Interview on IT protection for companies with Niko Neskovic, Managing Director of NetComData GmbH
Where do you see the greatest risks when it comes to data management security? manual attention
“I see the greatest danger in the fact that management and employees still assume that once-installed security programs and a one-time warning about email handling are sufficient to ensure that data, IT infrastructure, and documents within the company are secure forever. But that’s not true. Everyone knows that their smartphones update every few months. And that’s very important to all of us to ensure that our personal data remains protected. And it’s not just about external threats; there are also internal dangers lurking.”
What do you mean? manual attention
“Well, data must be secure not only during transmission, but also during administration. Unmaintained and outdated servers or IT infrastructures that have grown disorganized pose not only functional problems with issues like synchronization, logging, and compliance, but also with regard to system stability. Unfortunately, some companies often only react when the damage has already been done, meaning the incident has already occurred and the systems have crashed. I can’t understand that, because the financial losses are much higher than if infrastructure and security are continuously maintained. Because in addition to the need to rescue the entire system in such a case, not to mention the data, the company is paralyzed and cannot work. In some industries, even a few minutes of downtime can result in millions in lost revenue – not to mention reputational damage.”
So is it enough to keep the infrastructure up to date to guarantee security? manual attention
“No, that alone isn’t enough. IT security is shareholder database always a combination of technology . The best security system is useless if the spam email is clicked anyway. However, well-timed security patches can help protect against new viruses, Trojans, and other hacking methods.”
How do you know when a security update is necessary?
“Unfortunately, there’s no general answer to this question. The world of hackers is becoming ever faster and more sophisticated. It’s not easy for people unfamiliar with IT to assess when action should be taken. However, hiring an external service provider to handle such monitoring costs little on average per month, considering that an incident in a medium-sized company can completely jeopardize its existence and that of its employees. External service providers offer 24-hour services with appropriate monitoring, meaning the systems are monitored with specialized technology and competent know-how. Adjustments are always made in accordance with current GDPR standards and techniques. IT security is a toolbox that can only be properly handled by professional providers.”
You spoke earlier about “,” what do you mean by that?
“Well, this affects management levels and employees within a company – in other words, the people. Fundamentally, they should be aware of current threats and be able to specifically identify them. For example, we offer Awareness Plus, a special training and testing program. There, participants receive an overview of what fake email templates can look like – and this is entirely industry-specific. Be it for government agencies, medical practices and clinics, or consumer goods manufacturers. The presentation styles vary greatly.
Furthermore, as part of Awareness Plus, we analyze sensitive areas within a company where additional training may be needed, and artificial intelligence and crm then provide support there as well. With the program, we make employees and management aware of the latest forms of phishing emails, trends, and developments in cybercrime, and thus ensure they work with a vigilant eye on data management in their daily work. This important component of IT security is sensible and affordable for every company. Here, we’re talking about an investment of five euros per user per month compared to the financial loss if an incident occurs or data is stolen.”
Do you have any SOS tips on what to do in case of a hack?
“Turning off the computer or unplugging it is one option – but it doesn’t help. Unfortunately, this is often a knee-jerk reaction from users, hoping that nothing else will happen. But the Trojan or worm eats its way through the system in the twd directory backend. The fatal problem is that in this case, we can’t retrace the course of the incident at a glance. However, this would be necessary to find the vulnerability. Instead of simply turning it off, please refer to your current IT emergency plan and follow these procedures. The most effective and fastest way to act here is with an experienced specialist, because they know every step required in such a situation inside out.”