IT Security Law
Germany’s parliament enacted the IT Security Law (IT-SiG) in July 2015 to enhance the security of IT systems of businesses with critical infrastructure. In addition to making reporting of security breaches obligatory, the law also includes provisions for a minimum degree of IT security. In practical terms, this means that businesses and organizations are required to implement and apply suitable technical and organizational measures that conform to the current state-of-the-art.
What does the IT Security Law require in the area of identity management?
According to the German Federal Office for Information Security (BSI), reliable protection of critical systems and data should be implemented with an integrated security solution that supports strong two-factor authentication at a minimum. Strong authentication goes well beyond the security provided by a single password. It requires other components (factors) to determine the identity of the user with certainty. The “knowledge” factor (password or PIN) is extended by the addition of another factor – the “possession” factor (smartcard, token, etc.) or “biometrics” (fingerprint, voice, etc.).
Specifically, an authentication solution that is viable for the future must offer the option of using different authentication factors flexibly, e.g., one-time password generator hardware, smartcards, USB tokens and soft tokens.
Initial consultation with no obligation
Give us a phone call, send us an e-mail or fill out our contact form. We are eager to hear from you and look forward to a conversation.
Services for businesses
Besides assisting in the selection process for the right solution, we can also offer extensive IT services as well as consulting and workshops.
We offer a broad range of services – from a Full Service package to technical and logistical support as well as individual collaboration projects.
How can we support you?
Contact us right now …