IT Security Check SME

Increase the security level of your IT effectively with our IT Security Check SME especially for small and medium-sized enterprises.

Why an IT security check makes sense for every company

Germany’s highest authority for cyber security, the Federal Office for Information Security (BSI), indicates in its 2021 report on the status of IT security that over 14 million malware infections have been detected at German companies. It is not only the number of security incidents that is worrying, but especially the rapid development. A year earlier, less than half of all cyber incidents were reported.
Small and medium-sized enterprises (SMEs) are frequently affected by such attacks. SMEs are often a popular target for cyber criminals, as the IT security level is usually not very high and penetrating relevant systems is correspondingly easy. The consequences for companies can be devastating: company-critical data is encrypted and only released against ransom demands, patents and inventions are stolen and used for criminal purposes, or important IT systems for production or logistics are paralysed. It is not uncommon for SMEs to find themselves in existentially threatening situations due to such cyber attacks.

mehr lesen
But what can be done against the criminal danger from the web? Many small and medium-sized enterprises have recognised IT security as an important issue, but often lack the necessary manpower and know-how to assess whether security measures already implemented provide a sufficient and effective level of protection. Usually, such an assessment is carried out by means of a penetration test, in which relevant IT systems are put through their paces to identify possible security gaps. But often such technical security measures alone are not enough. Without additional IT security management, protective measures often come to nothing.
This is where we at Alter Solutions Germany come in with our IT Security Check SME. Our service is specially adapted to the needs of small and medium-sized enterprises. We combine the examination of technical security measures with the analysis of IT security management and thus offer SMEs a sound picture of the level of their IT security.

Why an IT security check makes sense for every company

Germany’s highest authority for cyber security, the Federal Office for Information Security (BSI), indicates in its 2021 report on the status of IT security that over 14 million malware infections have been detected at German companies. It is not only the number of security incidents that is worrying, but especially the rapid development. A year earlier, less than half of all cyber incidents were reported.

mehr lesen
Small and medium-sized enterprises (SMEs) are frequently affected by such attacks. SMEs are often a popular target for cyber criminals, as the IT security level is usually not very high and penetrating relevant systems is correspondingly easy. The consequences for companies can be devastating: company-critical data is encrypted and only released against ransom demands, patents and inventions are stolen and used for criminal purposes, or important IT systems for production or logistics are paralysed. It is not uncommon for SMEs to find themselves in existentially threatening situations due to such cyber attacks.

But what can be done against the criminal danger from the web? Many small and medium-sized enterprises have recognised IT security as an important issue, but often lack the necessary manpower and know-how to assess whether security measures already implemented provide a sufficient and effective level of protection. Usually, such an assessment is carried out by means of a penetration test, in which relevant IT systems are put through their paces to identify possible security gaps. But often such technical security measures alone are not enough. Without additional IT security management, protective measures often come to nothing.
This is where we at Alter Solutions Germany come in with our IT Security Check SME. Our service is specially adapted to the needs of small and medium-sized enterprises. We combine the examination of technical security measures with the analysis of IT security management and thus offer SMEs a sound picture of the level of their IT security.

Icon Security Check

We support you in increasing your IT security level

The IT Security Check SME is based on a procedure we have developed in-house, which provides a well-founded overview of the IT security level of your company within a very short time and with minimal effort on your part. Unlike many free offers available on the web, we expressly do not rely on automated vulnerability scans or less meaningful self-assessments by means of questionnaires, but rather check your IT security manually, individually and in direct conversation with you.

As part of the IT Security Check SME:

We check your externally accessible websites and services (external penetration test)

We test your internal IT systems as well as your network for vulnerabilities (internal penetration test)

We determine the status of your IT security management in direct conversation with your IT officers and management

Finally, you will receive a report from us that summarizes all the results of our penetration tests and analyses and provides you with well-founded recommendations for actions that you can use to immediately and effectively improve the level of IT security in your company.

The IT security check process

1. Free and non-binding security check consultation

You talk to one of our IT security experts and together we assess the status quo of your company’s IT security situation.

2. Offer for the execution of the IT Security Check SME at a fixed price

You will receive a binding offer from us at a fixed price for the implementation of the IT Security Check SME in your company.

3. Implementation of the IT Security Check SME

One of our ASD Certified Security Analysts performs the IT Security Check SME for your company. The check is performed completely remotely.

4. Handover and discussion of the results repo

After the IT Security Check SME has been performed, we create a detailed results report, which we provide to you at the end and explain to you in a personal meeting.

5. Implementation of the recommended measures

After completion of the IT Security Check SME, we will be happy to continue to support you with the implementation of the recommended measures upon request.

Your Contact Person

Arrange your personal consultation with Dr. Jochen Rill, Head of Cyber Security, now!

Your added Value

Advantages of our IT Security Check SME at a glance:

Individuality: custom-fit assessment by performing manual, technical security analyses and personal interviews.

Objectivity: objective assessment of the effectiveness of your existing measures to protect your IT systems.

Improvement: immediate increase in the IT security level of your company after implementation of the recommended measures.

Cost Savings: Security measures preventively protect against high follow-up costs in the event of a cyber attack.

Packages

The IT Security Check SME from Alter Solutions Germany is specially designed for small and medium-sized enterprises as well as start-ups.
Depending on the size of your company, we offer the IT Security Check SME in the following three packages:
Paket S
Paket m
Paket L
For the execution of the IT Security Check SME for companies with more than 1,000 employees, please contact us – we will be happy to provide you with an individual offer.

