Your digital "Home of IT Security"
365 days a year: solutions, knowledge and networking.
Find and offer innovative IT security solutions, take part in our diverse action program and make and maintain contacts.
Become part of the it-sa 365 community!
Make an appointment with
So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.
Create an onsite appointment with
So that you can make an onsite appointment, the appointment request will open in a new tab.
Many private individuals and especially companies continue to underestimate the danger posed by cyber attacks. The German Federal Office for Information Security (BSI) recorded 14.8 million reports of security incidents or cyber attacks in 2021, compared to around 7 million reports in 2020. In addition, 144 million new malware variants were added, which means an increase of 22 percent compared to the previous year. So basically no one is safe from the dangers of the internet. For information technology, however, there are also physical threats that need to be taken into account.
Companies and organisations must therefore take the necessary steps to protect sensitive information from unauthorised access, prepare for failures of critical IT infrastructures and eliminate risky security vulnerabilities. Otherwise, the costs of inaction can be very high and result in not only economic but also legal consequences.
IT security measures do not only protect against threats from the internet. There are numerous physical or human threats that can intentionally or unintentionally threaten IT security. Any employee can cause problems by deliberate manipulation, the theft of data or by operating the system incorrectly. Defective hardware components can also be a source of problems. Natural disasters are also among the risks that IT security management must take into account.
1. confidentiality: only authorised persons have access to certain data.
2. integrity: data and system are reliable, correct and have not been tampered with in any way.
3. authenticity: it is a reliable and credible communication, message, order, etc., which, for example, has not come about through a falsified identity.
4. availability: authorised persons can retrieve data without any problems. An attack on an IT system, for example, can jeopardise this availability.
Methods for implementing such a security concept can be found, for example, in the ISO/IEC 27000 series of standards and the IT-Grundschutz compendium from the BSI. The IT-Grundschutz of the Federal Office for Information Security (BSI) defines the corresponding standards in Germany. However, each company can also ensure and maintain its own individual information security management system. This is a set of strategies and methods with which information security can be guaranteed. However, this also includes the constant critical control and optimisation of these security measures.
According to a Bitkom press release, cyber criminals are currently more present than ever before, with attacks being more serious than in previous years. This statement is confirmed by the Cyberthreat Defense Report of the consulting firm Cyberedge Group: According to the report, 86.2 percent of the companies surveyed worldwide had to deal with cyber attacks or data losses in 2021. In 2014, 61.9 percent had to deal with such incidents. It can be assumed that attacks will continue to increase in the future instead of decreasing. Especially in times when the home office or remote work and the Internet of Things (IoT) are becoming increasingly relevant, the number of inadequately secured points of attack is increasing. Find out about the greatest dangers lurking in the home office and read the recommendations of the BSI for more security in the home office. However, security vulnerabilities can also be found in companies in the form of employees who work in traditional offices.
The protection is usually insufficient, while the attack methods of cyber criminals are evolving almost daily. They use more sophisticated methods that are not always immediately detected. In addition, too many employees have access to too much data and network areas that are not necessary for their work. If a hacker has gained unauthorised access at an unsecured point, he or she can access all other network areas and data. Security checks and risk analyses are not carried out and response strategies for emergencies are not in place.
However, in order to prevent future and not only present dangers, continuous measures to optimise IT security are necessary. In addition to virus protection and firewall protection, this also means access control mechanisms, encryption technologies and, above all, sensitising all employees to the topic, which can be achieved through regular training.
However, if a successful cyber attack occurs, escalation rules and emergency management are required to limit the damage. The goal of a security concept is to achieve a constant level of security. To achieve this, it can be helpful for the rules and standards to be recorded in an IT security manual for all employees and managers and for an IT security policy to be incorporated into the corporate culture.
• A firewall protects a single computer or an entire network. It analyses data leaving or entering a computer or network. It blocks network ports from viruses and hackers and provides a barrier between trusted and suspect networks by allowing access only to traffic that meets pre-defined firewall policies.
• An antivirus programme is used to prevent, scan for, detect and remove malicious software. This malware can threaten a system in the form of viruses, worms or Trojans that damage it or spy on data. The anti-malware software scans directories and files for suspicious patterns and activities. These scans can be executed automatically, scheduled or actively initiated by the user. A wide variety of external data carriers can also be scanned for suspicious codes. It is important that users continuously update the software to ward off the latest threats.
• Anti-spyware software detects, prevents or removes spyware, malware or adware that installs itself on the user's computer without their permission. Spyware can spy on a user's activities and personal information, access documents and browsing behaviour, and track keystrokes. This malware sends personal data to another computer, displays unauthorised advertisements tailored to the user, or can change the user's configurations. Anti-spyware software is often also part of anti-virus scanners.
