• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WIEMER / ARNDT – Data Protection | Online Marketing | IT Security

WIEMER / ARNDT - Data Protection | Online Marketing | IT Security

DSGVO

+49 (0)30.403 649 830

  • DE
  • ES
  • Online Marketing
  • Data Protection
  • IT Security
  • Our Clients
  • Team
  • CONTACT US

IT Security


The relevance of IT security is only recognized if it is missing. Don’t let it get that far. IT security takes place on the following synergetic level: Data centers, e.g. for hosting websites and email traffic or centrally provided applications or data, as well as so-called cloud solutions. Local servers in companies, e.g. for controlling email traffic via Exchange or here for the applications or data made available. Computer workstations in the form of stationary computers, laptops and/or mobile end devices such as smartphones and tablets.

Data centers
Local servers
Computer workstations



IT security concept

The relevance of IT security is not recognized until errors are detected.


A secure interaction of the 3 components is described in an IT security concept. IT security is especially relevant for the protection of personal data and for the protection of company secrets. An IT security concept should and – in the area of personal data – must ensure that the following goals are achieved.

  • Protection against loss of availability, integrity, authenticity or confidentiality of data
  • Protection against loss of important system functions or data loss due to erroneous manipulation or sabotage.
  • Protection against loss of reputation: damage to the company’s reputation and damage to its image.
  • Protection against costs of downtime, repairs, legal disputes, injunctions, penalties, fines and warnings.
  • Protection against loss of market share, slump in sales and profits and economic existence.

As a national authority, the Federal Office for Information Security (BSI) defines standards for IT security.


Download Whitepaper(German)
Download Requirements(German)



The goals that are to be achieved technically.


Confidentiality

Protection against unauthorised disclosure of information. The data may only be made available to authorised persons in the permitted manner.

Availability

The data should be able to be used by the users as intended.

Integrity

Integrity means that data is correct, that this is ensured and that the data processing systems function correctly.

Load capacity

The availability of data should be “guaranteed”.

Raising awareness

IT users and employees should be convinced of the correctness and importance of the regulations, procedures and measures to increase the level of information security.


We are looking forward to meeting you!

Kontakt

We support you

in the implementation of your IT security concept through the following services


Creation of the reference architecture

  • Determination of the object of investigation and the critical business processes
  • Location and infrastructure (properties, buildings, rooms)
  • networks, communication links and external interfaces used (information network)
  • existing IT systems (clients, servers, network coupling elements, mobile devices, etc.)

Definition of structure and tasks of participating projects and institutions:

Area of validity: The joint use of the spatial and technical infrastructure in the facility creates an IT network. All projects and facilities are to be logged at this IT network.

Cooperating projects and partners:

Tasks and objectives of the individual projects and institutions involved are to be listed briefly and included in the conceptual process.

Structure of the IT security concept:

The IT security concept is converted into a basic concept according to BSI IT Grundschutz-Kompendium (IT Basic Protection Compendium).

IT security management process:

There are no generally applicable rules for the structuring of safety management; rather, we will take the special circumstances of the existing management structures into account here.


Kontaktieren Sie uns

Klicken Sie hier…

1. Safety goals

Definition and quantification of risks:

Definition and effects of damage as a result of risks in information processing.

Legal situation:

  • Data protection law
  • Perspective Civil Law
  • Compensation risks
  • Conclusion and framework for action

Legal foundations:

  • Data protection regulations according to EU – Basic data protection regulation



2. audit structural analysis

  • Presentation of the existing IT systems
  • Overview: Rooms / IT Systems / IT Applications
  • Overview: Network
  • Network
  • Workstation computer
  • IT Support
  • Visualization and assignment of IT applications to IT systems



3. definition of protection requirements

Determination of the need for protection on the basis of the basic threats:

  • Loss of confidentiality
  • Loss of integrity
  • Loss of availability



4. Risk analysis

  • Representation of the hazards of higher-level components.
  • Presentation of the hazards of infrastructure components.

  • Presentation of the hazards of the IT systems under consideration



5. Catalogue of measures

Technical-organisational measures:


Standards of the institution for order processing, data protection and information security




6. Preparation of other applicable documents

Organisation chart

Management, employees, infrastructure and IT department/service provider

Compliance Policies

Coroporate Compliance Manual

In-house IT guidelines

  • locking plan
  • Access control
  • Authorization concept
  • Representation plan: according to organization manual
  • Employee sensitisation: Awareness campaigns – rules on the use of passwords
  • Encryption of e-mail attachments

Maintenance concept / Infrastructure

According to responsibilities (from organization manual?)

Management and Executive: – Management and Executive Structure Organization Chart – IT Role and Staff IT: – IT Structure Organization Chart

  • Management and Executive: – Management and Executive Structure Organization Chart – IT Role and Staff IT: – IT Structure Organization Chart
  • Infrastructure & Logistics: Logistics Structure Organization Chart

Handling security systems:

  • IT Service Provider: Maintenance Contract IT Service/Security Agreement
  • Internet access / DSL connection: Handling TK & Internet access
  • Data and file deletion: Handling Data and file deletion
  • Property management/House technology: Handling Property management/House technology
  • BMZ Fire alarm system, handling Fire alarm control panel, cleaning service Handling Cleaning service

Software Management

  • Software licenses and contracts
  • Overview of contracts and IT

virus protection concept

  • Antivirus software


Download Whitepaper(German)
Download Requirements(German)


Our clients

Who trust us in IT security


IT Security
avatar

Testing

Building material testers
IT Security
avatar

Neue Lebenswege

charitable company
IT Security
avatar

Intersport Gärtner

Sports retailers

We are looking forward to meeting you!

Kontakt

Our team

IT security team



Rebecca Wiemer
Christian Arndt

Bianca Dürschlag
Anastasia Rupp
Eugen Hoppe
Katharina Arndt

Elisabeth Sommerhof

Footer

WIEMER / ARNDT

Data Protection and
Online Marketing UG

(limited liability)
Adolfstraße 4
13347 Berlin
T +49 (0) 30.403649830
E kontakt@wiemer-arndt.de

Gewerbestraße 13
79112 Freiburg im Breisgau
Baden
T  +49 (0)7664.9629760

Ilsestraße 7
45888 Gelsenkirchen
RUHR
T +49 (0)209.959 012 55

LINKS

NEWSLETTER
TEAM
Imprint
Privacy policy
www.ohnetomate.de
www.datenschutz-beratung-service.de
www.facebook.com
www.xing.de
  • DE
  • ES
  • Facebook
  • xing

WIEMER / ARNDT - Datenschutz und Online Marketing