Choosing your own cloud - GDPR-compliant and without compromises

tbd.

Mobile Device Management with Relution - Device Management for schools and SME

The Corona Crisis has shifted workplaces and classrooms into the digital space. In the process, home offices and classrooms present new challenges for everyone. With Mobile Device Management Relution, Apple and Android devices can be managed remotely, regardless of manufacturer. In this way, devices purchased by the company or school authorities, or even private devices, can be used securely and conveniently in the company and school context. We have recently become official partners of Relution.

The procurement of mobile devices raises the question of central administration for IT managers. Simple operation with a German-language interface and, in particular, compliance with data protection (DSGVO) are unavoidable criteria in the search for a suitable solution. The platform-independent Mobile Device Management Relution from the German software manufacturer M-Way Solutions meets these requirements. The two versions Fully Managed and Supervised enable full control over the remote management of devices. With the use of Workprofile or Bring Your Own Device (BYOD), private devices can also be used. This makes the software interesting for different application scenarios in schools and also for SMEs. The strict separation of private and work-related data is ensured by appropriate configurations. The multi-client capability of Relution makes it possible to provide separate areas for different fields of application. Managed devices can be configured so that only selected functions, apps and content are available to users and specific access rights are granted. By connecting to existing systems, user directories can be integrated for authentication and local shares for secure file storage.

The software does not store any data in a cloud, can be easily integrated into the existing IT infrastructure and operated locally. Relution scores well on the topic of data protection, and that is important: Not only does the GDPR classify the data of underage students as particularly worthy of protection, but data in the corporate context should also be well protected. In addition to the necessary professional and technical aspects, Relution also fulfills the legal aspects. As the software can be operated regionally as SaaS (Software-as-a-Service) as well as on the company's own infrastructure, the risk of data misuse is significantly reduced. Here, Relution itself takes a stand on the topic of digital sovereignty for education: https://relution.io/news/digital-sovereignty/

As a full-service provider, we help both school boards and companies with their own data protection. We develop individual concepts for different requirements. Simply contact us without obligation if you need further information.

Further information on e-learning in the field of education can also be found at https://www.aixzellent.com/en/premium_e-learning and for SMEs at https://www.aixzellent.com/en/premium_applicationhosting.

Home office at the time of corona pandemic

Since the end of 2019, the lung disease COVID-19 triggered by new coronavirus SARS-CoV-2 has been spreading rapidly, has reached Europe in the meanwhile and has quickly developed into a global pandemic. "Flatten the Curve" is now the order of the day: the spread of infections has to be slowed down as much as possible to prevent the health care system from collapsing. Now, more and more companies are preparing for home office. This is not just a tool to slow the spread, but in worst case the only way to keep the business going. Groupware functions and cloud services are fundamental for a functioning home office.

Businesses can help keep the contagion curve flat. As a precautionary measure to prevent the virus from spreading, people are working exclusively in their home office for several weeks and reduce contact to other people to a minimum. Even the absence of work and the lack of direct contact between the workforces can slow down the spread of the corona pandemic.

The right equipment: Compared to a large monitor with keyboard, a laptop is not an equivalent work tool. Tips for setting up the workplace and aligning the desk and office chair can be found, for example, at https://media.t3n.de/redaktion/homeofficeguide/t3n_Homeoffice_Guide.pdf. There you will also find tips on digital offers for children and important hygiene advices for time at home.

The exchange of data should generally only be encrypted (TLS/SSL) and take place via a virtual private network (VPN), which is set up by the IT department. In order to be able to protect and exchange company-internal data securely, a VPN is necessary and must be provided with a safe operating concept, so that no hole is torn in company-internal IT security measures. In this way, employees can be provided with secure access to the company's internal network. If you want to exchange data quickly, easily and independently from end devices in another way, you will find an alternative with open source clouds. Since numerous public cloud storage services are not compatible with the GDPR, alternatives such as Nextcloud should be used:
→ https://www.aixzellent.com/de/premium_privateclouds.

