Security As A Service
Transparent and efficient designed for you
Is your IT security measurable and targeted? Do you have 100% confidence in your security solution?
Make IT security measurable through our IT consulting, build a targeted bulwark and conserve your resources / avoid unnecessary investments.
Our employees support you in the planning, implementation and monitoring of an Information Security Management System (ISMS). In 4 steps you will quickly and clearly led to the desired result. The solution prepares you for ISO 27001 or BSI certification. In doing so, we access real information from your company and provide you with information about the current development of information security.
Our ISMS services include security checks and the detection of existing vulnerabilities as well as the automated electronic documentation of your system environment and the creation of an emergency manual or emergency management.
Are you lacking the resources and skills necessary to continually adapt your defense to the growing threats?
Then take advantage of our specialized staff and use our Security as a Service. We monitor your defenses, operate your firewalls and malware protection, assist you on your way to a secure, modern workplace (Work 4.0), increase your network security and take care of sensitizing your employees.
Your benefits at a glance
- A uniform und central controlled management system
- Saving of costs and time
- Higher Safety and Transparency of (IT-) Businessprocesses
- Better Comparability of Performance
- Effectiv Monitoring and controlling IT risks
- Safety Case of the Organisation towards all Stakeholdern of the Company
- Supplement of ISO 27001 Controls by BSI-Activities
- Overtaking Existing data in conjunction with the IT contingency plan
Less attack surface due to vulnerability management
Every organization has vulnerabilities that cause data and information loss or the loss of business processes. Often obvious weaknesses are overlooked – an open network socket in the cafeteria or a freestanding printer in the corridor Here, an unauthorized person can connect to the corporate network at any time and cause corresponding damage.
We identify your vulnerabilities and disable them permanently!
In interviews organized around logical subject areas, Q-SOFT determines the percentage of completion of a state-of-the-art secure IT environment. Networking, dealing with updates, encryption, contingency planning and data protection concepts are among the relevant areas on which we draw up a detailed list together with you.
For every point that requires action, we give sound recommendations for action.
Modern work is chaotic and requires modern concepts. Your data is no longer limited to your data center and corporate devices. Your data is also on private devices (BYOD) and in clouds.
Decisions are no longer made centrally. Employees make quick, informed decisions that trigger important actions where they are needed. This is the potential of the cloud and mobile devices.
Construct safe mobile innovations with our employees for the contact points in the company. Our solutions protect the modern enterprise with a security architecture for multiple operating systems, clouds and devices – whether it’s a smartphone, laptop or tablet. The potential of each employee can be used with the utmost protection – conveniently, on the move. A managed trusted architecture that supports 4 core requirements for modern work:
Force conditional access based on the device’s risk assessment to protect cloud services such as Office 365, Box, G Suite, and Salesforce from unauthorized access.
Trusted app workspace
Provide and protect cloud apps on the end device with a native ergonomic user experience.
Uniform security policy
Configure and deploy consistent app policies for endpoints and clouds.
Limiting mobile threats
Network security applications must not be missing in any IT infrastructure. Not only foreign devices, visitors and intruders should be kept under control, but also the employees with their smartphones and other devices. The ever-growing variety of end devices allows only one solution –NAC = Network Access Control.
Our experience has shown that internal access protection is neglected in many companies or institutions. Building on this insight, we test your IT infrastructure for VLAN capability, create VLAN concepts, and implement them in your home. Together with you, we create an individual requirement profile for an NAC system, select the appropriate system and implement it in your IT environment.
- … the employees are using private devices in the corporate network 80% 80%
- … threats are initiated from the internal network 75% 75%
We support you in the:
- Implementing Integrated Guest Service (Intelligent and flexible management of all third-party devices through a granular guest ticket system for controlled, temporary LAN and WLAN access, including sponsor and BYOD portal)
- Conception and implementation of IEEE 802.1X (authentication using a RADIUS server based on MAC address, user name / password, AD account or certificate, extended mixed operation with SNMP and 802.1X)
- Implementing compliance policies (enforcing endpoint compliance with any existing sources and automatically responding to security incidents).
Since May 25, 2018, companies must compulsorily implement the General Data Protection Regulation (DSGVO). That’s what companies are about extended obligations to document and implement special protective measures of personal data to. The documentation of personal data is sometimes very complicated for companies. We from Q-SOFT have developed a toolkit for you, which makes the management of the implementation of the GDPR child’s play.
Directories & Documentation
Create your own list of processing activities with simple clicks. Get a detailed overview of your collected data. In the next step, create your impact assessment with useful templates and tips.
Project- & Task Management
The Q / D / S software helps you to keep track of project management and task management. Each entry has a history and a comment function. You can easily create new content, create categories, and use templates
Support & Templates
Receive templates for claimants for information, correction, cancellation or revocation. It also includes templates for data protection agreements with employees, communications to the Data Protection Authority and various checklists.
Das Q/D/S Toolkit offers:
- A gradual processing of the conditions of the GDPR – simple and intuitive
- The preparation of a list of data
- The preparation of the list of processing activities
- The development of the privacy impact assessment