Six steps to the protection zone concept
IT security in companies is becoming increasingly important. Hacker attacks and the feared blackout should push an IT security concept to the top of your to-do list. A protection zone concept is part of a comprehensive safety plan.
Here we will explain to you which six steps you need to follow in order to create such a protection zone concept:
1st step: Inventory
Take stock of your processes, tools and IT infrastructure. The most important questions: Which data is collected? Which employees will have access to which data?
2nd step: Priority list and risk analysis
Classify the data into different risk levels. Most important question: To what level should the data be protected? This will result in an onion skin model with two to four protection zones.
3rd step: Protective measures
Define suitable protective measures. A dual vendor strategy is recommended. Two firewalls from different manufacturers will provide better protection.
4th step: Revise processes
Identify the affected processes and revise them to comply with the new security policy.
5th step: Education and training
You can't do it without it: sensitise your employees to the subject of security. Training should familiarise your employees with the new security measures - and fit for the new processes.
6th step: Check cooperation with external parties
Don't forget the IT service providers you work with. Evaluate contracts and modify them to match new processes and requirements.
Use framework agreements. Within these framework agreements, smaller individual orders can run separately. This makes it easier to manage risks. If any occur, they only affect individual areas but do not run through the entire project.
As consultants for transformation projects and IT strategy, IT security is a main topic at AXXCON. Do you have any questions or do you need support? We will be pleased to help you.