The distance also changes the communication structures of the teams internally and externally. Messenger programs and the possibility of video conferencing are an important tool for collaboration in remote workplaces. There are also challenges here: The video connection may not work if employees live in an area that is not yet connected to fiber optics or the bandwidth for the private connection could not allow a bandwidth to be linked to professional requirements. For video conferencing, there should be a technical infrastructure with upload speeds of more than 10 Mbit/s if possible. Project management tools help planning projects and to-dos, given they are not already integrated as accompanying project structures anyway.
In general, the following applies to IT security issues: All tools used should be discussed and set up with the company's data protection officer. Scammers and other criminals are already trying to use the crisis. IT administrators who otherwise quickly take care of maintenance tasks personally in the office instead of explaining it to all employees must now find other ways of performing their tasks. For remote maintenance, we recommend solutions such as NoMachine or Teamviewer. With these tools employees can access someone else's computer and quickly provide help with IT questions and problems.

Another problem with home office: executives can no longer see their teams working and thus have doubts about their productivity – regardless of whether these doubts are justified or not. Only the results achieved should count in reality, however, there is a different situation at many companies. Regular reports can keep managers up to date and doubts can be proven wrong.

The previous investment in digitization is now paying off for companies. If documents and relevant information are available electronically and processes have been adequately, digitized, permanent work at home office is possible. The current crisis is driving the digitization of working life and integrating the internet into everyday work. If the home office is approached correctly, it can be more productive even for teams than in the office. However, the right hardware and software, a suitable workspace and way of working are essential. Challenges remain, but maybe this is the chance to try out home office with the entire team. In general, we all have to slow down the spread of the corona virus as much as possible and protect the weakest in society. Let us keep the Covid 19 disease rate as low as possible!

If you have any further questions, aixzellent team is available at any time by phone and email.

Our proposal regarding the DSGVO: Data minimisation comes first!

Since protecting your data is our top priority and on the occasion of the entry into force of the new EU Data Protection Regulation (GDPR) on 25 May 2018, we would like to introduce our proposal for a privacy policy which emphasises the principle of data minimisation (Article 25) to you. To minimise the extent to which personal data are collected and processed, aixzellent completely renounces the use of external analytics tools such as Google Analytics.

Instead, the behaviour of users visiting our website is analysed completely anonymised and exclusively internally by ourselves with the open source web tracking tool Piwik. This means, in contrast to the use of Google Analytics, that collected data is never transferred to and/or used by any third party. In this way, we can also guarantee that all data is stored exclusively on servers in Germany and thus never transferred to any country with possibly questionable data protection regulations.

The full privacy policy for using our website can be found here. If you have any questions, please feel free to send us a message to sales@aixzellent.de!

Home office tools: Not everything that glitters is gold...
(Open source) alternatives to commercial messaging and video conferencing tools

The current life situation is limited due to Covid-19. But possibilities of communication in home office are unlimited: Phones, private landline phones, chat programs, email, video conferencing and much more. The increase in home office jobs is pushing the use of collaboration solutions and video conferencing tools and giving them a boom that has never been experienced before. The increasing popularity is now fatal for many providers.

A look at well-known providers underlines the rush for messenger and video conference tools: Slack reports an increase in connected users from 10.5 to 12.5 million within a few days. Microsoft Teams has now passed the 44 million daily user mark. Google is also benefiting from the boom in virtual meetings: The use of Google's "Google Hangouts Meet" solution is 25 times higher than in January. Zoom was also able to benefit from the current situation. The video conference tool is most notably valued for its user-friendliness, its price structure and its simple deployment. But Zoom has now attracted a lot of criticism, especially when it comes to security: insufficient encryption of calls, security gaps, data exchange with Facebook or leaked emails and photos of users.

Fortunately, there are many exciting alternatives that are also available as an open source solution. We have selected three safe and user-friendly messenger and video conference tools for you:

Mattermost, riot and Zulip

The web-based messaging solutions Mattermost, Riot and Zulip score with cross-platform availability. You have your own desktop clients as well as clients for mobile operating systems. Direct messages, group messages, archives and data transmission are available in all three applications. Riot also offers video and internet calls. These functions have so far only been available to a limited extent with Mattermost and Zulip. Riot can also score with end-to-end encryption; the other two services have transport encryption.

