IT security is more important than ever ..
and it affects everyone - private individuals, freelancers, companies, offices or practices; even public authorities, schools and daycare centers. IT attacks are becoming increasingly targeted and highly complex technically at all levels. Don't wait - in the worst case, you could lose everything; customer data, trust, your livelihood - not to mention the consequences (liability).
Attackers don't break in, they log in!
IT Security Headlines
IT Security Threats
IT security protection objectives (VIVA CIA)
Categories IT Security
Pillars of IT Security
IT Security - Your Advantages & Our Features At A Glance ..
Traffic
Monitoring / analysis of network traffic to ensure security and confidentiality.
Network
Network security towards "inside" and "outside".
Storage/Data
Storage / data security "inside" and "outside"; Basics such as access restrictions & policies as well as data protection: confidential data, in the cloud or in the network/local.
Access
Access protection and access security as an indispensable part of security.
Devices
Device access protection, encryption and updates as well as the basics like firewall, antivirus, trojans and spam protection as well as access rights etc.
Special
For secrecy protection in the economy, authorities, etc .: from a level of confidentiality (VS-NfD), list of approved & certified IT products, etc.
IT security - classification levels (1-4) in Germany
Top secret = top secret classified information
Highest classification level (level 1) in Germany - if unauthorized access could endanger the existence or vital interests of the Federal Republic of Germany or one of its states.
Secret = Secret classified information
Second highest classification level (level 2) in Germany - if unauthorized access could endanger the security of the Federal Republic of Germany or one of its countries or cause serious damage to its interests.
VS = Classified information
Third classification level (level 3) in Germany - if unauthorized access could be detrimental to the interests of the Federal Republic of Germany or one of its states.
VS-NfD = Classified information, for official use only
Lowest classification level (level 4) in Germany - if unauthorized access could be detrimental to the interests of the Federal Republic of Germany or one of its states.
IT Security - classification levels (1-4) of NATO
NATO Cosmic Top Secret
NATO's highest classification level (Level 1); largely comparable to Top Secret.
NATO Secret
NATO's second-highest classification level (level 2); largely comparable to classified information.
NATO Confidential
NATO's highest classification level (level 3); largely comparable to VS (classified information)
NATO Restricted
NATO's lowest classification level (level 4); largely comparable to VS-NfD (classified information, for official use only).
IT Security - Encryption
General
Symmetrical / Asymmetrical
Data Encryption Standard (DES) - Expired & unsecure!
Advanced Encryption Standard (AES) - Standard for today's encryption
Rivest, Shamir, Adleman (RSA)
Identity Based Encryption (IBE) - PKI · PKG
IBE = Identity Based Encryption (IBE)
PKI - Public Key Infrastructure
PKG = Public Key Generator
Security - General measures
External security
Depending on the protection requirements of a property and/or building, the following minimum requirements are mandatory:
- Protection against intentional and unintentional entry
- Preventing forced entry
- Safety measures (also for outdoor areas)
- Person and vehicle detection
- Preservation of evidence (video recording)
- Automatic alarm
Building security
Depending on the protection requirements of a property and/or building, the following minimum requirements must be planned:
- Fire protection & lightning protection
- Voltage protection & power supply
- Burglary protection
- Smoke protection
- Segmentation of rooms & access
- Key management
- Radiation protection, device attenuation; building security
Basic IT protection
The following IT protection settings are always required:
- IT network segmentation
- IT zone management
- IT port closure
- Zero-Trust - Authentication of all identities
- Firewall & Intrusion Detection
- Anti-virus protection, spam protection
- Permission settings, access restrictions
- Secure logins (factor authentication)
- Encryption (AES or IBS)
- Regular and timely updates
IT security = data protection (recommendations)
IT Security - General Information
- Emails/chat: Check the sender and text (spelling and grammar); never click on links hastily.
- Voice assistants & voice input: these are often very problematic and collect a lot of data about you without asking; disable them if possible.
- When logging in, carefully check the entire URL and security certificate.
- Never disclose your login, password, TAN, PIN, etc.
- Many smart TVs also collect a great deal of data about you; consider carefully beforehand whether you want them to be connected to the internet.
IT security - Your own device
- Access restrictions to a minimum (no admin user, no rights for camera, photos/videos, phone book, messaging, etc.; remove after installation if necessary)
- Disable third-party cookies, location, tracking, advanced logging, voice input, etc.; be as restrictive as possible.
- Current & enabled firewall
- Up-to-date and activated virus scanner (with access scan)
- Install all updates promptlys
IT security - Account security
- Every account should be secured with at least a password; even better is to use what is known as 3-factor authentication (login, password, card, or PIN via text message). Choose a very personal password. Each password should be at least 12-15 characters long and contain 2-5 special characters, upper and lower case letters. Never use names, dates of birth, postal codes, or places of residence—all of these can be known and are very easy to try.
- Sichern Sie Ihr Konto bei Instagram, Facebook, Tiktok usw.: Zugriff nur für bekannte Freunde (immer regelmäßig überprüfen); kein Zugriff von Dritten usw.