Our consulting services cover all aspects of information and cyber security, starting with the setup process, a secure operation and further development of the systems. We are measuring your operative IT and cyber risks ensuring compliance with industry norms, security standards and legal requirements (ISO, PCI BSI, COBIT, SANS, NIST, etc.). A high value is set on long-term advice and know-how transfer.
IT security consulting services include:
Risk Analysis and Assessment
Any system that is connected to the internet exposes an organisation’s information that could be used for an attack. This may be details about the technical components in use or information about the physical infrastructure, management processes or the operative hierarchy. Our specialists systematically search any accessible sources.
Social Engineering: Phishing / Vishing / Awareness
A profound risk analysis is the base of further security audits. The analysis defines the focus and sets priorities. On this basis, the management can decide which security measures are to be implemented. The purpose of a risk assessment is to provide recommendations to enhance information security. Therefore, the following questions should always be raised: What is to be protected? What are the dangers? What are the consequences of a possible attack? How can we minimise the attack surface?
ISMS Information Security Management Systems
An information security management system (ISMS) permits confidentiality, integrity and availability of information. It ensures legal and regulatory requirements and allows the consecutive improvement of information security. Companies working with the requirements of ISO 27001, which guarantee specifically confidentiality, integrity and availability of information in the fields of organisation, processes, technical requirements and legal aspects, can apply for certification.
IT systems are popular targets of diverse attacks. Even a secure configuration, careful hardening and updating with the latest security patches at regular intervals leaves you with serious points of attack due to unknown vulnerabilities or just partially implemented security measures. Misconfiguration and failed attacks hold additional risks. An intrusion detection system allows an immediate reaction in case of security-relevant incidents and can prevent malicious network traffic.
Information technology systems require a reliable and solid installation of the underlying operating system. Dreamlab Technologies calls on many years of experience with a multitude of operating systems, hardware, applications and networks, which we adjust and equip with the necessary security components. We support you in implementing individual solutions for a safe business operation.
Dreamlab Technologies offers best-in-class virtualisation technologies based on common industry standards. This strengthens the server resources and improves the security of the system. Hence, the maintenance needs less time. Since virtual machines are not bound to a specific host system, the development of a virtual environment facilitates the resource supply.
A comprehensive monitoring provides you with the performance data necessary to guarantee a stable and reliable business operation. You recognise interruptions and breakdowns before your users will. Get informed by e-mail, text message or pager and be the first on site to solve problems long before business processes are being affected.
Availability and Continuity Management
We ensure the information flow within your IT service management processes and provide comprehensive processes for securing and planning your technical support. Dreamlab guarantees the strategic precautions to be in line with your IT service continuity management.
We accompany our customers on the conceptual and executive level in the implementation of security measures. High value is set on know-how-transfer, which we guarantee through additional trainings.
Process Review / Second Opinion
In the context of a process review, our security specialists highlight problems and deficiencies before they are in the position to have an influence on your institution. We identify weaknesses and potential security risks. The goal is to recognise problems, deficiencies and dangers in time to discuss improvement opportunities. The attack surface is reduced and a secure environment is set up.