Jitsi Meet, Kopano Video Meetings and Mikogo

Jitsi includes several open source projects that make it easy to conduct secure video conferencing. It was acquired by 8x8. The open-source software Jitsi Meet enables video conferences with one or more participants. In addition to video or audio chat, Jitsi Meet also offers the functions of desktop sharing and screen sharing of certain windows to present content. In addition, an integrated chat function is available to share text-based content with other participants. In addition to the web interface, Jitsi Meet is also available as an app on Android and iOS.

The device-independent software Kopano Video Meetings was developed for use in companies and allows "peer to peer" encrypted communication. It can be rolled out within a private cloud. Features include video and audio calls, one-to-one calls, and group calls.

You can display your own selected screen content via Mikogo and thus make it accessible to other authenticated users. Remote control of the screen is a big plus for this provider. After the necessary rights have been assigned, the presenter can take control of another computer and vice versa. With the integrated whiteboard function the presenter can also mark out screen contents or add comments. Locking and unlocking participants, recording sessions, and a session planner are also useful features.

----------

One last thing:

If you want full data sovereignty, you should set up your own server. If you lack the know-how or the time required to do this, many providers can host their own servers. We also take care of the setup, the individual configuration, the ongoing operation and the required power. We are always available for questions!

Tracking Cookies - Currently still illegal!

Cookie Banner:

• The banners show an overview of all processing operations requiring consent, which can be explained and activated in function.

• Access to privacy and imprint may not be prevented by cookie banners.

• Before and while the banner is being displayed all further scripts from a website or web app are blocked if they can potentially capture user data. Only after approval, the data processing may actually take place.

• Without the option to refuse cookies it lacks the required voluntariness.

• A consent must be revocable as simple as possible.

As of late Cookie banners have been appearing almost everywhere. For most of the time they cover the content when visiting a website and require an "accept" or "ok". This could be seen as a direct implication of the General Data Protection Regulation which was released at the end of May 2018.  Accordingly, this task should first have been taken over by the European E-Privacy Regulation, which still does not exist. Thus, shortly before the entry into force of the GDPR, a position paper was published which required explicit consent of users regarding site tracking mechanisms. Through creating a user profile these mechanisms are able to track the behavior of people on the internet. According to the position paper the informed consent must "be obtained in the form of a statement or other clearly confirming act before the data processing"¹. From the beginning this special route of consent solution was very controversial.

By examining 40 websites of larger providers in early 2019, the Bavarian data protection authority found out that not one provider meets all the strict requirements. Many of the currently displayed banners are clearly unlawful. Especially the missing option of rejecting cookie usage is a common problem. In addition, operators must present the processing of data to users in a transparent and comprehensible manner. In addition to a listing of the individual forms of processing, the function of a specific consent to individual forms of data processing is often absent. Only then will it be possible for users to make decisions with the complete knowledge of the specific situation and to understand the scope of the consent. It has to be acknowledged that in specific cases, the interest of the website provider has to be weighted with the interest and the fundamental rights and freedoms of the individual user. Even after a year, there is still much legal uncertainty in this area.

Is there no alternative to the use of the most popular social media & messenger services? Not at all!

Almost everyone uses social media and messenger services every day... But why is this almost exclusively limited to Twitter, Facebook, WhatsApp and Co.? The most obvious answer seems to be: Because most people are active in these networks which allows a particularly broad range – both to reach others as well as to be heard by others. If everyone persists on this viewpoint, unfortunately, nothing will ever change – although there are much more good reasons to use alternatives than to stick to the most widely used networks, thereby supporting their monopoly.

If you want to make use of services like Facebook, Twitter, WhatsApp and Co., it is unavoidable to agree to the general terms and conditions as well as to the data protection guidelines. But honestly, who reads all this every time? This is even though everyone should always have read everything in the small print to give consent consciously. In the currently valid terms and conditions of Facebook (as of January 30, 2015), for example, users explicitly must give their permission to a worldwide license which allows the platform to use all published contents (texts, photos and videos) which are actually protected by the right of intellectual property.

This means that ownership and control over all published content must be handed over to third parties forever and irrevocably, while allowing Facebook additionally to collect and use this information for its own purposes. If you do not want this, you de facto cannot use the network anymore. This should be clear to everyone. With Twitter, it does not look much better. Regardless of the country from which you provide your data, you must authorise the company to reuse all information in the US and in any other country in which it is active. Consequently, it remains perfectly unclear where personal data are spread and used.

