Since some years we work according to our guideline for IT security. This guideline is based on basic security mechanisms, which have to be implemented into products and systems.

The guideline was continuously developed and optimised by us. The result: The requirement catalogue of the information security. It is based on currently available technical specifications and recommendations and is adjusted regularly to the state of technology.

An important part of the catalogue is the data protection. This protection always was a hot topic and is now even more so. With the taking into effect of the new general data protection regulation in the year 2018 the data protection has become obligatory for every entrepreneur.

On one hand person related data has to be protected and on the other hand a secure handling of this sensible data should be possible and be regulated.

Another important aspect are the available dynamic and revolutionary communication channels.

These days a life without the Internet is no longer possible to imagine. Many daily actions are realised using the Internet – for example shopping, communication, banking asf. It is important to protect the revealed data in this connection.

Another area in which person related data plays a role are applications which are run on mobile devices or the computer.

May it be the application for health or the one for the smart home: Everywhere person related data is collected, processed and stored.

Many people think their smartphone would be a secure place but sadly often this is not the case. Through a theft of person related data a huge damage can be done. This affects the manufacturer of products and systems as well as the users. This can have far reaching consequences.

For clients this can result among others in identity theft as well as material and financial damage.

For the manufacturer result from a hacker attack, besides the financial penalties from the side of the data protection authority, above all image damages. A manufacturer that has been in the headlines because of a serious security gap only recovers slowly from a loss of reputation because the market is fast moving and the competition is large.

The company Obering. Berg & Lukowiak GmbH offers the possibility to check networked devices of any kind regarding the information security according to this extensive requirement catalogue.

Often small errors can have a huge effect on the security of the devices themselves and also on the connected networks.

We check your devices and networks regarding technical and logical errors by performing attack scenarios adapted to the device.

The results of this extensive analysis are summarised and explained in a report afterwards. Possible solutions for resolving the problems and attack surfaces are recommended.

If all aspects of the requirement catalogue have been evaluated successfully the certification mark can be awarded.