In the beginning is the security concept.
The development of a security concept is often the beginning of information security management. The aim of the security concept is to identify the necessary protection requirements of information, systems and processes and to define measures that are suitable for achieving a security level appropriate to this protection requirement. Based on the experience of SRC, the following procedure is suitable:
This allows risks to be evaluated in a structured manner (risk analysis) and risk management measures to be defined.
SalesSRC Security Research & Consulting GmbH
SRC supports you in the development of security concepts and in the selection and implementation of concrete measures on various topics.
Examples of important topics are:
Development of secure networks
In heterogeneous networks there are areas that require more protection than others — internal networks must be protected against attacks from the public network, network servers must be of high availability. We solve these tasks in close cooperation with you, create a proper concept and support you in its implementation.
The goal of contingency plans is to be able to maintain business operations even in the event that certain parts or the entire IT infrastructure should fail. In cooperation with you, we determine the essential business processes, prioritize them and identify the dependency of these processes on IT. Depending on the prioritization of processes and the maximum tolerable downtime of the IT, we define measures to ensure that the tolerable downtime is not exceeded.
Maintenance through security management
To ensure that the security level once achieved by a security concept can be maintained permanently, it is advisable to establish a process that allows the concept to be permanently updated as part of a security management system.