The updated terms and conditions of WhatsApp published last year make the use of the service almost impossible, too, since you must confirm that you are authorised to transfer the contact data saved in your address book to the company. Not a single user of the messenger has probably obtained such permission from each individual contact. Consequently, the use of such services does not only lead to a negligent handling of one’s own data, but also of those of completely uninvolved third parties. Even worse – this does of course also affect those who have deliberately decided to use alternatives to protect themselves against this madness. Therefore, it should be clear to everyone that everybody does not only bear responsibility for his own data, but also for those of others.

This should rouse even those with a “I do not care attitude” at the very latest and motivate to use services such as Diaspora, Mastodon, Signal and Co. Instead of storing data on huge central servers belonging to large organisations located in regions with questionable privacy guidelines, local servers (pods) can be set up anywhere in the world for the free use of the social network Diaspora. Therefore, you do not only decide with which pod you want to register, but you will also always preserve the rights over your data. Another decentralised free alternative on open-source basis is the 2016 in Germany developed microblogging service Mastodon.

Here, so called toots are posted instead of tweets. In addition to the self-determination how the content of these toots will be used, they allow the utilisation of up to 500 characters. Moreover, there is a particularly recommendable alternative to the messenger service WhatsApp taken over by Facebook in 2014 which treats data security as top priority. If Open Whisper Systems was forced to release data from Signal users and their communication, the company would only be able to provide their registration date and the time of the last login. Everything else is neither visible nor saved, but is encrypted just as any content.

The bottom line is that Diaspora, Mastodon, Signal and Co. are clearly more transparent and user-friendly platforms than Facebook, Twitter, WhatsApp and Co., on which the user, his interests and, above all, data security are clearly in the focus. All laws for the protection of personal data will be ineffective and useless if providers constantly disregard them, while users support this behaviour by using such services. Therefore, anybody should constantly ask him-/herself whether he/she is aware of and constantly giving sufficient consideration to this responsibility. If this question cannot be answered with a clear “yes” in any case, it will be high time to build up a second mainstay, as well as to convince family and friends to also use it exclusively in the long term.

Further services, information and comparisons are available via http://alternativeto.net abrufbar.

[Sources: https://de-de.facebook.com/legal/terms, https://twitter.com/de/tos, https://www.whatsapp.com/legal/?l=de, https://diasporafoundation.org/, https://mastodon.social/terms, https://whispersystems.org/, https://www.aixzellent.com/de/facebook]

IT security with aixzellent

As awareness of secure IT continues to grow, we are also receiving more and more inquiries regarding the security of our systems. We have now summarized the most important information.

Your servers

Servers that we set up on behalf of our customers are hosted exclusively in Germany in compliance with the EU-GDPR, unless the customer requests otherwise. Hetzner has long been the data center we trust and it is certified according to DIN ISO/IEC 27001. The certificate proves adequate security management, data security, confidentiality of information and availability of IT systems. It also confirms that security standards are continuously improved and monitored on a sustained basis.
Physically, Hetzner's data center parks are broadly protected. The security systems include a high-security fence, video surveillance, visitor badges, access authorizations, transponder chips and an early fire detection system.
The networks, systems and data are also broadly secured on the part of Hetzner. DDOS protection, firewalls, security updates and backup servers make this possible. More information about security at Hetzner is available [here].

Your systems

Setup

Our systems are all configured and operated with special attention to information security (CIA: Confidentiality, Integrity, Availability). We make sure that only really necessary accesses are directly accessible from the Internet. Everything else is only accessible from our management network to minimize attack surfaces from outside. Automatic provisioning and 2-factor authentication are also standard for the management services set up.

24/7 monitoring

The security of your data and communications is our top priority. Your systems are therefore monitored on an ongoing basis. For their part, the systems and procedures used are subject to constant maintenance and updating, so that your systems and data are also protected against the latest methods of attack. In addition to the "classic" passive security measures, we also rely on procedures such as "Active Defense".

Communication always encrypted

In addition, we support the highest possible security standards and always transmit data exclusively via an encrypted SSL/TLS connection. We generally use validated certificates for this, which are set up on your systems. This ensures the highest standards. We usually only allow exceptions to encrypted communication for your websites and as a fallback solution, e.g. for the mail server (server-to-server communication), as unfortunately there are still mail servers on the Internet that cannot handle secure encryption.

