It is often only when the damage has been done that the subject of information security becomes a matter for the boss. The search for what caused the damage in the first place then shows that several aspects have been considered - firewall, virus protection, backup - but that others have been completely ignored. When you start looking at the many measures that are required, it soon becomes obvious that efficiency and cost effectiveness are the greatest challenges facing a functioning information security management system (ISMS).
A tried and tested standard like the BSI's basic IT protection ensures that those concerned with security first have to define what topics are most pressing in their own company before they start implementing measures. In its document 100-1, the BSI translated and modified the international standard ISO 27001. It can be downloaded free from the BSI website.
Because of the many different measures required, implementing basic IT protection can seem very complicated and difficult to get off the ground. SerNet offers an open source tool as well as consulting and audit services to help you.
Seminars
SerNet provides training courses and workshops to implement basic IT protection with verinice. Get more information here: training courses from SerNet GmbH
