Achilles’ heel cyber security.

Cyber attacks are a fundamental threat for many companies. Attacks on inadequately protected applications or the unplanned disclosure of sensitive data repeatedly lead to major damage.

Our information security management ensures that the applications we create meet high data protection and information security standards. We regularly have the effectiveness of the measures we have taken confirmed by an independent auditor.

Our services

Sensibilisation
The basis of any security architecture is that all employees react to potential threats with their eyes open. To this end, we regularly carry out appropriate awareness measures.
Independent assessment of our protection status
We regularly have the effectiveness of our implemented measures reviewed in an independent audit.
We regularly have the effectiveness of our implemented measures reviewed in an independent audit.
Our ISMS system is based on the principles of the BSI’s IT baseline protection. We implement these principles in a practical manner through a package of measures tailored to the needs of our customers and continuously develop them further.
Secure software development
Today, modern IT systems and applications must be developed from the ground up to be secure and data protection-compliant. We comply with applicable IT security standards and data protection standards (e.g. privacy-by-design, privacy-by-default) right from the development stage.
Risk analysis
If we process personal data using new technologies or if there is any other high risk for data subjects, we support the software design with a data protection impact assessment (DPIA) in accordance with Art. 35 GDPR.
Use of software components
During development, we check the dependencies of the libraries and components used and thus avoid weak points. We support modern standards such as SBOM (Software Bill of Materials) in order to visualise dependencies transparently.

Your benefits

  • Secure software

    Many vulnerabilities in software products can already be avoided during development. Our approach enables us to achieve a high standard of security right from the design and development of applications. The earlier vulnerabilities are found in the development process, the less effort is required to fix them.

  • Secure infrastructure

    A secure infrastructure is a prerequisite for the development and operation of secure applications. Our aim is to realise a high level of security for the IT systems we operate at cost-effective conditions.

  • Avoid negative surprises

    As part of a risk analysis, we identify risks and work with your specialist departments to develop measures to avoid or minimise risks. We support secure operations through technical measures (e.g. monitoring) as well as clear and comprehensible internal processes.

  • Create trust

    In order to maintain a high level of security in the fast-moving IT world, security measures must be regularly scrutinised and updated. We work continuously to optimise our systems and processes in a recurring Plan-Do-Check-Act cycle (PDCA cycle). This documentation also enables us to demonstrate our security level to our customers.

Fields of application

Software development

  • Selection of software components and software libraries
  • Software Bill of Materials (SBoM)
  • Automated software tests
  • Automated analysis of dependencies
  • Automated testing

Infrastructure operation

  • Selection of systems and applications according to technical and commercial aspects
  • Creation of security and data protection concepts
  • Risk analysis
  • Documented processes for a verifiable level of maturity

Handling sensitive data

  • Examination of the data protection requirements
  • Examination of the necessity and implementation of a data protection impact assessment (DPIA)
  • Creation of security and data protection concepts

Cloud deployment

  • Selection of cloud service providers according to technical and legal aspects
  • Pre-check of service providers
  • Setting up security measures for cloud operation

Research

  • Compliance with regulatory requirements relating to data protection and IT security
  • Management of research data
  • Consideration of legal requirements for new software and AI systems

Our projects

  • Project Cases

Internal control system

In this project, a key company process for allocating funds was modernised, making it more robust and secure. The previous procedure comprised many partial solutions with Excel, which involved manual…
  • Project Cases

iSYS PIM at Hama GmbH & Co KG

In this project, a customised product information management system is being developed for the global company Hama GmbH & Co KG, which also serves as a company platform, integrates…
  • Project Cases

ConfigLoader

Unicredit operates CALYPSO platforms that cover a wide range of financial products in the middle and back office. Unicredit is continuously improving the project and maintenance processes for the CALYPSO…
  • Project Cases

HB-deposits

In this project, a core banking system for managing rental deposits was modernised. The focus was on creating ergonomic interfaces and improving the maintainability, expandability and scalability of the…
  • Project Cases

Release upgrade for trading platform

The platform is part of an application landscape that is used front-2-back for trading and processing financial products in investment banking. IndustryFinancial Services / BankingServices(Partial) project managementBusiness analysisSpecialist and…
  • Project Cases

Biological information and documentation system

Development of data management software in the field of genetic engineering work and work with biological agents. The legal requirements for records in accordance with the Genetic Engineering Act…
  • Project Cases

Warehouse management and order picking system

Pollin Electronic, a specialist mail order company for industrial and electronic products, implemented an efficient warehouse management and picking system based on iMotion. The diverse product range posed a…
  • Project Cases

Intelligent grease gun

Development of a new type of intelligent grease gun to improve manual lubrication processes and lubricant management and the associated cloud-based software solution with implementation of smart maint …
  • Project Cases

AdDEDValue

To establish DED processes for different series sizes in vehicle production, it must be possible to store, process and securely provide a wide variety of data across the entire process chain. …

Do you have any questions? We will be happy to help you!

Do you have a project that you would like to talk to us about? You are welcome to contact us at any time. We look forward to getting to know you!

Ralf Blinzig
Ralf Blinzig Koordinator IT-Sicherheit und Datenschutz