• Secure passwords are of enormous importance and protect against unauthorised access. Many IT users carelessly use passwords that are easy to remember and therefore easy to guess. These may even have a personal reference - a birthday, a nickname or the name of a pet. Codes that hackers can find out via social media sites, for example. If these users also use one and the same password for several accesses and platforms, not only a single site or an individual account is at risk, but several. Effective password management with hard-to-guess passwords is therefore essential for IT security. Password management software serves as a central password repository, but also as a generator of hard-to-guess passwords or of arbitrary sequences of number and letter combinations.
• The network itself, not just individual computers, can be equipped with anti-virus and anti-malware software or a firewall can be used. Alternatively, a company can hire a service provider for monitoring. An encrypted WLAN network also protects it from unwanted intruders.
- Encryption software can be used to encrypt all kinds of data and decrypt it again by authorised persons. For this purpose, encryption algorithms are used and digital keys are created, thus ensuring that even data intercepted during transmission cannot be viewed by unauthorised third parties.
- Security monitoring services can be difficult to finance, especially for small and medium-sized enterprises. However, there are various tools that help with monitoring and inform users of any digital intruder trying to break through their security barriers.
Security measures include physical access control to office buildings, research labs or data centres. This is because intruders can use a physical data carrier to copy data onto it without authorisation or to play malware onto the corresponding system. Any physical access should therefore be monitored and access for unauthorised persons restricted.
Security barriers such as secure doors, fences, walls, but also ID cards, codes and bio-metric authentication features such as fingerprint or facial recognition support companies in denying unauthorised persons access.
The installation of surveillance cameras, heat sensors, motion detectors, etc. can serve constant monitoring or deter burglars.
Above all, regular training sessions that educate employees about current dangers and preventive measures have proven helpful in sensitising employees to IT security. After all, they are the ones who have to activate firewalls and take note of security alerts. They are obliged to keep anti-malware software up to date. They must not click on links from suspicious phishing emails, download unse-rious software or enter sensitive user data on fake, legitimate-looking websites.
A company or organisation can use training and other awareness-raising methods to create a corporate culture in which IT security becomes second nature to employees. Such a company, which also visibly meets high security standards for customers, also creates great trust.
A proper backup copy is stored on a separate system or media from the primary data to eliminate the possibility of data loss due to failure of the primary hardware or software. The alternative medium may be in the same location as the primary medium or in a remote location. In particular, the possibility of weather- or natural disaster-related system failures or human attacks justifies keeping copies at a remote location. Making multiple copies of data provides security and flexibility so that corrupted data can be recovered at any time.
Cybersecurity companies can also be contracted to manage the maintenance and support of all systems in their clients' network - so-called managed services. They manage all functions, monitor the system and carry out security patches and updates to keep companies' IT security up to date. In addition, they take over the recovery of lost data and the repair of damaged systems. SMEs are thus able to save on the upfront costs of hiring and training experts.
Many IT security companies also work in the field of research and development. They produce security tools and software that can be licensed to other IT security companies or to the end users themselves. These range from analysis tools, firewalls and endpoint protection software to email analysis software and system monitoring tools.
An IT security risk assessment or IT security check identifies and evaluates the most important security controls and applications. Security deficiencies and vulnerabilities should then be reduced or completely eliminated. With such a risk assessment, the company protects itself or a contracted IT security company protects its customers from external attackers. Ultimately, such a check should also serve to support executives or managers in making an informed decision regarding IT security.
This involves creating an overview of the most important assets in the most important departments and classifying data according to their sensitivity level and strategic importance. Next, a complete list of malicious, as well as unintentional human or criminal threats, natural disasters or power outages, etc., is usually compiled. Then the vulnerabilities in the system must be identified. Penetration tests and security audits have proven to be particularly effective in this process. In a penetration test, auditors attempt to penetrate a client's network or web application to determine which points are vulnerable. If vulnerable systems can be identified, customised solutions can be developed on this basis to strengthen the defence. A security audit, on the other hand, is designed to determine whether the client's cybersecurity policies, protocols and technologies comply with legal requirements and industry standards.
As if that were not enough, a lack of IT security after an attack is accompanied by a not inconsiderable loss of reputation. If customers cannot be sure that their personal or business data is well stored with the provider or business partner, it can be lost. Acquiring new customers is also difficult with an attacked IT infrastructure and a damaged reputation. Neglecting IT security can even have legal consequences for companies affected by attacks and/or data loss. This includes, for example, the reimbursement of costs caused by damage, fines, contractual penalties and claims for compensation for pain and suffering, for example if personal data is misused.
