Posts

Cyber Gefährdung - Datenschutz und IT-Sicherheit - Corona bedingt verschärft

Risk in the area of information security and data protection from Corona intensified

The corona pandemic has given SMEs in particular a boost in digitization. Collaboration tools have reached an unprecedented level of penetration. Home office is widely accepted by employers. For many companies and employees, everyday life in the company has improved and made it easier. Despite all the euphoria, one shouldn’t forget data protection and information security. The BSI (short for Federal Office for Information Security) also reminds of this in its “Report on the Situation of IT Security in Germany 2020” from October 20, 2020, in which it states that the attack surface and the associated cyber threat to criminals increased during the pandemic.
Read more

Daten, Papierarchieve, DSGVO, was gibt es alles zu beachten?

Data protection in data and paper archives

The digitization of processes, the outsourcing of data to cloud solutions, email archiving, the implementation of the requirements from the GoBD with regard to the documentation of digital business processes with corresponding storage solutions and backups as well as the handling of the extensive requirements for IT security and data protection resulting from all this are all part of the The center of the action.
Read more

Datenschutz und Informationssicherheit in Clouds - was gibt es zu beachten?

Information security and data protection in clouds

Data storage is increasingly moving to the clouds, away from local servers. What many companies are not aware of: Although it is practical to hardly have to worry about anything, you still have to ensure data protection and information security yourself.

Read more

Information security, IT security and data protection – terms simply explained

Information security, data protection and IT security are three terms that are often used in the same context in everyday life, but have different meanings. The corresponding measures usually go hand in hand, but data protection, data security and IT security have very different priorities. All three areas are of crucial importance within a company. You can find out what is important in detail and what the specific differences are in the blog article.

Read more

EU-US Privacy Shield im Schrems 2 Urteil gekippt

Response to Schrems II judgment US Department of Commerce publishes white paper

The judgment of the European Court of Justice, which determined the ineffectiveness of the Privacy Shield Agreement between the European Union and the USA (Schrems II), did not go unnoticed in the USA either. In response, the US Department of Commerce has now published a white paper on data protection risk analysis as part of data export to the USA.

Read more

Kryptographie in der Informationssicherheit - Alles rund um das Thema und was es zu beachten gibt

Cryptography in information security

For many laypeople in information security, the term cryptography is exactly one thing: namely, cryptic. Very few people know what to do with the term immediately, let alone why this term is central in the context of information security and data protection. In the following, the basics of cryptography are to be presented briefly and clearly, even for laypeople.

Read more

GDPR fine against H&M: € 35.3 million

The Swedish fashion brand H&M is said to pay a fine of 35.3 million euros for spying on employees. Hundreds of employees at the service center in Nuremberg are said to have been monitored. The Hamburg commissioner for data protection, Johannes Caspar, justified the decree on Thursday. Read the blog article to learn more about the GDPR fine against H&M.

Read more

Hackerangriff

4 steps to holistic IT and information security

Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.

Read more

Aufgaben eines ISB - was macht ein Informationssicherheitsbeauftragter?

Tasks of the information security officer (ISO)

In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.

Read more

TISAX - neuer VDA-ISA Katalog

VDA-ISA for TISAX® certifications: Publication of the new version 5

On August 4th, 2020 the Association of the Automotive Industry published a new version of the Information Security Assessment for TISAX® certifications. The current version 5.0 of the VDA-ISA catalog brings with it a new structure and fundamental changes in the structure of the modules. Find out more about the changes and the validity of the new requirements in our blog article.

Read more