The serious fire at Europe’s largest cloud provider OVHcloud last week vividly illustrates the consequences that can occur for companies if IT security is not given appropriate priority.
Due to the fire, all servers had to be shut down. The result: according to media reports, more than 3 million websites were at least temporarily unavailable. Among them were also those of smaller government institutions in various countries. And: Some customers lost data completely.
Many companies are only slowly realizing that IT security is not optional. Nevertheless, many still deal with the topic far too superficially and in many cases simply rely on “the cloud”.
The devastating fire at OVHcloud is a good example of what this can lead to. According to press reports, a number of customers lost data for good because they had not provided a sufficient backup.
The corona pandemic has given SMEs in particular a boost in digitization. Collaboration tools have reached an unprecedented level of penetration. Home office is widely accepted by employers. For many companies and employees, everyday life in the company has improved and made it easier. Despite all the euphoria, one shouldn’t forget data protection and information security. The BSI (short for Federal Office for Information Security) also reminds of this in its “Report on the Situation of IT Security in Germany 2020” from October 20, 2020, in which it states that the attack surface and the associated cyber threat to criminals increased during the pandemic.
Read more … Risk in the area of information security and data protection from Corona intensified
von Swen
The digitization of processes, the outsourcing of data to cloud solutions, email archiving, the implementation of the requirements from the GoBD with regard to the documentation of digital business processes with corresponding storage solutions and backups as well as the handling of the extensive requirements for IT security and data protection resulting from all this are all part of the The center of the action.
Data storage is increasingly moving to the clouds, away from local servers. What many companies are not aware of: Although it is practical to hardly have to worry about anything, you still have to ensure data protection and information security yourself.
Read more … Information security and data protection in clouds
von Tobias
Information security, data protection and IT security are three terms that are often used in the same context in everyday life, but have different meanings. The corresponding measures usually go hand in hand, but data protection, data security and IT security have very different priorities. All three areas are of crucial importance within a company. You can find out what is important in detail and what the specific differences are in the blog article.
Read more … Information security, IT security and data protection – terms simply explained
von Nadja-Maria
The judgment of the European Court of Justice, which determined the ineffectiveness of the Privacy Shield Agreement between the European Union and the USA (Schrems II), did not go unnoticed in the USA either. In response, the US Department of Commerce has now published a white paper on data protection risk analysis as part of data export to the USA.
Read more … Response to Schrems II judgment US Department of Commerce publishes white paper
For many laypeople in information security, the term cryptography is exactly one thing: namely, cryptic. Very few people know what to do with the term immediately, let alone why this term is central in the context of information security and data protection. In the following, the basics of cryptography are to be presented briefly and clearly, even for laypeople.
von Tobias
The Swedish fashion brand H&M is said to pay a fine of 35.3 million euros for spying on employees. Hundreds of employees at the service center in Nuremberg are said to have been monitored. The Hamburg commissioner for data protection, Johannes Caspar, justified the decree on Thursday. Read the blog article to learn more about the GDPR fine against H&M.
von Das Team der aigner business solutions GmbH
Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.
In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.