A lack of IT security is therefore no longer a trivial matter. Especially in times when the various threats are assuming ever greater dimensions, there are no longer any excuses for inadequate protection of one's own IT system. Numerous specialists and IT security companies, which are represented as suppliers at it-sa 365, support you with software, tools and other solutions to secure data and information and thus successfully position your business capability for the future.
Companies and organisations must therefore take the necessary steps to protect sensitive information from unauthorised access, prepare for failures of critical IT infrastructures and eliminate risky security vulnerabilities. Otherwise, the costs of inaction can be very high and result in not only economic but also legal consequences.
IT security: definition and differentiation from related terms
What is IT security? Terms such as IT security, cybersecurity or internet security are often used synonymously. However, there are fine, sometimes barely visible demarcations, which can also be fluid. A somewhat stricter IT security definition, however, means the protection of an IT infrastructure against all damage, threats and dangers. This infrastructure includes data centres, cloud systems, networks, individual computers, mobile devices or IoT equipment and even individual stored files. IT security objectives thus include both the protection of data and all systems that process this data. Each of these systems is now linked to the internet. Cyber-security, an important component of IT security, includes security solutions that defend this infra-structure against cyber-attacks. Among other things, virus scanners, proxy or VPN servers, firewalls and data encryption are used for this purpose. Strict management of access rights for certain network areas as well as strict controls and monitoring of the systems and continuous vulnerability analysis are also part of effective IT security and cybersecurity.IT security measures do not only protect against threats from the internet. There are numerous physical or human threats that can intentionally or unintentionally threaten IT security. Any employee can cause problems by deliberate manipulation, the theft of data or by operating the system incorrectly. Defective hardware components can also be a source of problems. Natural disasters are also among the risks that IT security management must take into account.
Information security
IT and information security are terms that are too often confused. However, IT security is only one component of information security. Both digital and physical data, e.g. in the form of paper files, are part of the protection goals. Information security has the following four priorities:1. confidentiality: only authorised persons have access to certain data.
2. integrity: data and system are reliable, correct and have not been tampered with in any way.
3. authenticity: it is a reliable and credible communication, message, order, etc., which, for example, has not come about through a falsified identity.
4. availability: authorised persons can retrieve data without any problems. An attack on an IT system, for example, can jeopardise this availability.
Methods for implementing such a security concept can be found, for example, in the ISO/IEC 27000 series of standards and the IT-Grundschutz compendium from the BSI. The IT-Grundschutz of the Federal Office for Information Security (BSI) defines the corresponding standards in Germany. However, each company can also ensure and maintain its own individual information security management system. This is a set of strategies and methods with which information security can be guaranteed. However, this also includes the constant critical control and optimisation of these security measures.
Data security
In contrast to data protection, data security is intended to ensure the confidentiality, integrity and availability not only of personal data, but of all data. This also concerns digital and analogue data, which should be protected against manipulation, threats, damage, loss and unauthorised access. Data security is often seen as part of the broader information security.IT security objectives - why IT security is important
Hardly any company can do without some kind of information technology these days. This can be just a single computer connected to the internet or a complex IT infrastructure in the form of a data centre or cloud computing. In all cases, cyber criminals have various points and opportunities to attack.According to a Bitkom press release, cyber criminals are currently more present than ever before, with attacks being more serious than in previous years. This statement is confirmed by the Cyberthreat Defense Report of the consulting firm Cyberedge Group: According to the report, 86.2 percent of the companies surveyed worldwide had to deal with cyber attacks or data losses in 2021. In 2014, 61.9 percent had to deal with such incidents. It can be assumed that attacks will continue to increase in the future instead of decreasing. Especially in times when the home office or remote work and the Internet of Things (IoT) are becoming increasingly relevant, the number of inadequately secured points of attack is increasing. Find out about the greatest dangers lurking in the home office and read the recommendations of the BSI for more security in the home office. However, security vulnerabilities can also be found in companies in the form of employees who work in traditional offices.
The protection is usually insufficient, while the attack methods of cyber criminals are evolving almost daily. They use more sophisticated methods that are not always immediately detected. In addition, too many employees have access to too much data and network areas that are not necessary for their work. If a hacker has gained unauthorised access at an unsecured point, he or she can access all other network areas and data. Security checks and risk analyses are not carried out and response strategies for emergencies are not in place.
Does IT security require a sophisticated IT security concept?