Regular backups

Regular backups, which are also stored encrypted on separate hard disk storage (RAID5), form the basis for your long-term data security.

Our employees

The employees responsible for setting up and managing your servers are certified as BS basic protection practitioners.
More security (e.g. through HA, VPN, additional encryption etc.) can of course always be added in individual cases!

Do you have further questions? Please feel free to contact us at any time!

GDPR for Consumers: Power to the People

The GDPR can mean a lot of work for companies which have not yet dealt with the topic of data protection and might therefore be perceived as disadvantageous. However, this should not be the case because those working with personal data have a certain responsibility to protect them. Therefore, we advise website operators to be as economical as possible in collecting, storing and processing such data. Please see in this regard also the summary of key points for handling personal data (07/2018).

For consumers, the standardisation of European data protection directives is in any case a great benefit and success. One thing is of particular importance to this end: Customers must be informed in more detail how their personal data are used and they have the right to object to this use at any time. To provide a precise idea about which rights consumers will exactly have in the future and how they can benefit from the GDPR, the following summary provides an overview of the most important innovations and what they mean for you.

Scope: The GDPR applies to all EU citizens whose rights it strengthens. Companies are from now on obliged to provide information about which personal data they collect, process and store for what purposes and how long. This also applies to any company which is not based in the EU as soon as they direct offers to European consumers. Thus, it applies to major US companies such as Google, Facebook and Co. as well.

Privacy by default: Essentially, only those personal data should be collected and processed which are absolutely necessary! This means also that companies are required to take care of data protection-friendly default settings. For example, when placing an order via a web shop, the name and delivery address are indispensable. The phone number is for instance not necessary to process the order and should therefore not be mandatory. In addition, companies may of course offer their customers to subscribe to their newsletter by activating a corresponding op-in box. This box should, however, not be pre-activated. Also regarding apps, for example, the microphone or access to photos etc. may not be enabled automatically.

Duty of information/plaintext: Since the GDPR came into force, companies have to inform their customers in detail about the purpose, the processing and the duration of storage of their personal data. However, this must be easily understandable for anyone and limited to the necessary minimum. A clearly formulated privacy policy should be available directly on the homepage of each website. If any data is passed on to third parties, the consumer must be informed about who will get access to his/her personal data. In addition, he/she must explicitly agree to this data transfer. Should there be any incident regarding a customer’s personal data, companies are obliged to inform him/her about this without delay.

Answer/information obligation: Companies have to inform consumers on request about their rights. In addition, they must provide any information about what data they have currently stored, for which purpose, for how long, as well as if and to whom they will be given. Such requests must be processed free of charge within four weeks.

Data Degradation & Right to Forget: Consumers have the right to request the immediate and complete deletion of stored personal data at any time. This right excludes for instance billing information which must be stored under German law for 10 years. Likewise, companies are obliged to destroy personal data immediately after the expiry of such deadlines or if the purpose of the storage has ceased to exist.

Data Copy & Data Portability: Companies must provide their customers on request with an electronic copy of their personal data, for instance as PDF. Moreover, they should for example in the event of terminating a contract provide the consumer with his/her data in a common electronic format in order to facilitate his/her migration to another provider.

Supervisory authorities: Customers have principally the right to address the responsible supervisory authority for any data protection concerns or doubts.

Although some of the provisions and wording of the new EU data protection directives are not yet fully defined, the GDPR is overall a big step in the right direction, finally allowing consumers extensive rights which are fully justified. Please do not hesitate to contact us if you have any questions, we will be happy to help. [Source: Kompac't 1/2018]

aixzellent als Marke eingetragen

Im Spätsommer 2012 wurde die Marke aixzellent erfolgreich in das deutsche Markenregister eingetragen. Sie wird seit dem für die erfolgreichen IT-Services der Theis Consult GmbH genutzt. Wir bündeln hier unsere Erfahrungen und unser Know-How in allen Fragen der IT-Beratung, -Konzeption und -Entwicklung für die öffentliche Verwaltung, KMU und Ingenieurbüros.

