- API SITNA in the supply of free software solutions from the centre of technology transfer
- New version of THUS (v2.2.0)
- Change in high procedures of users in cl@ve
- The service ACCESSES in the cloud, @asLAN Award in the category of Digital Services Shared
- Procedure for the accession to the convention centre of printing AEAT since Notifies
Public organizations increasingly dependent of information technologies and communications (TICK) to achieve its goals of service. The raison d'être of PILLAR is directly related to the widespread use of electronic media, computer and online, which makes clear benefits for users; but also gives rise to certain risks that must be minimized with security measures that generate confidence in the use of such media.
PILLAR interest to all those who work with mechanized information and computer systems that the deal. if such information or services provided through it are valuable, PILLAR will allow them to know how much this value is at stake and help them to protect it.
The objectives pursued by the tool pillar are:
- Perform risk analysis according to the methodology Magerit and ISO/IEC 27005.
- Design of the plan to improve security.
PILAR consiste en una aplicación informática que compila los activos del sistema, sus relaciones de interdependencia y su valor para la organización. Conocido el sistema, permite introducir las amenazas posibles en los aspectos de disponibilidad, integridad, confidencialidad, autenticidad y trazabilidad, para derivar los riesgos potenciales sobre el sistema.
Once known risks, you can determine a series of safeguards and estimate the residual risk. In the treatment of risk is a continuous process and recurrent in which the potección system is improving regularly to face new risks and increase confidence that the system deserves for perpetrators and users.
Personal computer with windows, linux or MacOSX and virtual machine java 2.
Optionally you can use a repository of type database with access SQL.
Tool for monitoring continues the rule of risk and monitoring of projects to improve security.
The results obtained from the use of this tool are as follows:
- Potential impact and residual.
- Potential risk and residual.
- Map of risks.
- Plan to improve security
- The state continues monitoring risk
The advantages which the use of the tool:
- Know the risks to treat them.
- Conocer el grado de cumplimiento de diferentes perfiles de seguridad: 27002, protección de datos de carácter personal, esquema nacional de seguridad, etc.
- Implement the methodology Magerit and ISO/IEC 27005