Customized to your needs
Software Associates provides professional software security assessment services for medical device and healthcare technology firms.
We work with the C-level executives of our clients to deliver quantitative risk analysis that fits the particular product, technology, operational and HIPAA compliance requirements of the business.
Our clients enjoy the benefits of our rigorous healthcare threat models that have been developed over dozens of engagements.
Our use of white-box penetration testing and the popular PTA (Practical Threat Analysis) software tool enables our clients to model multiple threat scenarios, respond to changes in regulation and adapt their security portfolio to new technologies; all in a cost-effective and timely fashion.
Our consulting engagements are usually completed within 1 to 3 months for a data security and compliance project and 6-12 months if the software needs to re-factored with appropriate security countermeasures.
Our deliverables to the client include a written security assessment report that addresses both product and operational vulnerabilities.
Following delivery of the security assessment, we work hands-on with the client to implement the right, most cost-effective security portfolio.
Our philosophy is centered on one specific goal – healthcare software project success while teaching the client to sustain secure software development and comply with the HIPAA and European Data security regulatory standards.
We team with client management to focus on reducing system risk with practical methods and technology in the best possible schedule. Our capability to properly evaluate risk comes from a systems approach and 25 years of experience in developing entire systems: front-end GUI, back end processing, data model, systems integration, server engineering, information security, billing, network management, IT applications integration and rich Web 2.0 applications.
We work with management, marketing and engineering staff and teach you to:
- Avoid classic SDLC (software development life cycle) mistakes
- Insist on software development fundamentals
- Perform aggressive risk management
- Choose the right schedule-oriented practices for the project
Mobile and networked devices – reining in the risk.
Software security of mobile and wired network devices requires considering the best set of network security countermeasures as well, since medical devices are typically deployed in uncontrolled, complex and highly vulnerable environments such as enterprise IT networks in hospitals.
While existing security tools (firewalls, IPS and proxy-based Web, mail and content-filtering gateways) can do a good job controlling perimeter network access, scanning for mail-borne viruses and filtering Spam; they provide insufficient control to control internal network channels (A network channel is a bi-directional TCP/IP client-server connection between two hosts: for example a web client on Port 1187 conversing over HTTP with a Web server on port 80, running the Jabber application protocol).
We help improve the robustness and security of mobile devices by considering a number of key possible vulnerabilities.
Blind spots in firewall protection may enable data loss attacks
Appliances and software applications running on servers, often rely on built-in or network firewalls. The protection that firewalls provide is only as good as the policy they are configured to implement. Analysis of real-world configuration data shows that corporate firewalls often enforce rule sets that violate well-established security guidelines (for example zone-spanning objects and lack of stealth rules). Stateful inspection firewalls don’t perform deep content inspection on complete sessions and are therefore blind to data theft attacks that encapsulate instant messaging inside telnet sessions in order to transfer Microsoft Office files with sensitive data.
Proxies may enable attackers to compromise a device and steal data
End-point devices are often configured to use proxies to obtain direct access to the Internet. Research with clients show us that as much as 20 percent of all endpoints already bypass content filtering proxies on the enterprise IT network.
Poor visibility of network transactions
Poor visibility of network transactions makes incident response difficult. In many cases, firewall and proxy logs are generally never analyzed, and often lag hours behind an event. An IPS often relies on anomaly detection. Anomaly detection relies on network flow data, which is often reported at intervals of 15 to 45 minutes. With that kind of lag, an entire network can be brought down. Because anomaly detection is looking for an anomalous event rather than an attack, it is frequently plagued by time-consuming false positives. A proxy on the other hand relies on URL filtering and simple keyword matching that analyzes the HTTP header and URL string. By looking at content and ignoring the network; a proxy can suffer from high rates of false negatives, missing attacks.
Multiple security layers increases cost of implementation and maintenance.
Installation of multiple, disparate, proxy-based security products complicate network and end-point maintenance. Proxies require changes to the network infrastructure and in large networks may be impossible to install. End-point products carry a heavy cost of distribution and maintenance and are highly sensitive to Windows versions and vulnerable to Tuesday updates.
Layered defenses may increase risk
Additional risk is often created as a result of the interaction between a complex system of cache servers, SSL accelerators, Load balancers, Reverse proxy servers, transparent proxies, IDS/IPS and Web Application Firewalls. Consider that endpoints can bypass SSL proxies by specifying a gateway IP address and transparent proxies on a Windows network are no assurance for unauthenticated user agents bypassing the entire proxy infrastructure. HTTP-Aware firewalls such as Web application firewalls can be completely or partially bypassed in some cases. Transparent proxies can be compromised by techniques of HTTP response splitting since they rely on fine-grained mechanisms of matching strings in HTTP headers.