Welcome to a digital world without worries about data protection and your system security.
IT security right from the start
Do you believe that a car can be made safe by retrofitting crumple zones, airbags and seat belts? No? Neither do we. That’s why IT security is integrated into the design and development processes of your solution right from the start. Beyond all milestones.
Cost reduction through shortened project duration
Security champions in all teams are involved in every step of the development. This rules out the possibility of intervening too late. This guarantees you cost reductions by shortening the project duration.
Security does not work run-of-the-mill
Each application is individually hardened for the respective system-specific attack vectors and corresponds to the current state of the art of the present and future. We do not think in ready-made grids, because IT security also requires creativity.
International and professional standards
We stand for quality. For us, security is a subset of quality. That’s why we follow tested, international security guidelines, best practices and recommendations from organisations such as OWASP (Open Web Application Security Project). Our Information Security Management System (ISMS) is based on ISO 27001.
Security: a question of high standard.
A holistic security concept requires not only trained experts, but also a team-wide sensitivity to security issues and the ambition to set high standards.
IT security concerns everyone
The implementation of the ISMS and our secure software development are based on the fundamental idea of participation. Thus, depending on the topic, all relevant employees are involved in the security processes and participate in the implementation through a lively exchange on short paths. We rely on the use of security champions. In every project team there is at least one developer who is specialised and individually involved in the topic of IT security for your solution.
Pentests and audits
Micromata carries out regular, independent penetration tests as well as system audits of the existing systems. The tests are carried out by independent developers who were not previously involved in the development or implementation of the software to be tested. Specific pentest topics are discussed in an exchange circle and the know-how and knowledge are jointly expanded and intensified.
Central and external know-how
In addition, our central security team works exclusively on all aspects of security across our entire system landscape. To ensure that the external perspective is not lost, we also work closely with an information security officer from Datenschutz-Nord.
There is a constant exchange between our security champions in the project teams, our central security experts and the external information security officer. Current security topics are discussed, knowledge is shared and the ISMS is further developed. The security team meets daily in order to cope with the fast-moving nature of security incidents and to be able to intervene quickly if necessary.
Beyond the standards
As an option to the standard security aspects, Micromata also recommends the development of abuse cases that simulate special attack vectors such as the use of forged document numbers or leaked data. Corresponding security functionalities can thus be implemented preventively.
Our IT security measures include:
- Authentication of technical and business users
- Network authentication of the systems
- Ensuring integrity
- Marking of confidentiality levels for the user
- Encryption of data, passwords etc.
- IT security-critical vulnerabilities
- User authorisations and their assignment
- Logging of data
- Input and output filters