Security As A Service

Transparent and efficient designed for you


We protect your IT infrastructure in an emergency. We make your IT security transparent and measurable – as a process.

Vulnerability Analysis

We identify your vulnerabilities and disable them permanently.


We protect your mobile devices – from smartphones to laptops and tablets. Maximum protection, even when on the move.

Network Security

With us you always know who is in your network. We create VLAN concepts and implement them in your house.

Data Protection

We help you with the implementation of the GDPR. Our DSGVO Toolkit Q / D / S facilitates the administration of personal data.


Is your IT security measurable and targeted? Do you have 100% confidence in your security solution?

Make IT security measurable through our IT consulting, build a targeted bulwark and conserve your resources / avoid unnecessary investments.

Our employees support you in the planning, implementation and monitoring of an Information Security Management System (ISMS). In 4 steps you will quickly and clearly led to the desired result. The solution prepares you for ISO 27001 or BSI certification. In doing so, we access real information from your company and provide you with information about the current development of information security.

Our ISMS services include security checks and the detection of existing vulnerabilities as well as the automated electronic documentation of your system environment and the creation of an emergency manual or emergency management.

Are you lacking the resources and skills necessary to continually adapt your defense to the growing threats?

Then take advantage of our specialized staff and use our Security as a Service. We monitor your defenses, operate your firewalls and malware protection, assist you on your way to a secure, modern workplace (Work 4.0), increase your network security and take care of sensitizing your employees.

Your benefits at a glance
  • A uniform und central controlled management system
  • Saving of costs and time
  • Higher Safety and Transparency of (IT-) Businessprocesses
  • Better Comparability of Performance
  • Effectiv Monitoring and controlling IT risks
  • Safety Case of the Organisation towards all Stakeholdern of the Company
  • Supplement of ISO 27001 Controls by BSI-Activities
  • Overtaking Existing data in conjunction with the IT contingency plan

Weak Spots


Less attack surface due to vulnerability management

Every organization has vulnerabilities that cause data and information loss or the loss of business processes. Often obvious weaknesses are overlooked – an open network socket in the cafeteria or a freestanding printer in the corridor Here, an unauthorized person can connect to the corporate network at any time and cause corresponding damage.

We identify your vulnerabilities and disable them permanently!

In interviews organized around logical subject areas, Q-SOFT determines the percentage of completion of a state-of-the-art secure IT environment. Networking, dealing with updates, encryption, contingency planning and data protection concepts are among the relevant areas on which we draw up a detailed list together with you.

For every point that requires action, we give sound recommendations for action.


Work 4.0

Modern work is chaotic and requires modern concepts. Your data is no longer limited to your data center and corporate devices. Your data is also on private devices (BYOD) and in clouds.

Decisions are no longer made centrally. Employees make quick, informed decisions that trigger important actions where they are needed. This is the potential of the cloud and mobile devices.

Construct safe mobile innovations with our employees for the contact points in the company. Our solutions protect the modern enterprise with a security architecture for multiple operating systems, clouds and devices – whether it’s a smartphone, laptop or tablet. The potential of each employee can be used with the utmost protection – conveniently, on the move. A managed trusted architecture that supports 4 core requirements for modern work:

Cloud Access

Force conditional access based on the device’s risk assessment to protect cloud services such as Office 365, Box, G Suite, and Salesforce from unauthorized access.


Trusted app workspace

Provide and protect cloud apps on the end device with a native ergonomic user experience.

Uniform security policy

Configure and deploy consistent app policies for endpoints and clouds.


Recognition &
Limiting mobile threats

Protect against data loss from mobile threats without reducing user productivity.

Network Security

Network security applications must not be missing in any IT infrastructure. Not only foreign devices, visitors and intruders should be kept under control, but also the employees with their smartphones and other devices. The ever-growing variety of end devices allows only one solution –NAC = Network Access Control.

Our experience has shown that internal access protection is neglected in many companies or institutions. Building on this insight, we test your IT infrastructure for VLAN capability, create VLAN concepts, and implement them in your home. Together with you, we create an individual requirement profile for an NAC system, select the appropriate system and implement it in your IT environment.

  • … the employees are using private devices in the corporate network 80% 80%
  • … threats are initiated from the internal network 75% 75%
We support you in the:
  • Implementing Integrated Guest Service (Intelligent and flexible management of all third-party devices through a granular guest ticket system for controlled, temporary LAN and WLAN access, including sponsor and BYOD portal)
  • Conception and implementation of IEEE 802.1X (authentication using a RADIUS server based on MAC address, user name / password, AD account or certificate, extended mixed operation with SNMP and 802.1X)
  • Implementing compliance policies (enforcing endpoint compliance with any existing sources and automatically responding to security incidents).

Date Security

Since May 25, 2018, companies must compulsorily implement the General Data Protection Regulation (DSGVO). That’s what companies are about extended obligations to document and implement special protective measures of personal data to. The documentation of personal data is sometimes very complicated for companies. We from Q-SOFT have developed a toolkit for you, which makes the management of the implementation of the GDPR child’s play. 


Directories & Documentation

Create your own list of processing activities with simple clicks. Get a detailed overview of your collected data. In the next step, create your impact assessment with useful templates and tips.

Project- & Task Management

The Q / D / S software helps you to keep track of project management and task management. Each entry has a history and a comment function. You can easily create new content, create categories, and use templates


Support & Templates

Receive templates for claimants for information, correction, cancellation or revocation. It also includes templates for data protection agreements with employees, communications to the Data Protection Authority and various checklists.

Das Q/D/S Toolkit offers:
  1. A gradual processing of the conditions of the GDPR – simple and intuitive
  2. The preparation of a list of data
  3. The preparation of the list of processing activities
  4. The development of the privacy impact assessment
“Achieve a new, measurable level of IT security in your infrastructure!”     Thomas Fischer-Blank

Protection Manager, Q-SOFT GmbH

“Design your IT security transparently and measurably – as a process!” Marco Gräf

Teamleader, Q-SOFT GmbH

Our Partners