Security Assurance Concept for Your Business

In a bylined article in Security Magazine, Dmitry Vyrostkov, Head of Security at DataArt, shares a step-by-step guide to setting up a security assurance process.

«The approaches to building a security process differ from company to company, but the goal of the process is to design and implement software that protects the company’s data and resources, meets security requirements, and is resilient in the face of security vulnerabilities and failures. Many companies call this process «Security Assurance».

«Threat modeling and risk assessment. Set up a process by which potential security threats can be identified and enumerated. Once this is done, a project team should understand what the risks are and identify the potential impact of these threats. All these answers could help in planning mitigation controls and reducing the probability of any security breach.»

«Security architecture reviews. Security reviews are designed to discuss mechanisms suggested by the team and analyze whether they address the security requirements previously defined. The team could further work to identify relevant security mechanisms and controls and customize them according to project needs. Examples of such features and controls are public key infrastructure, cryptography and secrets storage, authentication services, access control, and security event logging.»

Original article can be found here.

Welcome
We are glad you found us
Please explore our services and find out how we can support your business goals.
Get in Touch Envelope