The task

We support the federal authorities in various aspects of security management.

The challenge

The customer environment belongs to KRITIS (Critical Infrastructure of the Federal Republic of Germany), which leads to the highest requirements in terms of availability and data security / protection. In addition, social data are processed, the protection of which is particularly high.
Also due to the enormous size and complexity of the IT landscape with more than 250 applications on more than 10,000 servers, a well-thought-out structure of security concepts is required, which determine and document the high number of security measures consistently and up to date. The implementation of the measures in the technical systems requires a high level of organization.

our solution

IT security management is intended to ensure the confidentiality, integrity and availability of data and applications. Our consultants support the customer's security organizational unit in creating the IT security concepts, maintaining the IT security management system (ISMS) tools and in the audits for security certification according to ISO 27001. The technical units are supported in the creation of the partial security concepts in order to achieve a control loop between required measures and technical implementation. Software development projects are continuously supported in the implementation of constructive security measures.

In addition to IT security management, NorCom consultants advise and operate security applications, such as a PKI that complies with the signature law, with the customer. The high-availability operation of the applications (business process support), which implements the defined security measures, supplements the actual security management.

The customer benefit
We enable the federal authorities to provide secure digital offers for their employees, customers and institutions and to fulfill their legal mandate.