DGAP

DataGuardian Assistance Program

It takes more than getting cryptographic code to compile and run to provide data security

Recent changes in legislation (GDPR, DPB) turn all the personal data into sensitive data. Making the right decisions about implementing data security on your own is both hard and onerous. One-time flat-fee consulting service, DataGuardian Assistance Program (DGAP) comprises all the necessary tools and expertise you’ll need.

As a result of DGAP, you will enhance your product with core encryption tools, understand realistic security and compliance demands you’re facing, educate your team on basics of security from the like-minded engineers, and improve engineering processes so that achieved security levels remain intact during consequent development of your product.

Assistance program...

Protect sensitive data

Prepare for privacy regulations

Improve secure development process

Educate your team

What you get with DGAP?

Realistic security guidance by engineers, for engineers
Building a secure system from scratch or adding security controls to existing products is a non-trivial task. Solving it needs more than just walking through compliance checklists – it demands expertise and hands-on experience in building security solutions within working products.
Clear threat model
During DGAP, we will help you define all sources of risk your data assets are facing, set security priorities, analyse the potential impact of data-related incidents, and suggest appropriate measures.
Secure data lifecycle
DGAP focuses on full lifespan of sensitive data in your infrastructure: data flow, processing, storage and transmission between each component, their reliability, and practical risks associated.
Usable security
DGAP brings you practical ways for improving security, with minimal impact on business priorities (performance, time to market, etc.). We come with easy to implement advice tailored to your infrastructure.
State of the art tools
After observing your product's environment, we will provide security guidance, point out modern approaches and tools that enable implementation of provided advice with least effort and maximum security benefit.
Increased security awareness
After DGAP, your development team will increase security awareness within the range directly applicable to your industry and stack, understanding better what to keep an eye on.
Verifiable security
We will help you deploy test processes, which will enable further development of your product in a secure way without slowing down the customary development pace.

Thorough security on every step

Stage 1. Analysis and goal setting

We help you classify the data handled by your product, analyse the real-world risks, compliance demands from modern data protection and privacy regulation, and suggest the threat and security model. Your team will form a shared vision of the data flow and data risks across all of your product(s).

Stage 2. Secure data lifecycle

We map out the risks to threatening the technical infrastructure that operates on sensitive data and suggest security controls that prevent or limit the exploitable high risk vectors.

Stage 3. Implementation

For every risk mitigation technique, we provide guidance and tools (both proprietary and open-source) for implementing security controls in your own product.

Stage 4. Verification and ongoing security

Upon completing the implementation stage, we will help you continuously test the security of your system and continue your development process efficiently, with the new security tools and standards in place.

Result: Your product, your team, your data.
Safer, smarter, risk-free.

Copyright © 2014-2018 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.