Since May 2016, the European General Data Protection Regulation is effective. This regulation requires a processor of personal data to implement comprehensive security measures.
To plan and establish those measures is only the partial solution. Additionally, the effectiveness should also be measured.
Our Data Protection Check is designed to do exactly that. The goal is to verify the effectiveness of data protection measures by actively trying to bypass them. By doing that, we focus on technical and organizational measures.
The combination of several technical and social attack methods enable an extensive analysis. Part of such an assessment are attacks like penetration testing, phishing simulations and social engineering. The goal is to access personal data.
During a penetration-testing assessment, we analyze your organization from an external perspective and try to access personal data stored in your organization via the internet. As an alternative, we directly attack the wireless network infrastructure at your location. Using phishing e-mails, we send targeted e-mails to specified recipients. Additionally, we use social engineering methods to gain access to the organization’s facility. Subsequently, we try to access personal data or place backdoors in the IT network.
In order to be as efficient as possible, we plan the course of action individually with your team of experts.