Important information
for your IT security

Newsletter: New partners. New solutions. More security.

We were at it-sa in Nuremberg and discovered the most exciting security topics for you!

There was a lot to discover at this year's it-sa and so that you can benefit from it directly, we are not only presenting these topics in our current newsletter, but have also already concluded partnerships with the providers. This way, we can ensure that you have access to solutions that will take your IT security to the next level.
We would like to tell you about the following new topics:

DriveLock

DriveLock is a comprehensive European IT security solution that helps companies protect their end devices, data and applications against cyber attacks and data loss - either locally or via the cloud.

🛡️ What is DriveLock?

DriveLock is a German IT security product that works according to the Zero Trust principle ("never trust, always verify"). It offers protection against cyber threats through a modular platform called HYPERSECURE, which is available both locally (on-premise) and as a cloud service DriveLock DriveLock.

🔧 Overview of the main functions

Device Control
Controls the flow of data via USB ports and other interfaces to prevent unauthorized data transfers.
Application Control
Prevents the execution of unknown or malicious programs by whitelisting.
BitLocker Management
Centralizes the management of Windows hard disk encryption and securely stores keys.
Encryption Solutions
Encrypts files, hard disks and mobile data carriers to protect sensitive information.
Defender Management
Optimizes and manages the security settings of Microsoft Defender and other Windows security features.
Security Awareness
Integrates training and advice directly into the working environment to increase employee safety awareness.
Vulnerability management
Detects vulnerabilities on end devices and helps to eliminate them.
Risk & Compliance Monitoring
Monitors activities on end devices and supports compliance with legal requirements.
DriveLock 365 Access Control
Controls file shares in Microsoft 365 and prevents unwanted data sharing DriveLock ProSoft GmbH.

☁️ Deployment options

On-Premise
The software is installed and managed locally within the company.
Managed security services (cloud)
DriveLock hosts the solution in the cloud - ideal for scalability, lower costs and easy DriveLock management.

✅ Advantages for companies

Flexible and modular - adapts to individual requirements.
Made in Germany - ISO 27001-certified and multiple award-winning.
Zero Trust Architecture - proactively protects against threats.
Central administration - reduces effort and increases transparency.

Enclaive GmbH

Enclaive GmbH is a security platform for confidential data processing in multi-cloud environments that helps companies protect sensitive information even in insecure cloud infrastructures - without changes to code or existing processes.

🧩 Main components and products

Vault
Centralized secret management for multi-cloud environments. Keys are managed outside the cloud to increase security and control enclaive.io.
Nitrides
Identity management for workloads. Only verified applications are granted access to sensitive data enclaive.io.
Buckypaper
Confidential virtual machines for on-premise hosting. Migrations are possible without changing the code enclaive.io.
Dyneemes
Kubernetes cluster with hardware-based security boundary for confidential applications enclaive.io.
Confidential Nextcloud & Gitlab
Hosting of popular applications with zero-trust security and complete data sovereignty enclaive.io.
Confidential Databases
Databases with 3D encryption - protection at rest, during transmission and use enclaive.io.

☁️ Provision and use

Multi-cloud capable
- Enclaive works across clouds and offers a universal platform for confidential data processing.
Zero Trust Architecture
- Applications are protected against access by infrastructure or cloud providers.
Flexible use
- Available as a license, OEM product or managed service via the Enclaive Confidential Multi Cloud Marketplace (EMCP) Utimaco.

✅ Advantages for companies

Data sovereignty - even the cloud provider has no access to content.
No code changes necessary - existing applications can be protected directly.
Compliance with NIS2, DORA, CRA - supports regulatory requirements of the EU Security Insider.
Ideal for sensitive sectors - e.g. healthcare, finance, public administration.

Valuze GmbH

Valuze GmbH is an IT service provider from Fürth that supports companies in their digital transformation - with a focus on Microsoft cloud solutions, cybersecurity and AI-supported services.

💼 Core services

Protect your Microsoft 365 cloud environment and set it up for the future
Carrying out an in-depth analysis of settings and services
All results are evaluated and presented according to A-B-C criteria.
This results in corresponding recommendations for action, which can be implemented at the company's own discretion.

