Healthcare providers, and the technology vendors that provide them with software and hardware, are driven by the need to protect sensitive patient data. Whether you need to acquire the skills needed to build software that is impervious to attack, get experts to uncover critical vulnerabilities in the products you use and sell, ensure data is properly encrypted, or roll out out a software risk management program, Security Innovation can help. We specialize in application security and crypto, the two most critical components of data protection.
HealthTech
Software is integrated into almost every aspect and product associated with patient care, and Health care providers and the patients they treat depend on them being secure. We've helped Becton Dickinson, Phillips Medical, Life Image and others integrate security into their development process, and find/fix vulnerabilities before their products reach their customers, where vulnerabilities become difficult and costly to fix. Our solutions include:
Software Assessment - Code Review & Pen Test
Our engineers can conduct a deep assessment on your code or application. We have more than 10 years of experience assessing the world’s most dominant software applications, and we literally wrote the book on software security testing. We can also provide documentation of testing that was conducted to demonstrate a commitment to security for your customers.
Technical Training & In-Practice Guidance
Our TeamProfessor eLearning system, combined TeamMentor, our secure development knowledebase, ensures that you have the right skills as you prepare and conduct security activities.
With more than 35 courses and 3,000+ searchable guidance assets that cover ASP.Net, Java, Windows, C/C++, OWASP, and more, all the knowledge you need is at your fingertips.
Secure SDLC Gap Analysis & Optimization
Whether you need to map application security to compliance and governance standards, or simply want to integrate security into your existing development lifecycle, we are the experts who can help. more >>
HealthCare Providers
We can help you protect patient data and other sensitive information by identifying how your data can be compromised, whether it’s via an insecure application, a mis-configured server or database, or improperly implemented encryption. We also offer Information Security Awareness training to help you comply with the requirements of PCI-DSS and HIPAA. Our solutions include:
Threat & Risk Assessment
Risk assessments are required for organizations affected by HIPAA , and are an accepted best practice for data protection. We can identity all areas of information flow and pinpoint spots in your system that are vulnerable to attack. We then translate that into business and compliance risk and help you map the threats into your risk management framework. more>>
HIPAA & PCI-DSS Security Awareness eLearning
Security Awareness Training is required all who are involved in, or support systems involved in, the creation, transmission, or storage of ePHI. We offer several awareness eLearning courses that cover the following topics:
Information Security Awareness (more>>)
- Handling user accounts and information securely
- Protecting mobile devices and storage media
- Preventing intrusions into corporate facilities
- Defending against malware
- Consequences of security vulnerabilities
- The need for strong passwords and policies
Software Security Awareness (more>>)
- Motivations behind software security
- Techniques to manage application security risk
- Security activities for every role within the IT/development organization
Software Assessment - Code Review & Pen Test
Our engineers can conduct a deep assessment of internal or 3rd party software applications. We have more than 10 years of experience assessing the world’s most dominant software applications, and we literally wrote the book on software security testing – and we’ll leverage this expertise to hunt down elusive vulnerabilities for you.