Your company requires ISO 27001 certification, your applications process credit card data, or you are unsure how to comply with the European data protection regulation? We can help with ISO 27001, PCI-DSS and EU-GDPR.
No matter how well-protected you are technologically against attacks, technology is just one aspect of a company’s overall security strategy. How employees behave when security problems occur and how the flow of information is structured in an emergency are just as important. How is your risk management structured? What processes are in place in the event of a cyber attack? Which are the most important systems? In everyday business, too, the ISO standardencourages companies to introduce sensible structures: what regulations are in place for users and access administrators, who is responsible for updating the systems, and what commitments should service providers sign up to?
Maintaining operational business even in an emergency, minimising IT security costs/expenditure without sacrificing an appropriate security level, and fulfilling due diligence, i.e. avoiding personal liability, are the aims of successful ISO 27001 implementation. Whether you wish to apply the standard according to your needs orrequire certification, we can help you to implement the aims of ISO 27001 quickly and inexpensively.
It is not always clear how to process data in a way that will guarantee both data protection in the company and compliance with GDPR requirements. We help you to develop a data protection concept and establish a data processing strategy for your company. We not only look at your company’s processes but also at practical questions concerning data protection in specific applications, the storage of log files and the correct handling of data in the cloud.