To gain a sufficient security level today, it's not enough just to "install" a Firewall. A good, reasonable and suitable security concept is necessary.

The development of a security concept consists of several steps. It depends on the realities and the real needs of the company how sumptuary each step is.
 

The definition of a level of protection-requirements bases on further information, e.g. the priorities and needs of a company. New and changing demands in security have to be considered. A list of properties needing protection and the value of these properties is also part of this aspect.

Risks oppose the priorities. Before someone can talk about risks, the goals have to be defined. Consequences of the risks should be considered and evaluated in the security concept. Very important is the evaluation of the risk-probability.

Before starting with further steps, an analysis of the cost and benefit of each single step should be done. Only if this is considered, the steps lead a suitable way to more security.

Resulting from the needs, the risks and the cost analysis, the security concept is developed. The remaining risks are known, documented well and reduced by proper steps.

The premise for implementing the method for securing networks and server should be: All not explicitly accepted action is not allowed.

The next step is the implementation of technical and organizational steps as described in the security concept. The last step is most important: Testing, whether the wanted level of security is really reached and all relevant processes of the company still work as needed.

Please contact us for further information