Information security, today also called IT security or cyber security, is often associated with secure and audited corporate networks. However, this is only half the truth! What many people forget: Often the basis of a well-executed hacker attack is due to a gap on the website. An open port in the web store or a security update that has not been carried out can also be gateways for cyber criminals!
To ensure the highest possible fail-safety for your web projects, we have made security a top priority at GDA! Nothing happens here without reason and your data is (TüV-Rheinland) checked, thus in the best hands. Of course, this also applies to the topics of data protection (DSGVO) and the associated personal data of your employees or your customers.
In the following, I present the most important to best understand the concept of information security.
Data Protection Auditor (CSO)
The area of information security comprises the categories IT security (technical security), compliance or data protection (the legally required specifications), and processes, documentation and roles (organizational security).
This is precisely where GDA comes in, offering your customers the highest level of security for all of the aforementioned areas in upcoming web projects. See for yourself!
One of the most common causes for successful hacker attacks are outdated, i.e. not updated, software products around and in your company network. The BSI (German Federal Office for Information Security) therefore regularly raises awareness of the need to apply the patches and updates for software products released by the manufacturer as quickly as possible and to update the systems continuously!
Since our customers often lack time in their daily business or simply forget to do this in the heat of the moment, we are happy to relieve them of this important task. Depending on the service level, our team takes care of the complete patch management of your web projects and thus reduces the probability of an incident to a minimum!
Companies are experiencing targeted hacker attacks with increasing frequency. However, many of these incidents by cyber criminals could be detected in advance. Unfortunately, far too few companies are still taking full advantage of the current technological possibilities! The analyses in the area of web monitoring are concerned with potential irregularities that can occur from time to time in a company network. This can be due to individual customer servers or even complete Internet service providers failing or being unavailable for technical reasons!
In a few cases, however, these anomalies are also related to imminent attacks from the World Wide Web. In order to detect this, however, the web traffic and the log files must be analyzed regularly by experts. We are happy to support you in this work and stabilize your sensitive systems with the latest defense measures around web monitoring.
The requirements of the General Data Protection Regulation (GDPR) must be implemented not only in the company, but also in projects. This applies especially to web projects in which a large amount of sensitive, personal data is processed or sent. This means that a data protection analysis must be prepared and dealt with in advance, and this must be kept in mind throughout the course of the project in order to avoid fines from the supervisory authorities in the best case!
After the project has been handed over, at the latest, the users who are responsible for operating the system must be sensitized to the issues of data protection and data security and properly trained. Here, unfortunately, we always experience insufficiently trained personnel who unfortunately do not master the legally required knowledge. Processes for data subject rights must be visualized and implemented, and a single point of contact (SPOC) for data subject inquiries from the compliance area must be installed!
This can be, for example, a mail address such as: email@example.com