✅ Advantages for companies

Protection of sensitive data.
High security through elimination of weak points.
Sensitive data is essential and worth protecting for every company. It is important to identify it and map its flow.
Clarify who, when, where, why and how this data is accessed and how it can be processed

✅ Zero Trust.

Trust no one.
The fewer rights, authorizations and accesses users and applications have, the more secure your company data is.
This data-centric approach is based on rights and access that are tailored to roles, resources and applications.
This improves the protection of your Microsoft environment immensely.
Third-party services are traditional gateways and are also checked.

Your profit:

Lean Management & Continuous Improvement.
Lean processes and continuous development.
Avoidance and elimination of wasted resources, thereby reducing costs within the company.
Improvement of environmental performance and minimization of life cycle costs.
Constantly changing framework conditions make regular adjustments and reviews necessary. This ensures that the processes always run as well and efficiently as possible

EXCERPT FROM THE SCOPE OF ANALYSIS

Global Tenant Settings & Security Management

General review of compliance-critical settings, current user rights and global user and group policies, based on a best-practice approach.
Other areas include mobile devices, Defender Services (if licensed) and checking for current security incidents. If required, we can also check hybrid infrastructures

Exchange Online/Server

General analysis of the Exchange settings, the mail server and, if required, the hybrid configuration.
Checking patches and security policies as well as global mailbox settings such as mailbox auditing

Teams, SharePoint & OneDrive

Guidelines for sharing functions, guidelines for collaboration with external employees are reviewed
Files shared externally
Activity analysis of the current SharePoint sites
Activity analysis for Microsoft Teams

Azure Active Directory

Review of password and authentication policies (such as multi-factor), service principals
Analysis of enterprise applications. Guest authorizations and access by external users are also checked

Search for compliance management tools

We took a look for our customers:

Read more about compliance management tools

SECJUR

Secjur is a German legal tech solution that uses its Digital Compliance Office to help companies meet data protection, information security and other regulatory requirements - without complex Excel spreadsheets or expensive consultants.

🔧 Main functions

Automated compliance workflows Step-by-step wizards guide you through certification processes such as ISO 27001 or GDPR.
Custom frameworks Companies can define their own compliance standards or combine existing ones.
Cross-mapping Linking of different standards to simplify audits and documentation.
AI-supported document analysis Automates the review and structuring of legal content.
Central platform for legal & compliance All tasks, deadlines and documents are available digitally and from any location.
Secjur is particularly suitable for start-ups, SMEs and organizations that want to achieve compliance quickly and in a structured manner - even without their own legal department or CIS

Dataguard

DataGuard is a German company that offers a combination of Software-as-a-Service (SaaS) and personal consulting. The aim is to make data protection and IT security accessible and feasible for companies of all sizes - without complex processes or prior legal knowledge.

🔧 Main solutions

Privacy-as-a-Service support for GDPR implementation, including data protection documentation, training and an external data protection officer.
Information Security-as-a-Service Support for the introduction of an ISMS (Information Security Management System), e.g. in accordance with ISO 27001 or TISAX.
Compliance-as-a-Service support for regulatory requirements such as NIS2, Supply Chain Act or Whistleblower Directive.
Platform for compliance management Digital interface for managing all tasks, deadlines, documents and measures - including audit preparation

Formalize

Formalize is a RegTech provider based in Denmark that specializes in the digitalization and automation of compliance processes. The platform is aimed at companies of all sizes and offers solutions for information security, data protection and whistleblower protection.

🔧 Main functions

Compliance Operations Platform Management and implementation of standards such as NIS2, DORA, ISO 27001 and GDPR - including risk and incident management.
Audit and form builder Creation of individual audit processes and forms for documentation and tracking.
Supplier audits & risk management Automated assessment and monitoring of third-party suppliers and internal risks.
Custom Frameworks & Cross-Mapping Create your own compliance frameworks and link them across the board.
Dashboards & reporting Real-time overview of risks, incidents and measures - ideal for management and stakeholders

Would you like more information about IT security?

Then simply get in touch with our experts.

Nikolas Rösener

Security Expert