IT SecurityOur services to secure zour systems

What is thought to be secure today might be unsecure tomorrow!

Implementation and upkeep of an IT security level corresponding to the user’s needs is one of the biggest challenges in the hosting of internet applications today and will be in the future. New legal requirements to data protection have to be met and the trust of customers and reputation of the company have to be upheld.

IT security management has to be understood as a cyclic process containing strategic planning, realization, efficiency control and dealing with discovered issues and weaknesses. Therefore we have structured our IT security services based on continuous optimization according to the PDCA model.


IT security planning

IT security concept

IT security concept with risks and the demand for protection in mind

Risk analysis and technical risk evaluation to define effective security controls according to individual demands of availability, data integrity and privacy

Ongoing risk management to define the efficiency of existing security controls by means of automated processes to analyze vulnerabilities and threats

Information collected from monitoring, vulnerability scans, KPI trends and security audits are integrated into the analysis

Further information


IT security management

individual security policies

Operative IT security by realization of individual security policies

Technical security controls such as VPNs, network firewalls and web application firewalls create a constantly high security level

Procedural security controls such as software inventory, system hardening, monitoring of vulnerabilities and patch management are part of the preventive protective measures

In security reviews, we check whether technical security measures and procedures do correlate with the risk evaluations

Further information


IT security monitoring

Security Monitoring

Real-time monitoring for early recognition of cyber attacks

Log management on central log servers for audit-proof archiving of protocols from networks, operating systems and applications

Security event management correlates events from network monitoring with the metrics of the system observation and data of the log management

With Managed SIEM for Private Clouds, we will provide you with an integral security management spanning hosting platform, security controls, operating system and application software

Further information


IT security assessment

Security scans and penetration tests

Security scans and penetration tests in order to check the security controls

System security audit with vulnerability scans of network, operating system and application, and additionally a manual check for False Positives

Web application scans to check for OWASP top 10 vulnerabilities such as Code Injection, Authentication Vulnerability and Cross-site Scripting

Creation of security reports containing risk evaluation, code review results and defined concepts of solution proposals

Support of third party security audits by providing net plans of the Private Cloud infrastructure and a Status Quo image of the customer’s IT systems

Further information