Best Practice Consulting

Logo der Vation Technology GmbH

SECURITY



A never ending story

Vation Technology supports corporations who want to draft security policies, concepts, and architectures in order to secure their IT systems and complex infrastructures. Also included in the service are security issues of internet and wireless LANs (WLAN). In context of a security audit, Vation Technology can perform a number of functions:

  • The identification of the "assets" to be protected
    • Data & databases, software, configuration, documents, logfiles etc.
    • Hardware
    • Intangible objects: i.e. the company image

  • Analysis of critical points and weaknesses
    • Which assets are exposed to which (potential) threats?

  • Risk assessment
    • How likely is the occurrence of the threatening failure event?
    • cost comparisons: failure event (incl. recovery), damage circumvention

  • Identification of procedures and tasks
    • Authentification (who?) and authorization (is allowed to do what?)
    • Confidentiality (encryption when data is transferred and stored)
    • Logging and transaction monitoring
    • Availability of hardware and software

In the last years, most corporations have improved their security policy; however the lack of efficiency in transferring these intentions to procedural reality lies inherent to a number of circumstantial factors. One of these is the discussion of how the corporate cost reduction campaign has affected expenditures in the area of security, which opens up the other discussion of whether to outsource data processing altogether in order to save even more. In order to maintain the competitive edge, a service provider will particularly save in the area of security measures, as specialists in this field are expensive and hard to find, and the service provider focuses mainly on providing reasonable service at a competitive price.

Security is not a state of being; it is an ongoing process which has to be lived and understood as duty. The appropriate resources and investments are continuously required, and this is where most companies fail.

The alibi installation of a firewall or a virus scanner on a PC and a server are no replacement for a professional security concept. If this continues security threatens to dwindle and die away in a large number of corporations, such as quality assurance died a few years ago.

The use of the internet in corporations can today be regarded as commonplace. That is why security risk and protection have now become even more critical factors as new threat scenarios and potentially threatened targets of attack have multiplied. The advanced integration of corporate networks with the internet further magnifies the vulnerability of IT systems and infrastructures, multiplying the potential sources of security attacks.

The goal is to provide comprehensive services which reflect our Best Practice background to develop information security policies and procedures for our clients. In developing adequate security architectures, Vation Technology focusses on the particular security requirements of the various operational departments as working individually and together. These are continually changing and can not be regarded as easily catalogued, independent static environments. In order to holistically serve the enterprise, the architecture and infrastructure must be designed to be flexible for the future, so that as new or changed requirements emerge, fast and efficient integrations and changes can be made to it.


Vation Technology GmbH - Max-Planck-Str. 6  -  D-86420 Diedorf - HRB 20056 Augsburg - Tel.: +49-(0) 821-484194 - Fax: +49-(0) 821-484193