What is the state of your company’s IT Security?
Digitization offers many advantages for your company. However, at the same time, it also creates new vulnerabilities, gateways for attackers and increased technological dependencies. These new dangers inevitably require adapted security concepts.
Simultaneously, the profitability of the utilized IT solutions is becoming increasingly important and individual solutions are in high demand. For one thing, according to a study conducted by the IWL, more than a quarter of small and medium-sized companies have safety concerns regarding their IT. On the other hand, almost 40% consider the ready-made solutions available on the market as too large-scale or economically unviable.
For these reasons we have developed a custom-fit solution for you: in the framework of a workshop we determine your status quo, check both your technologically and organizationally IT security, and draft concrete action recommendations that are thoroughly tailored to your company and your budget.
In doing so, we take the two core questions that exemplify the need and the tension regarding security solutions for small and medium-sized companies into consideration:
- What is the right amount of IT Security for your company?
- How can your needs be realized within your set budget?
We approach the field of IT security with a holistic view from the perspective of the international standard ISO/IEC 27001 and evaluate the availability, confidentiality and integrity of your data. Therefore, it’s not just about technology, but also about the protection against ransomware and phishing attacks, backup, and emergency plans. Moreover, we also consider legal requirements such as statutory email archiving and the GDPR data protection requirements.
We would be happy to advise you regarding regional or national programs offer public funding programs (e.g. go.digital) that can support you in covering up to 50% of the costs incurred.
IT Security Check – technologically and organizationally.
IT systems must be regularly checked for vulnerabilities in order to proactively prevent automated and targeted attacks. You should never solely rely on software scans, as they only identify a fraction of the actual risks.
The security checks developed by our partner Greenhats® combine these scans with manual checks – carried out by certified white hat hackers. Furthermore, our specialists check the security of your IT infrastructure and evaluate your contingency planning. This includes, for example, the following questions:
- Is there a contingency plan in case of IT breakdowns, the loss of critical business data, the encryption of data or a virus attack, the aftermath of a virus attack or a case of fire?
- Are the most important passwords safely stored in case of an emergency?
- Is all of the business-critical data backed up completely and regularly and stored appropriately?
- Is the use of email, internet and the careful handling of passwords regulated?
- Are the servers adequately protected against external and internal access?
- Are security updates installed regularly and in a timely manner?
- Is there sufficient protection against the theft of mobile devices?
In a joint effort, we analyze your security requirements and define concrete goals for your company.
As an authorized partner of the Federal Ministry for Economic Affairs and Energy, INS can apply for up to 50% funding for this analysis, provided that your company falls within the scope of the respective regulations for regional or national funding programs (SME).
Employee training: Awareness trainings that stick in one’s memory
In our experience, it is less the technological vulnerability that leads to critical security incidents. Rather, more often than not it is insufficiently trained employees who for example, out of ignorance, click on the wrong link and thus open the floodgates to ransomware attacks. The minute that all company data has been encrypted, it is often too late for any kind of help, since in many cases we witness insufficient backup data storage.
We work closely with our partner Greenhats® in order to train employees in the best possible way: With the aim to make the oftentimes boring security training courses more efficient, Greenhats® offers IT security training courses in movie quality with integrated test procedures, so that the knowledge learned can be validated directly.
Attack simulations e.g. in the form of a phishing campaign are recommended in addition to the trainings. Targeted persons will be asked to reveal access data with deceptively real-looking emails. Due to the mass of daily email traffic and time constraints, this works regularly. INS itself employs these solutions to regularly train our teams – we don’t merely consist of IT security specialists in our company, and we like to keep the entire workforce up-to-date with the solutions from our partner Greenhats®.
Data protection audit
During a data protection audit, your company will be checked for GDPR compliance. This is serves to determine the current status of the company in regards to the processing of personal data. Through personal interviews with employees, reviews of the existing data protection documents and the inspection of the systems and processes, it can be determined to what extent your company has already established data protection.
Moreover, during the audit, the company’s fundamental data protection management can be subjected to an audit. The results are reviewed and evaluated to identify the actual need for action or optimization opportunities regarding data protection and data security in your company.
We provide secure IT for you
Make an appointment with us for a free initial consultation, during which we will discuss your specific requirements and show you the various options.
IWL-study: What makes companies willing to start the digitization process tick?
Digitization is not a tiresome topic – on the contrary: 89% of the entrepreneurs who were surveyed by the Institute for Innovation and Information management (IWL) as part of a study stated that they perceive digitization as more of an opportunity and less as a risk.
The “IWL” study shows how companies really tick: On what do SMEs set their focus, how do they act and what potential and hurdles are revealed within the context of digital solutions? These various points are explained on the basis of hypotheses and finally discussed in the current version.
You can get the study free of charge from the Digitalzentrum Berlin: https://digitalzentrum.berlin/ich-will-loslegen-studie-bestellen (German language).