Our security consultancy includes developing and enforcing company-wide policies and auditing while doing penetration tests on each layer of applicational infrastructure. Last but not least, the aspect of IT security encompasses extensive employee training, because often people are "the weakest link in the chain".
We offer a broad range of services that look at IT security from the perspectives of all possible stakeholders. These include the management, all employees, system administrators as well as customers and potential attackers – and of course involves each part of the IT infrastructure and the applications running on it.
At the beginning of such security consulting is the "as-is" analysis, which comprises all existing rules, knowledge bases, system descriptions and catalogues, to get a complete "big picture" of all application and process structures. Rules can then be optimized or introduced, and are enforced by subsequent employee training. Finally, audits and penetration tests help to identify safety-critical parts or implementations, and the final set of recommendations can then finally be implemented by us. We also do an in-depth analysis of security's technical aspects when required, which includes code auditing, best practices enforcement, and do hands-on work like configuring firewalls and network interfaces.