Cyber security and personal data protection

kibernetinis-saugumas

IT security starts with people!

Cyber security is an increasingly relevant topic for every company. In response to the growing number of cyber threats to business security, we check the resistance of IT equipment used by companies to virus attacks and intrusion opportunities. Our specialists will competently carry out assessment of your company’s social accounts, website reliability, physical impact analysis on IT equipment used by you, as well as reliability and security of information available to employees. We shall assess the state of personal data processed in your company and execute a data processing audit, then we will provide constant recommendations regarding personal data processing.

Cyber security is an ever-changing, complex and diverse area that involves much more than just the use of appropriate IT equipment. Unlike other companies in this area, we focus our attention on the human side of cyber security. We are convinced that even with a perfectly protected IT infrastructure, without its proper operation, without the awareness of employees, all investments in the IT system security would be wasted.

We will evaluate the data usage rules in force in your company (if you do not have any, we will prepare a tailored project for you) and check how employees comply with data safety requirements. By checking employees’ reactions to suspicious system actions, we will assess the ability of personnel to identify potential risks to the IT system. By applying approved methodologies, we will test the resistance of employees to possible external influences through their used social networks, the ability to identify the nature of messages received by e-mail, the potential risks and the ability to take appropriate measures to ensure the safety of IT systems and, at the same time, to ensure the safety of your business.

We will check the level of physical protection of your IT equipment and data, assess gaps in security and risks, related to the possibility of affecting, damaging IT equipment, as well as possibilities to leak or destroy the data.

At the request of the client and together with our partners, we can carry out a comprehensive cyber security assessment, in addition to our services, we also offer such IT system security assessment services, such as:

Penetration testing — we will assess your company’s security level and inform you about vulnerabilities.

Selection and installation of anti-virus solutions. After assessing the level of security, financial resources and the desired result, we will select and install modern security systems and adjust the settings that are suitable for you. 

Implementation of data leakage protection systems. In accordance with the procedures in force in your company, we will identify the most important and protected information and install and adapt automated security systems for such information.

Encryption of the internal enterprise network. By tending to the personal data protection requirements within the company, we will implement encryption solutions for the transmitted information and adapt them to your external systems.

Learn more

Protection of personal data

Protection

Protection of personal data is a particularly relevant area, requiring special attention, constant monitoring and control. It is closely linked to cyber security that is becoming increasingly important in ensuring the implementation of fundamental human rights and freedoms. For those who are not professionals in this field or specialists in the application of GDPR provisions, proper implementation of the data protection process may seem complicated, therefore we suggest using our company’s competences to ensure the safe processing of personal data of your employees, clients and third parties.

Clients often think that their company does not process personal data and their data protection requirements are not relevant to them, but the opinion of many clients changes after the initial audit. Sometimes it is not even understood how to change and what data falls within the scope of the personal data required by each company to process. The initial identification of such data, its systematization and the formation of an action plan help our clients to properly process personal data by preventing their loss and avoiding fines.

Our company assigns a specialist in the field of personal data protection to the client, who supervises the processing of personal data, makes recommendations, performs other functions of the data protection officer.

When providing services, we:

  • · Participate in the assessment of compliance with GDPR provisions of personal data processing.

Initial audit or periodic audit of processed personal data shall enable the entity to take measures to ensure the proper implementation of the protection of personal data, the fulfilment of already applicable personal data protection requirements and the changes to be taken in order to improve the management in this area. The audit identifies weak areas of personal data processing, and deepens the knowledge of the persons responsible for data processing. Internal audit allows timely identification of problems and to avoid loss of personal data and possible fines.

  • ·We carry out continuous monitoring of the processing of personal data, which includes services such as:
    • – consulting employees responsible for processing personal data and company managers on personal data protection issues;
    • – informing about the adopted legislation on the protection of personal data and changes thereto;
    • – participation in inspections carried out by the State Data Protection Inspectorate, preparation of answers to inquiries;
    • control over the processing of excess personal data;
    • preparation of procedures governing the processing of personal data and assessment of compliance with legal requirements;
    • – supervision of internal and external privacy policies, ensuring the security of access to personal data and controlling such access.
  • ·We conduct training on topics related to the processing of personal data.

None of the established procedures will be able to ensure the security of the processing of personal data if the employees of the company do not understand the importance of the data processed by them or understand what responsibility is assumed when receiving this type of data. Only constant education of employees, familiarization with the latest requirements in the field of personal data protection, regular reminders of the rules of processing of personal data in a particular company allow to minimise the risk of negligent or inappropriate processing of personal data due to human “mistakes. Based on our services and external lecturers, we select the most acceptable solutions for training and continuous verification of knowledge, so that the client’s employees are trained and have sufficient knowledge in processing personal data.

The best solution to the problem is its absence!

Learn more

Have questions or do you know what exactly you need?

Contact