTA (Practical Threat Analysis free risk assessment software for Windows. With thousands of users world-wide at companies of all sizes from independent security and compliance consultants to large organizations like Intel and Microsoft, Business Threat Modeling helps you understand risk and mitigate threats in practical terms that every business understands - dollars and cents.

 So how do I get started?

If you haven't already downloaded the free risk assessment software and the methodology document  that's the first step.

Click here to download PTA; the free risk assessment software, and the free Business Threat Modeling methodology. Install PTA Professional on any Windows XP or Vista PC. Select one of the support packages. If you're a small business - you should check out our Customer data security on a budget program. In order to do a ISO27001 based risk assessment, just download ISO 27001 Library and within hours you'll be producing cost-effective risk control plans.

The software is updated on a regular basis - application updates are posted on the PTA Professional Edition Updatespage

Community

Visit the Practical Threat Analysis Professional Forum - and make your voice heard on issues of achieving and sustaining compliance with data security and compliance standards such as ISO 27001, Sarbanes-Oxley, HIPAA, PCI DSS 1.2, NERC/FERC and other security audit methodologies.

 


Software Associates - Business security specialists for hi-tech firms