Information security

Information security is a broad concept. It is a set of measures, procedures and processes that guarantee the availability, integrity and confidentiality (BIV or CIA in English: confidentiality, integrity and availability) of all forms of information within an organisation, with the aim of ensuring the continuity of the information and to guarantee the provision of information and to limit the possible consequences of security incidents to an acceptable, predetermined level.

In recent years the number of cyber attacks on computer systems within companies and government institutions in the Netherlands has increased drastically and has become a day-to-day reality. In addition to older terminology such as computer virus, worm and hacking, everyone is now familiar with terms such as malware, phishing, DDoS attack, DNS spoofing or botnet ransomware. All forms of cyber crime or Internet crime.

UseIT focuses on the most feasible for each specific situation. Every customer is different, has different information, possibly other risks and other requirements. Our experience also shows that not every customer requirements the maximum security in the MKB. It involves searching for an acceptable risk: measures in relation to costs with respect to user-friendliness.
This is done by taking the necessary organisational, procedural and technical measures that are based on an (organisation-dependent) risk analysis or a legal obligation. In the Netherlands, this may include the WBP (Personal Data Protection Act), the Telecommunications Act and other applicable laws and regulations.

 

Some examples of what we can offer you in this field:

  • Carrying out an IT Security Quickscan with clear results and recommendations;
  • Implementing affordable/simplified Pentests and website scans without complicated reports;
  • Improve/increase the security level by implementing high-quality and innovative technical security solutions;
  • Introduce techniques such as layered security, DPI (Deep Packet Inspection) or other types of scanning, monitoring and/or firewalling;
  • Take full control of IT security;
  • Periodically carrying out (independent) checks (for example if you have your own IT administrator/department);
  • Supporting security awareness programs (employee awareness);
  • Supporting procedures and processes on information security.