Tag: information security

A few months ago, BR reported on attacks that work very similarly to the analogue “grandson trick”. Attackers pretend to be a close family member, claiming to be in an emergency situation – and in...

In discussions with customers and interested parties, we are repeatedly confronted with the statement that security investigations (penetration tests and vulnerability scans) are not necessary in cloud scenarios because the cloud provider (e.g. Amazon Web...

Efficient protection through 2-factor authentication Multi-factor authentication (MFA) or mostly 2-factor authentication is on everyone’s lips. You read a lot about the benefits – and yet you are often annoyed when “the second factor” has...

Privilege escalations in applications – often referred to as privilege escalation – are vulnerabilities that allow attackers or even regular users to access data, information or system functions for which they have no authorization. Attackers...

What exactly is examined during ISO 27001 certification? There are many myths surrounding this question. Many believe that “IT security” is audited. Others think that compliance is put through its paces – in terms of...

If we closely review the ISO 27001:2013 standard or the draft of the new 27001:2022, we see that the terms penetration testing and vulnerability scanning are not explicitly mentioned either as requirements or as a...

One of the core competences of cloud service providers is the safeguarding of infrastructures with regard to IT security. But what should be taken into account when using the cloud? The cloud has many advantages:...

This question is often asked by novices who are dealing with ISO 27001 for the first time. What is an Internal Audit? An internal audit is a self-audit to verify three key points by an...

Risk precautions are supposedly just as unwelcome as health precautions. But they are just as important! Various studies prove: Attacks on IT systems and applications are increasing significantly. The consequences are financially devastating. At the...

In a data center of the cloud provider OVH in Strasbourg, millions of customer data were finally destroyed in February 2021. Apparently, the fire protection measures were not sufficient. What about your information security measures?...