IT security services

Companies, authorities and other organisations are increasingly working digitally. This provides more efficient processes, but also threats, as more and more data is stored digitally - a potential target for cyber attacks. This threat is real: One in every three companies in Germany is attacked by cybercriminals. According to a study carried out by KPMG, the number of unreported cases is probably much higher, as one in two detected attacks only comes to light “by chance”. Fortunately, awareness of these threats is also increasing among smaller SMEs, which previously considered themselves “too unimportant” for cyber attacks.

The number of possible attacks increases, for example due to the Internet of Things. Due to the increasing amounts of data, there are more targeted and personalised IT attacks. So what can be done? Deter potential attackers or let their attacks come to nothing? That brings us to IT security. The purpose of it is to reduce the risks of cyber attacks to a tolerable level. There are different approaches to this.

The harder it is made for cyber attackers, the better. Centralised and decentralised approaches complement each other. Network security is centrally important, for instance via firewalls. Network security provides more than just secure networking within the company. It also guarantees the confidentiality, integrity and availability of data and systems in a network. Endpoint security protects (decentrally) the different devices of a network - such as PCs, laptops, smartphones and MFPs - from malware.

The state of IT security - whether centralised or decentralised - should be checked regularly. There are several options for this as well.

During the vulnerability analysis, the entire system, i.e. all networks and devices, is checked for security gaps and vulnerabilities and then evaluated. In the first step, the vulnerability scan, specialised software programmes run through the system. In this way, potential dangers are identified and classified. In the second step of the vulnerability analysis, the reporting, the vulnerabilities are listed in a weighted manner. Concrete countermeasures are derived from this in order to increase IT security quickly and as permanently as possible.

Vulnerability analyses are customised to the company. They only optimise IT security in the long term, if they are repeated on a regular basis. This is the task of vulnerability management. TA Triumph-Adler offers vulnerability analyses as a service with its specialised partners.

The penetration test, or pentest for short, is one step further than the vulnerability analysis. It checks networks and computers for security vulnerabilities. The pentest is a detailed security test that uses methods similar to those used for "hacking". It can be used, for example, to check how effective the countermeasures from the vulnerability analysis are.

Specialised programmes are used to do this, or a hacker may even be employed to discover vulnerabilities. Penetration tests are tailored and adapted to the task at hand, which makes them significantly more sophisticated. It does pay dividends, however, because pentests can identify the extent of previously unknown security vulnerabilities. They reveal the extent to which attackers can penetrate the IT infrastructure and the extent to which they can harm the organisation. A penetration test is always a “call to action”. The company must then take action to eliminate any vulnerabilities. This is why the evaluation is always followed by specific proposals for solutions.

TA Triumph-Adler can help you on your way to greater IT security by carrying out penetration tests and vulnerability scans for companies, authorities  and organisations in conjunction with our specialist partners.

To support you and your employees, we offer workshops and consultations on IT security. We are also happy to take care of your general network security: thanks to updates, patches and sensibly set up workstations, you are always up to date.