Small and medium-sized enterprises in particular have some catching up to do

When it comes to the timely detection of IT security and cyber security incidents, small and medium-sized organisations – even some large ones – have a massive backlog. They often lack the know-how and/or the time to deal in detail with the logs and log files of all the servers in their own IT environment. Especially in small and medium-sized businesses, IT security is often a task that has to be taken care of by the IT department. And IT security concerns often have to take a back seat in day-to-day business – the productivity of the employees has priority.

The argument is often put forward that “everything is in the cloud” and therefore security issues do not need to be taken care of. This is a fallacy – in most cases (with the exception of Software as a Service), it is actually absolutely necessary to actively deal with the IT security of one’s own cloud environments.

For many reasons, it is not a good idea for a company to close its eyes to what is happening in terms of cyber security on its own systems – whether on premise or in the cloud. In addition to reputational and liability risks, a cyber security incident can often leave the company’s continued existence “hanging in the balance”. It is therefore high time to approach the prevention and detection of IT security incidents. But how can this be done in a cost-efficient way? And above all, without further straining the already scarce human resources?

Early warning system Watchdog by TEN IM

We at TEN Information Management believe that even small and medium-sized organisations should have access to IT and cyber security know-how. Dealing professionally with cyber threats should not and must not be the exclusive preserve of large companies. That is why we have developed Watchdog by TEN IM – an early warning system to continuously monitor your IT environment and alert you to critical situations. Cloud-based, hosted in Germany and with a transparent pricing model that protects you from unpleasant surprises in terms of costs. Enriched with the know-how of our experts, who are available as sparring partners for the assessment of anomalies.

With Watchdog by TEN IM, organisations can

  • continuously and automatically check the log files of all connected systems for suspicious activities
  • be alerted to suspicious situations via email or push notification (e.g. via Microsoft Teams or Slack)
  • gain real-time insight into existing vulnerabilities and thus quickly take countermeasures
  • Have the security-relevant configurations of their connected systems automatically checked against recommendations for system hardening and immediately plan and implement countermeasures
  • Automatically monitor the integrity of important system files

… and much more!

With Watchdog by TEN IM, companies gain an insight into the IT security situation of their organisation that they could not previously obtain in this way or only with disproportionately high effort. They save valuable time by not having to log in to each individual monitored server – but can call up all security-relevant information in a central overview.

Effective compliance with the requirements of ISO 27001

In addition to the benefits described above, which contribute to increasing one’s own IT security level, there are also other reasons why companies should monitor their IT environment with Watchdog by TEN IM: It enables them to comply with various regulatory requirements, thereby reducing the time, effort and thus costs involved in meeting the various regulatory requirements. Examples?

ISO 27001, an international standard for information security management systems, requires the continuous monitoring and evaluation of logs (in ISO 27001:2013 this is measure A.12.4 (Logging & Monitoring), in ISO 27001:2022 this corresponds to measures A.8.15 (Logging) and A.8.16 (Monitoring activities)).

SOC2 – Service Organization Controls 2, a US standard, requires in section CC7.2: “The entity monitors system components and the operation of those components for anomalies (…)”. For example, online merchants who process credit card data are also confronted with requirement 10 of PCI DSS (Payment Card Industry Data Security Standard), a mandatory standard that describes the requirements for processing credit card data. This states: “Track and monitor all access to network resources and cardholder data.”

Watchdog by TEN IM is thus a universal tool for companies to counter the problem of intransparency with regard to IT security threats and also the lack of know-how. Watchdog by TEN IM enables companies to react more quickly to IT security incidents in an efficient and cost-effective way.

Tags

Share post

More articles

Numerous details about people, their purchases and other sensitive details could be accessed unprotected on the web for months, as Der Spiegel (German content) prominently reports on its website. A service provider had inadequately secured...
If we closely review the ISO 27001:2013 standard or the draft of the new 27001:2022, we see that the terms penetration testing and vulnerability scanning are not explicitly mentioned either as requirements or as a...
Efficient protection through 2-factor authentication Multi-factor authentication (MFA) or mostly 2-factor authentication is on everyone’s lips. You read a lot about the benefits – and yet you are often annoyed when “the second factor” has...