Contact | How to find us | Sitemap | Imprint Deutsch English

Security Assessment

Banks are today dependent on IT applications being available at all times. For that reason IT security is of extremely high importance, additionally because of the external demands placed on this sector (§ 25a KWG, Basel II etc.).

Security within the company is no isolated component, but covers the entire company. Every employee and every information-processing system in the company must therefore be part of a holistic approach. Security aspects even extend beyond the company in-house if globally distributed collaboration, outsourcing or application service providing are considered. Responsibility for security lies with the company management.

Management must initiate the development of custom-made security concept and guarantee that the concept is implemented, complied with and updated with the necessary expertise.

Important criteria here are:

  • Opportunities and risks of new technologies
  • Legal aspects of IT security
  • Liability and indemnity
  • Data protection and telecommunications secrecy
  • Hazardous web contents and private use of company computers
  • Tangible threats to companies

Most banks and financial service providers have in recent years pressed ahead strongly with networking. Without internet connection many transaction processes are today simply inconceivable. More and more applications, which formerly ran on the in-house server or computer centre, have meanwhile begun to be operated by an outsourcing partner. With the necessary opening up of the company network however new information technology threats face the company. These may come about intentionally (passive and active attacks) or unintentionally (human error, force majeure etc.).

Based on their specialist knowledge and experience GDB is precisely aware of the weaknesses frequently occurring in the case of banks and IT services and can accordingly submit specific proposals for improvement.

The GDB Security Assessment is oriented towards the implementation concept for penetration tests of the Federal Office for information Security (BSI). It covers all systems including necessary organisational and technical security measures and delivers the result in the form of a detailed survey of the level of security.

 

Example of a Security Assessment

Beispiel eines Security Assessment