IT security in a company can only be guaranteed with a detailed security concept that takes all eventualities into account. IT security concepts are central and important components of IT security or information security management systems. They define security goals, identify potential security risks and evaluate them. On this basis, appropriate countermeasures can be developed to protect the company and its data as well as customer data. The measures minimise any potential threat to the IT infrastructure and its various interfaces. Read this white paper from IBM to find out which security platform is best for you.However, in order to prevent future and not only present dangers, continuous measures to optimise IT security are necessary. In addition to virus protection and firewall protection, this also means access control mechanisms, encryption technologies and, above all, sensitising all employees to the topic, which can be achieved through regular training.
However, if a successful cyber attack occurs, escalation rules and emergency management are required to limit the damage. The goal of a security concept is to achieve a constant level of security. To achieve this, it can be helpful for the rules and standards to be recorded in an IT security manual for all employees and managers and for an IT security policy to be incorporated into the corporate culture.
How to implement IT security in your company
IT security encompasses numerous levels in a company or within an organisation. Various measures should be implemented here, which are constantly tested for their effectiveness and further developed in order to ward off current threats.Software
Much can be achieved at the software level to protect a company's information technology and data:• A firewall protects a single computer or an entire network. It analyses data leaving or entering a computer or network. It blocks network ports from viruses and hackers and provides a barrier between trusted and suspect networks by allowing access only to traffic that meets pre-defined firewall policies.
• An antivirus programme is used to prevent, scan for, detect and remove malicious software. This malware can threaten a system in the form of viruses, worms or Trojans that damage it or spy on data. The anti-malware software scans directories and files for suspicious patterns and activities. These scans can be executed automatically, scheduled or actively initiated by the user. A wide variety of external data carriers can also be scanned for suspicious codes. It is important that users continuously update the software to ward off the latest threats.
• Anti-spyware software detects, prevents or removes spyware, malware or adware that installs itself on the user's computer without their permission. Spyware can spy on a user's activities and personal information, access documents and browsing behaviour, and track keystrokes. This malware sends personal data to another computer, displays unauthorised advertisements tailored to the user, or can change the user's configurations. Anti-spyware software is often also part of anti-virus scanners.
• Secure passwords are of enormous importance and protect against unauthorised access. Many IT users carelessly use passwords that are easy to remember and therefore easy to guess. These may even have a personal reference - a birthday, a nickname or the name of a pet. Codes that hackers can find out via social media sites, for example. If these users also use one and the same password for several accesses and platforms, not only a single site or an individual account is at risk, but several. Effective password management with hard-to-guess passwords is therefore essential for IT security. Password management software serves as a central password repository, but also as a generator of hard-to-guess passwords or of arbitrary sequences of number and letter combinations.
• The network itself, not just individual computers, can be equipped with anti-virus and anti-malware software or a firewall can be used. Alternatively, a company can hire a service provider for monitoring. An encrypted WLAN network also protects it from unwanted intruders.
- Encryption software can be used to encrypt all kinds of data and decrypt it again by authorised persons. For this purpose, encryption algorithms are used and digital keys are created, thus ensuring that even data intercepted during transmission cannot be viewed by unauthorised third parties.
- Security monitoring services can be difficult to finance, especially for small and medium-sized enterprises. However, there are various tools that help with monitoring and inform users of any digital intruder trying to break through their security barriers.
Physical IT security: companies protect themselves from analogue threats
IT security also means protecting the system from physical attacks, intruders or other attacks that can harm the company and its assets and data. This includes accidents, fires and even natural disasters such as floods, earthquakes and storms that can destroy servers, computers and other equipment or cause power outages. Therefore, appropriate contingency plans should be developed to protect data from damage and corruption. People who steal physical equipment or commit vandalism are also a threat.Security measures include physical access control to office buildings, research labs or data centres. This is because intruders can use a physical data carrier to copy data onto it without authorisation or to play malware onto the corresponding system. Any physical access should therefore be monitored and access for unauthorised persons restricted.
Security barriers such as secure doors, fences, walls, but also ID cards, codes and bio-metric authentication features such as fingerprint or facial recognition support companies in denying unauthorised persons access.
The installation of surveillance cameras, heat sensors, motion detectors, etc. can serve constant monitoring or deter burglars.
Raising awareness among staff
Whether intentional or not, the biggest vulnerability in IT security remains the human element. The best security systems are therefore ineffective if their users are not aware of the various dangers and rigorously follow appropriate countermeasures.Above all, regular training sessions that educate employees about current dangers and preventive measures have proven helpful in sensitising employees to IT security. After all, they are the ones who have to activate firewalls and take note of security alerts. They are obliged to keep anti-malware software up to date. They must not click on links from suspicious phishing emails, download unse-rious software or enter sensitive user data on fake, legitimate-looking websites.
