Enterprise Business Unit

Experience shows that - above all in the tough IT security environment - specialist know-how is constantly required for the realisation of complex secure services and IT security projects. The Enterprise Business Unit supports partners and customers of SSP EUROPE through services in the fields of

  • IT Security Consulting
  • Managed Security Services
  • IT Compliance Consulting
  • ISO27001 Consulting
  • Data security audits and security checks

In this regard, SSP EUROPE plans, implements and controls security concepts for companies, and offers tailored solutions ranging from risk assessment through to monitoring and maintenance services. The company possesses comprehensive expertise in the configuration of IT security systems such as firewall technologies, Virtual Private Networks (VPN), Intrusion Prevention Systems, anti virus and spam filters, RemoteAccess solutions, Content Management Systems and much more besides.

Central to these services are not only all the relevant technical aspects but also economical and legal issues. The quality awareness of SSP EUROPE is also reflected in its certification per ISO 27001, which enables customers to benefit from this globally valid standard.

Consultancy

Project implementation

Operation

IT and IT security conception

Evaluation, product selection

Hotline service (up to 7x24)

ISMS (ISO 27001)

Procurement

Managed Security Services

Data protection (BDSG)

Project management

Secure Service Providing

IT Compliance

Configuration

Professional Service Support

Security Awareness

Installation

Service and capacity management

Security and network analysis

Tests and acceptance

Administration

Audits & penetration tests

Documentation

Change management

Technical concept design

Software development

Incident handling

Technology fields

Technology fields

Perimeter Security
(Firewall, UTM, VPN)

Remote Access
(IPSEC, SSL)

Web Security
(Proxy, AV, URL filters)

Authentication
(Token, OTP, Smartcard)

Network Security
(IPS, DNS, DHCP, NAC)

Endpoint Security
(AntiVirus, encryption)

Email Security
(Anti-spam, AV, encryption)

WAN
(Optimisation, line providing)

Security Management
(Monitoring, logging, reporting)

Data Centre
(Hosting, housing, rack space)

IT Security Consulting

The security of information technology has become one of the most important factors in ensuring the functionality of EDP within a company. Entire added value chains depend upon it and any liability questions resulting from security deficiencies affect the company management directly. Within the framework of IT security services, SSP CONSULTANTS always focus on individual solutions, tailored to the needs of the customer. In this way it is ensured that the generated concept is also effectively implemented and island solutions are avoided.

In addition to delivering professional solutions in the configuration of IT security technology, the consultants of SSP EUROPE carry out training and security audits.
The standardised procedure with security audits is implemented in individual, logical steps according to a multi-phase concept:

Technical auditing of existing systems
With these audits, systems that can be externally accessed via the internet are tested for weaknesses and erroneous configuration, as well as network design errors. The customer receives a detailed report and recommendations on the elimination of weak-points.

Risk analysis
During a risk analysis, the IT security consultants at SSP EUROPE appraise existing threats and the resultant damage potentials. These findings are contrasted with the company values - protection requirements are accordingly determined, documented and communicated.

Project planning and design
The SSP EUROPE Enterprise Service Unit carries out the entire planning and implementation of complex projects, concepts and network designs are generated with consideration to security aspects.

Security checks and penetration tests
Customer systems are exposed to realistic attacks from Portscan through to complex attack scenarios, in order to obtain findings on the IT security status as well as potential weak-points within the company.

Weak-point analysis
Operating systems and applications that are made publicly available via the internet are frequently the subject of attacks. The IT security consultants subject these services (web server, mail server, portal, etc) to a weak-point analysis and generate strategies and measures for safeguarding accordingly. The customer receives detailed documentation of these analyses.

Security workshops/introduction of VEWA
The modules of the SSP EUROPE security workshop can be individually tailored to the needs of the company and the know-how of the participants. The results of one of these workshops are concrete measures catalogues. The participants of the workshop receive a "Security-GuideLine" as a handout. Furthermore, SSP EUROPE also provides support to the generation of individual agreements for the use of email and web in the workplace, in order to legally protect the company and commercial lines.

Generation of security policies
A security policy far exceeds the familiar firewall. It deals with issues such as behaviour codes in the event of unknown callers, authentication and remote access, network guests, mobile devices (notebooks), USB devices, etc. The aim is to generate a comprehensive set of company rules for handling matters of IT security in all relevant areas - of both a technical and non-technical nature. The legal requirements constitute the foundations of this.

Managed Security Services

With managed security services, the IT security functionalities exist physically at the customer, whilst the management of these is taken over by an external service provider such as the SSP EUROPE Enterprise Service Unit (outsourcing of IT security management). In selecting manufacturers, SSP EUROPE has opted for market leaders in each respective area. These not only drive the development of their systems forward on a constant basis in order to be able to react to new risks, but also in order to consistently improve the security of the systems themselves. Through the outsourcing of sensitive IT areas to a specialist partner such as SSP EUROPE , companies benefit from:

  • a highly qualified team of specialists with comprehensive know-how in the field of IT security
  • legal assurance, e.g. in relation to VEWA, data protection or liability risks
  • maximum IT security through the use of state-of-the-art technologies
  • flexible service times and year-round assured access to technical personnel
  • high transparency and traceability of log file evaluations
  • additional savings due to the omission of procurement costs for hardware and software, e.g. management environments, spare parts
  • additional savings due to the omission of ongoing training and development costs in a training and cost intensive IT segment
  • Via its NetworkOperationCenter (NOC), SSP EUROPE manages not only the classic firewall but also IPS (Intrusion Prevention Systems) and Content Security from the most renowned manufacturers through full or co-management.