IT Security

Digitize with security

mVISE AG

IT Security

We offer you a comprehensive range of information security services. This enables you to benefit from a holistic approach: We assist you from the conception to the implementation of complex security solutions and provide you with support across all project phases. With us, you have an experienced partner at your side throughout the process of mastering the challenges of digitization.

Whitepaper

WannaCry?

Mit mVISE wäre dies nicht passiert!
Zum Beitrag

Mobile Security für den deutschen Mittelstand

Zum Schutz eines Unternehmens ist bei einem Einsatz vom Mobile Devices darauf zu achten, dass
ein geeignetes Sicherheitskonzept besteht.
Zum Beitrag

mVISE schaut hin: Parity Bug friert 130 Mio. Euro ein

Ein erneuter Bug beim beliebten Kryptogeldwallet Parity sorgt bei vielen Ethereum-Nutzern für Unruhe.
Zum Beitrag

mVISE schaut hin:

Analyse der Ransomware „Energy Rescue“
Zum Beitrag

mVISE schaut hin:

KRACK – Angriff auf das WPA2 Protokoll
Zum Beitrag

Our offering

Mobile Security

The use of mobile devices – such as smartphones and tablets – has long been an integral part of everyday life, and it is very difficult to imagine life without them. These smart technologies work their way into the company from people’s private lives.

Enterprise Security

The IT of modern companies is based on the approach of providing specialized solutions in order to deliver optimum results. Companies are also repeatedly faced with the same three questions: What is needed? How can I implement it? And who’s going to support me in doing so?

Security Assessment

We live in a digitized world. Be it in sales, accounting, production or communication, it goes without saying that digital media will be in use in every area of your company, and this has to be the case in order for you to remain competitive.

Penetration Testing

Modern IT systems are becoming increasingly complex and difficult to protect. The networking of central components in production and administration leads to higher risks and offers a wider range of susceptible targets.

Security Awareness

An attacker is always looking for the weakest link in the security chain. In many countries it is legally prescribed that you must establish technical and organizational measures for the purposes of protecting your own company.

Compliance ISMS & DSGVO

On May 25th, 2018, the two-year transitional period for the new EU General Data Protection Regulation (DSGVO/GDPR) will be coming to an end. From this date, companies must take the new directive into account.

Mobile Security

‘The challenge

The use of mobile devices – such as smartphones and tablets – has long been an integral part of everyday life, and it is very difficult to imagine life without them. These smart technologies work their way into the company from people’s private lives. But how can a company integrate these consumer products into its enterprise infrastructures when known and proven security components no longer work?
How can a company meet the challenge that new threat vectors pose and thus enable mobile and secure work?

Your solution

The mVISE process model prepares you for the challenges of using mobile devices from a business point of view. Possible technical and organizational measures have already been evaluated by mVISE, enabling us to provide you with targeted advice based on your requirements and needs. We work together to find a solution that’s right for you.
But we can also look at things from the opposite perspective: How are mobile devices attacked nowadays and what can be done during the development of mobile applications in order to counteract these attacks?

Additional information:

Enterprise Mobility Management forms a frame around MDM, MAM and MIM. This enables the secure use of mobile devices within the company. To this end, it offers an holistic approach to managing mobile devices, such as smartphones, tablets or notebooks, in an organization. It pools requirements from the areas of data protection, IT security and information security. It also includes technical and organizational measures for the use of mobile devices.

Mobile Application Management is the term used to describe the provision and management of business- and application software on mobile devices. In comparison to MDM, the focus here is on the application level. By providing a separate App Store, a separation of private and business apps can be ensured.

Mobile Device Management describes the management of mobile devices via a centralized IT administration. This includes tasks such as inventory/cataloging, protection against unauthorized access, remote assistance or patch management. At the same time, it functions as technical implementation for guidelines on mobile devices.

Mobile Information Management focuses on secure provision of, and protected access to, business data. It implements the information security concept onto mobile devices, so to speak. At the same time it provides the possibility for you to grant access to company data exclusively to trustworthy applications.

mVISE Mobile Security Concept

Enterprise Security

The challenge

The IT of modern companies is based on the approach of providing specialized solutions in order to deliver optimum results. Thus, the use of various hardware and software requires tailor-made approaches at certain points, but the risk is that exploiting scalability and synergies become problematic.
Companies are also repeatedly faced with the same three questions: What is needed? How can I implement it? And who’s going to support me in doing so? Be it entire public-key infrastructures (PKI), log solutions or maybe even a high-quality firewall.

Your solution

Tailor-made security solutions place the individual benefits at the fore. It is not only the question of procurement and operation costs that is relevant, but also the question of interlinking with other solutions. Since the attacker always takes the path of least resistance, i.e. it uses the weakest link in the chain.
With many years of project experience, mVISE provides support, starting with the make-or-buy strategy and running through to the operational implementation of the solution. From endpoint protection to firewalls, from logging to SIEM to the network concept.