A company or organisation can use training and other awareness-raising methods to create a corporate culture in which IT security becomes second nature to employees. Such a company, which also visibly meets high security standards for customers, also creates great trust.
Data backup and recovery
The creation and storage of copies serve to protect the company from data loss. Recovery usually involves restoring the data to the original location or to an alternative location where it may be safer and can be used.A proper backup copy is stored on a separate system or media from the primary data to eliminate the possibility of data loss due to failure of the primary hardware or software. The alternative medium may be in the same location as the primary medium or in a remote location. In particular, the possibility of weather- or natural disaster-related system failures or human attacks justifies keeping copies at a remote location. Making multiple copies of data provides security and flexibility so that corrupted data can be recovered at any time.
Manage access rights
Staff access should be limited to the resources they really need to do their job. To do this, companies must define and delimit specific network segments, for example, for which only authorised individual persons, devices or locations are permitted.IT security: companies offer smart solutions
IT security companies protect businesses from various cyber threats. They develop new technologies and create products that serve to defend a company's digital assets. They provide their expertise and software tools, which are not always available, especially in small and medium-sized companies. They conduct security checks in the form of penetration tests and security audits.Cybersecurity companies can also be contracted to manage the maintenance and support of all systems in their clients' network - so-called managed services. They manage all functions, monitor the system and carry out security patches and updates to keep companies' IT security up to date. In addition, they take over the recovery of lost data and the repair of damaged systems. SMEs are thus able to save on the upfront costs of hiring and training experts.
Many IT security companies also work in the field of research and development. They produce security tools and software that can be licensed to other IT security companies or to the end users themselves. These range from analysis tools, firewalls and endpoint protection software to email analysis software and system monitoring tools.
How to recognise that your IT security concept is sufficient
The rapidly changing threat situation with regard to cybercrime is causing more and more uncertainty in the economy. The question of whether your own IT security concept is sufficient is therefore not only justified, but also necessary. It should always be in the foreground so that companies can protect themselves from cyber criminals who are continuously developing their methods and instruments.An IT security risk assessment or IT security check identifies and evaluates the most important security controls and applications. Security deficiencies and vulnerabilities should then be reduced or completely eliminated. With such a risk assessment, the company protects itself or a contracted IT security company protects its customers from external attackers. Ultimately, such a check should also serve to support executives or managers in making an informed decision regarding IT security.
This involves creating an overview of the most important assets in the most important departments and classifying data according to their sensitivity level and strategic importance. Next, a complete list of malicious, as well as unintentional human or criminal threats, natural disasters or power outages, etc., is usually compiled. Then the vulnerabilities in the system must be identified. Penetration tests and security audits have proven to be particularly effective in this process. In a penetration test, auditors attempt to penetrate a client's network or web application to determine which points are vulnerable. If vulnerable systems can be identified, customised solutions can be developed on this basis to strengthen the defence. A security audit, on the other hand, is designed to determine whether the client's cybersecurity policies, protocols and technologies comply with legal requirements and industry standards.
Failed IT security: the consequences are severe
The consequences of inadequate IT security can be enormous and damaging to business in many ways. Cyber attacks and system failures, for example, interrupt business processes. Ransomware that takes business and customer-relevant data hostage can lead to very high ransom payments - and even then, there is no guarantee that the attackers will actually release the relevant data (you can read about the five most common gateways for ransomware into the company network in this technical article). Industrial espionage is also not uncommon and can lead to the theft of intellectual property that is extremely valuable for the respective company and its future. Identity theft, theft of banking and credit information and the deletion or corruption of important data are also among the consequences of many cyber-attacks, leading to the endangerment of customers and employees, production errors or the compromising of company processes.As if that were not enough, a lack of IT security after an attack is accompanied by a not inconsiderable loss of reputation. If customers cannot be sure that their personal or business data is well stored with the provider or business partner, it can be lost. Acquiring new customers is also difficult with an attacked IT infrastructure and a damaged reputation. Neglecting IT security can even have legal consequences for companies affected by attacks and/or data loss. This includes, for example, the reimbursement of costs caused by damage, fines, contractual penalties and claims for compensation for pain and suffering, for example if personal data is misused.
A lack of IT security is therefore no longer a trivial matter. Especially in times when the various threats are assuming ever greater dimensions, there are no longer any excuses for inadequate protection of one's own IT system. Numerous specialists and IT security companies, which are represented as suppliers at it-sa 365, support you with software, tools and other solutions to secure data and information and thus successfully position your business capability for the future.
