Security Audit

An essential element of market success is not only the acquisition, reliable information at the right time, but also the certainty that they will not get into the wrong hands.

The value of information in the modern world is growing. Information and information systems are also very important. Continuous access to key information and their appropriate protection can ensure the application of security policies.

The result of an effective audit conducted by digitec are, among others. the following benefits:

  • Ensuring the protection and confidentiality of information processed in the company’s IT systems
  • Ensuring uninterrupted availability of company IT systems

The purpose of digitec is to thoroughly examine the IT infrastructure, but also the procedures used and the flow of information. As a result of the activities, knowledge of the weaknesses of the system is obtained, which in turn is the basis for the development of an appropriate security policy. An additional feature of the audit is the maximum adaptation of the company’s IT tactics to its strategy, adopted development plans and organizational structure. The solutions offered by digitec are optimally tailored to the actual needs of the customer without compromising on unnecessary costs. Digitec also strives to identify the value of information, which is even more difficult than defining the cost of projects designed to protect it. It is obvious that the investment assessment must take into account the comparison between the value of protected information and the cost of protection.

Digitec guarantees to its Clients full confidentiality regarding both the detected weaknesses of the system and the solutions applied. Our work is based on international standards and standards for information security management such as: PN-ISO / IEC 17799, Data Protection Act, Act on the Protection of Classified Information.

Digitec puts great emphasis on security of information availability.

Information or data stored in computer systems have an immeasurable value that we appreciate only when we face the lack of them – unfortunately too late. Reconstruction of lost data is very costly and time consuming, and sometimes impossible to accomplish, because it is impossible to reproduce data about contractors collected over several years of company activity or financial data, accounting for several years back. The failure of disk storage and consequently the loss of valuable data has led to the bankruptcy of no more than one company. Even if we believe in high reliability of your equipment, remember that data loss can also be caused by much worse catastrophes such as fire, hardware theft. At that time, the only safeguards are security copies on tapes stored at various locations, and additionally secured by storage in a refractory rack.

Data security, though important for securing file servers where loss of data is a loss to all users on the network, is also very important for individual users who store valuable private data and projects on their personal computers for several years.

This situation created the concept of Disaster Recovery and Business Continuity Planning. Through disaster recovery, both preventive and preventive actions are taken in the event that such damage is already taking place. Keep in mind that data recovery and data restoration are not all. It is very important that the downtime of the system, or the lack of service provided by it, is as short as possible. The digitec specialists are able to create optimal procedures and system design for the customer, ensuring the security and availability of stored and processed data.

As part of conducting a security audit, we perform, among others:

  • network security analysis (LAN / WAN / WLAN / Internet) and systems (security vulnerabilities, antivirus and antispam protection, etc.)
  • data security analysis (storage, sharing, archiving and backup)
  • developing security policies for systems and networks
  • analysis of the reliability and performance of systems and applications (including identification of “Bottlenecks”, performance tuning)
  • analysis of technical infrastructure related to the functioning of the teleinformatic system (including access control systems, burglary and fire detection, fire protection, air conditioning, power supply, etc.)
  • preparing IT systems development strategies: technical and economic analysis, pre-deployment / pre-shipment analysis (including IT infrastructure analysis for core applications such as SAP)
  • analysis of information flow channels
  • developing strategies for storing and sharing information processed into the system