Alter Solutions Germany –
IT Security. Individually. For You.

E

Alter Solutions Germany sees itself as an IT security consultancy for medium-sized businesses. Our Certified Security Analysts have many years of experience in the security analysis of IT systems for a wide range of customers in a wide range of industries.

E

Alter Solutions Germany is an active shaper of cyber security in Germany. As a member of the Alliance for Cyber Security and the Federal Association for IT Security, we maintain a trusting exchange with other companies and institutions on topics such as appropriate protective measures.

E

Alter Solutions Germany continuously trains its employees. Our Certified Security Analysts and other experts in our cyber security team are continuously trained on the latest developments in IT security and have industry-recognized certifications.

What our Clients say

Dirk Schulte-Austum, CEO, Leo Schulte-Austum GmbH

„The IT Security Check SME gave us a clear overview of the status quo of IT security in our company and even took into account third-party systems operated by service providers in our IT. I really liked Alter Solutions‘ pragmatic approach and the excellent communication at all times. The results report is clearly structured and, due to the management summary, easy to understand even for non-technicians.“

Achim Hansen, Managing Director, AAP-NDT GmbH

„Alter Solutions Germany audited our web application DRIVE NDT for security vulnerabilities using a grey-box penetration test and also performed a source code analysis. We are very satisfied with the quality of the work performed. We were very pleased with the structured presentation of the results, as well as the identification of concrete recommendations for action, which we were able to implement immediately in cooperation with Alter Solutions.“

Daniel Wellering, CEO, Wellering Computer Service

„As the IT service provider of a company where the IT Security Check SME was carried out, I particularly liked the fact that Alter Solutions Germany was always interested in cooperative collaboration. In a joint exchange, we were able to define in-depth additional security measures for my customer, which significantly increased their level of IT security.“

Andre Lippik, IT-Management / Quality Management, Dreyer GmbH

„The security consultants from Alter Solutions Germany have captured the state of IT security in our company very well. Especially in the various areas of the IT security organization, the analysis of the respective maturity level was comprehensible and appropriate. I particularly liked the fact that the results report did not contain a mere list of security deficits, as is often the case, but rather well-founded and individually created recommendations for action. The safety measurement itself did not cause any restrictions in day-to-day business, so everyone could go about their work as usual.“

FAQ

Is the IT Security Check SME performed on our premises?
No, the IT Security Check SME is performed completely remotely from the offices of Alter Solutions Germany or the home offices of the Certified Security Analysts. All coordination with you takes place via online meetings.
At what times is the IT Security Check SME performed?
The service is performed during our office working hours Monday to Friday between 08.30 – 17.30, except on national holidays. On request, we can arrange individual implementation times with you in individual cases.
Do we need access to your company network?
Yes, we need access to your company network to conduct the internal penetration test. You can provide us with this by providing VPN or SSH access. Alternatively, we will send you the ASD Connectivity Box in advance to obtain network access.
What is the ASD Connectivity Box?
The ASD Connectivity Box is a special piece of hardware that gives us secure access to your network if you are unable to provide us with VPN or SSH access. The ASD Connectivity Box establishes a connection between your network and our analysis tools.
How is the ASD Connectivity Box provided?
If the ASD Connectivity Box is required to perform the IT Security Check SME in your case, the box will be sent to you securely packaged via our shipping service provider a few days before we start our work. Once our work is complete, simply return the box to us using the enclosed return label. Shipping and returns are free of charge for you.
Who performs the IT Security Check SME?
The service is performed exclusively by security analysts employed by Alter Solution Germany who have at least 2 years of relevant professional experience and are certified as ASD Certified Security Analysts (ACSA).
What happens when we identify critical vulnerabilities?
Critical security gaps and vulnerabilities are reported by us to you immediately after verification and discussed with you. In this case of emergency, we do not wait until we have performed the service completely.
How are security vulnerabilities assessed?
We assess all identified vulnerabilities and weaknesses according to the Common Vulnerability Scoring System (CVSS). CVSS is an industry standard for assessing the severity of potential or actual security vulnerabilities in IT systems.
How is the results report structured?
In addition to the description of all identified security gaps and vulnerabilities, including recommended measures, the results report also contains a management summary in which measures for the improvement and further development of IT security at the organizational level are given. The results report is provided to you in English.
Will the results report be discussed?
Yes, we will discuss the results report with you in detail, explain our recommended measures and answer all your open questions. The discussion takes place within the framework of an online meeting.
Are we available to you to implement the recommended measures?
Yes, we are also available to implement the recommended measures if you wish. However, these services are not included in the scope of the IT Security Check SME and are offered by us separately.
What happens to confidential data to which we have access?
We are committed to absolute confidentiality regarding our clients‘ confidential data. A confidentiality clause specifying that we treat customer information confidentially is already part of every offer. Data used for the preparation of quotations is also subject to the same confidentiality obligation that is generally applied to all customer data. At the end of the implementation of each IT Security Check SME, all accumulated data is securely destroyed.
Can anything happen to our IT systems during the IT Security Check SME?
Unlike real attackers, we handle your IT systems very carefully to avoid possible failures. We always try to leave the systems undamaged, but we cannot eliminate the possibility of a system being affected by a failure due to one of our analysis measures. For such cases, emergency phone numbers are agreed upon to be able to react as quickly as possible.

All the information
at a glance:

Supply Chain Optimization Broschüre

Sample report of the IT Security Check SME:

Supply Chain Optimization Broschüre