Reaching a defined security level: the Security Concept

The development of a security concept is oftentimes the beginning of a security management. Goal of a security concept is the identification of the necessary protection level of information, systems and processes as well as the definition of measures to reach this security level. In the experience of SRC, the following procedure is adequate:

  • Identification of objects worth protecting ("assets") and their protection needs
  • Analysis of the threats to these objects
  • Qualitative evaluation of occurrence probability and potential amount of damage
  • Definition of measures to reduce the occurrence probability and amount of damage
  • Implementation of these measures
  • Definition of a handling of residual risks

Thusly, risks can be assessed in a structured manner (risk analysis) and customised measures for risk reduction or handling can be defined.

Our offer

SRC supports the development of security concepts and the selection as well as implementation of concrete security measures regarding different topics.

Examples of important aspects of security can be found below.

 

Development of secure networks

Heterogeneous networks include areas that have a higher need of protection than others. Internal networks need to be protected from attacks from the public network and network servers have to be highly available. We solve these tasks with you, develop a concept and support you with its implementation.

Emergency Concepts

The goal of emergency concepts is to enable the upkeep of business operations in case parts of the complete IT-infrastructure fail. We identify the major business processes with you, prioritise them and evaluate their dependency on your IT. Depending on the prioritisation of the processes and the maximum tolerable outage time of the IT, we define measures that guarantee staying under the tolerable outage time in every case.

Upkeep by Security Management

To keep up the security level that was reached with the help of the security concept permanently, it is recommended to establish a process for frequent updates of the concept within the framework of a security management system.

Contact

Detlef Kraus
Thilo W. Pannen
Randolf Skerka

info[at]src-gmbh.de
Telephone: +49(0)228 2806-0
Telefax: +49(0)228 2806-199