The topic of IT security is a broad field, especially for companies. The looming threats from outside and within are very complex. From the stand-alone PCs and single USB-sticks to complex networks and multinational cloud infrastructures – wherever data of all kinds are moved and stored, there are attack possibilities and the data protection is in danger.
IT security describes technologies that protect the availability, confidentiality and integrity of information processing systems. The first priority is the protection against attacks, the prevention of economic damage and the minimisation of risks. Encryption of transmission paths and data storages, firewalls, protection against viruses and trojans, ensuring availability (or also protection against system failures) – all these are essential components of IT security.
Hacker attacks threaten IT systems from outside, as well as from within. They usually serve the purpose of obtaining illegal access to data, in order to gain economic advantages. The times when viruses simply destroyed hard drive content lie in the past. Today, identity theft is at the top of the list of cybercrimes. Especially private individuals, whose email, or online-shop accounts have been hacked are affected. Industry espionage also belongs to this field. Therefore, intruders of company networks need to be stopped by efficient firewall technologies. Often the danger from within, created through weakness within the system, is being underestimated. Time and again, hackers take advantage of software errors in order to gain access to IT systems. Developers of application programs and operating systems are constantly trying to provide updates to close safety gaps.
However, even the company’s own staff can pose a threat for information security. Former employees that still have access to business-critical data can cause damage. With social engineering methods, hackers can also gain easy access to data and IT infrastructures. Here, every single company employee poses a risk through unconscious behaviour. Often a phone call from a supposed IT employee is enough to ask for passwords. Therefore, every single user of the company network needs to be sensitized to such scenarios.
Next to spying out data, computer sabotage poses another risk. In times of cloud-technologies and WLAN-networks, a physical access to the hardware is no longer needed. Spread botnets that can paralyse network components with massive shelling of data packages (DDoS-attacks), are easily created. They not only paralyse the webserver but can also disable a company’s IT landscapes.
A well thought out IT security concept is based on the analysis of potential damage and attack scenarios. The aim is to achieve a defined minimal security and safety level.
IT security can hardly be provided by the company's IT department alone. Therefore, more and more services are being outsourced to the cloud. The advantage is that cloud service providers are specialized on IT security and safety mechanisms can be supplied cost-efficiently.
DRACOON is an expert in the field of cloud security and deals with how IT security in the cloud can be further improved and how users can regain sovereignty over their data on a daily basis.
With its highly secure and platform independent Enterprise File Service DRACOON offers its users maximum flexibility – and at the same time a 100% GDPR-compliant solution. Various seals such as ISO27001, EuroPriSE and the BSI C5 certificate have repeatedly confirmed the high IT security level. Thanks to data protection-friendly technology design (Privacy by Design) and data protection-friendly presettings (Privacy by Default), users also automatically work in accordance with data protection regulations from the outset.
Access rights are assigned in DRACOON via user and rights management. A suitable role profile can be assigned to each user for each data room, so that certain persons, for example, can only read data, while others also have the rights to delete or share data. These rights can also be time-limited or revoked at a later date. This ensures that only authorized persons have access to the data.
Protection in the event of a hacker attack: Affected data can be restored easily and at any time via the recycle bin function in DRACOON, as it is stored there in its original state as a version.