Wholesome security solutions

Security Assessment

The challenge

We live in a digitized world. Be it in sales, accounting, production or communication, it goes without saying that digital media will be in use in every area of your company, and this has to be the case in order for you to remain competitive. But who makes sure that the technologies you use can also withstand daily stresses like cyber-attacks or company guidelines? Any tool you use can represent a potential security vulnerability. A well-intentioned project can thus end up becoming a security nightmare for the entire company.

Your solution

mVISE accompanies and supports you on your path to introducing new solutions or making existing solutions more secure. We want to work with you to protect your company and your customers from possible attacks. Whether the attacks come through internal or external attack vectors. Our goal is to work with you to create a sustainable and individual security solution that meets your needs. In this process, it doesn’t matter to us whether you are just planning a new web application or a completely new infrastructure. Your security is our success.

Wir begleiten jederzeit das Projekt

1. Anforderungen

Bereits bei den Anforderungen an ein neues Projekt/Produkt sollten Sie an Security denken.

3. Implementation und Tests

Auch bei der implementation unterstützen wir Sie im Falle von unvorhergesehenen Problemen. Ein Penetrationstest am Ende jedes Assessment wird empfohlen.

2. Design

Funktionales oder technisches Design. Beide Komponenten sollten aufs genauste überprüft werden, um mögliche Schwachstellen frühzeitig zu erkennen.

4. Go-Live

Am Ende jedes Security Assessment erfolgt ein Bericht über die Durchführung und Erkenntnisse die während der Projektzeit gesammelt werden konnte, um für zukünftige Produkte einen Wegweiser zu haben.

Penetration Testing

The challenge

Modern IT systems are becoming increasingly complex and difficult to protect. The networking of central components in production and administration leads to higher risks and offers a wider range of susceptible targets.
But the attackers themselves are also continuing to evolve. It is, for example, routine for malicious hackers to use sophisticated tools to automatically attack known weak points in companies. Although many defensive measures do offer a certain degree of protection against this type of attack, this protection must also be objectively measurable if it is to be continuously optimized.

Your solution

To determine the position of your own line of defense against malicious hackers, intensive tests, carried out by experts, are required. The mVISE Penetration Testing Team is specialized in using a range of different test approaches and test depths to carry out a clear assessment of your current position. Upon completion of each penetration test, the results are discussed in detail and possible solutions are put forward.
For us, a successful penetration test means carrying out a clear assessment of the situation and improving the level of security on a sustained basis.

Pentest Vorgehensmodell

Security Awareness

The challenge

An attacker is always looking for the weakest link in the security chain. In many countries it is legally prescribed that you must establish technical and organizational measures for the purposes of protecting your own company. But how can a company protect itself when human weaknesses are exploited? For example, well-prepared attacks, especially those on medium-sized businesses, can result in attackers carrying off with sums of money via, for example, diverted bank transfers, with the amount of missing money sometimes being enough to threaten the entire existence of a company. For this reason, it is important to “live” safety – that is, to make security part of the company’s culture – by means of correct behavior and sensitized employees.

Your solution

The collection and integration of employees in security matters is a process that has to be designed on an individual basis. It is for this reason that the mVISE concept integrates people directly and creates a basis for motivation. On that basis, the relevance of each individual employee in the security concept is conveyed and the added value of the concept for each individual is demonstrated. Thus, security awareness evolves from a perceived blocker to an enabler for day-to-day business. Based on the individual feedback of individual employees, content is updated at regular intervals and joint successes are shared.

Compliance ISMS & DSGVO

The challenge

On May 25th, 2018, the two-year transitional period for the new EU General Data Protection Regulation (DSGVO/GDPR) will be coming to an end. From this date, companies must take the new directive into account and implement its requirements properly and demonstrably. The standardization of European data protection law, adopted on April 14th, 2016, threatens to impose fines of up to 4% of a company’s worldwide sales in the event of data protection violations. Despite the fact the transition period is nearing its end, many companies are still not sufficiently prepared for the new regulations.

Your solution

The data protection experts at mVISE AG have developed a comprehensive solution concept to help you implement the EU GDPR in compliance with the law. The mVISE concept covers all necessary activities leading to compliance with the EU GDPR. The concept is based on a life cycle model (PDCA) in order to ensure a continuous improvement of data protection. It also contains all phases and activities required for the successful implementation of an EU GDPR-compliant, data protection management system.

mVISE PDCA Zyklus für eine konforme Umsetzung der DSGVO

Contact partner

Bernhard Borsch

Bernhard Borsch

Senior Consultant - Security

Bernhard Borsch ist seit 2014 als Senior Consultant im Bereich Security für die mVISE AG tätig. Zu seinen Kernkompetenzen zählt neben PKI und Kryptographie auch das Themenfeld Mobile Security.
Zurzeit unterstützt er mit seinem Team Kunden, die sich der Herausforderung der Absicherung von mobilen Devices stellen.

Wir benutzen Cookies um die Nutzerfreundlichkeit der Webseite zu verbessen. Durch Deinen Besuch stimmst Du dem zu.