End-to-end encryption (I)
Increasing cooperations between IT companies and states – Is this the end of secure messaging in Germany?

Billions of data with a standard end-to-end encryption are sent and received daily. Meanwhile the surveillance interests of states and authorities are steadily increasing. For years opponents and proponents of encryption have been forming worldwide.

Many states want to massively expand the hacking capacity of state authorities: Not only authoritarian regimes but more and more western democracies nowadays see encrypted communication as a major threat to public safety. They demand to weaken encryption of communication and the ability to use spyware on smartphones. The encryption keys are managed by large Internet corporations, which can also specify who can access the plain text secretly. Access to these cloud systems or hardware implants for preempted data traffic interception is becoming more and more a focus. The big Internet companies such as Facebook, Google or Amazon are now so powerful that states seek to cooperate with them and the interests of users are taken less care of. The opponents demand a strong and secure encryption which, however, at the same time cannot interfere with investigations. However, a concrete and feasible implementation of such a technical solution does not exist yet.¹

Nevertheless, the pressure on suppliers is increasing and is currently very high, especially in the USA. Germany’s position is contradictory, but a turn away from a German cyber security policy seems more and more likely.

"This is demonstrated by the BKA law of June 2017, which legitimizes the use of surveillance Trojans on end devices such as smartphones, or the creation of the Central Information Security Authority (ZITiS), which is to develop the same surveillance solutions. While the encryption software remains technically untouched, the communication on the terminals should instead be read out before encryption by means of state monitoring software."²

In June of this year, according to plans of the Interior Ministry, encrypted messenger services should be forced to set up a listening interface.³ Thus, the operation of a secure messenger within Germany will no longer be possible.

----------
¹ https://netzpolitik.org/2018/fbi-klagt-ueber-verschluesselte-handys-mal-wieder/
² https://netzpolitik.org/2017/stiftung-wissenschaft-und-politik-warnt-vor-schwaechung-der-verschluesselung/
³ https://www.golem.de/news/crypto-wars-protest-gegen-entschluesselungszwang-bei-whatsapp-co-1906-141825.html

We celebrate our five-year company anniversary – celebrate with us!

After the brand aixzellent had been registered successfully in the German trade mark register in the late summer of 2012, we published our first news article on our new website five years ago. Since then, we regularly report on news, trends, threats, questions and products around the IT area. As a managed hosting provider, our focus is on data protection, encryption and secure, cost-efficient solutions for small and medium-sized enterprises (SMEs).

As successful IT service, we bundle our knowledge, our passion and our experience for the consultancy of our customers and the design of tailor-made open source solutions. What distinguishes us from other well-known hosting providers is our effort to offer our customers the highest level of security AND individuality at affordable prices. At the same time, we protect your data and systems 24/7 and assist you with advice and active support whenever needed.

We warmly invite you to celebrate this joyful event with us and to continue to benefit from our services in the future. And yet, it is worth to be quick! Our exclusive anniversary offer will safe you the monthly costs for all starter- and premium solutions up to 31-03-18! In addition to that, we grant you a special reduction on the set-up fee (starter 19€* instead of 29€* & premium 49€* instead of 99€*) for the implementation and installation of your aixzellent solution. After the 24-month term, the contract may be terminated on a monthly basis.

You are not sure which solution suits you best or you still have questions? No problem, we will advise you without any commitment and free of charge! Please do not hesitate to contact us at any time. You can find an overview of our starter- and premium- solutions here. We thank you for your trust and loyalty and look forward to the next years of successful cooperation with you!

Digital policy and the recurring state trojans

In the future, intelligence services will be allowed to use malware to spy on suspects cell phones. This is not a new idea. According to Seehofer, the "draft of a law for the adaptation of the constitutional protection law" is supposed to be an overdue step in the fight against terrorists and right-wing extremists. For years, attempts have been made to legalize such action under the term "state trojan". But authorities tend to fail mostly because of themselves.

The pattern that the Ministry of the Interior uses is well known: A comprehensible purpose - the security of society - is supposed to justify this invasive intervention. But this does not only harm those it is aimed at. And the fact that the very Ministry of the Interior, which vehemently rejects a study on racism in the police force in order to pursue right-wing extremist structures in the public service, clearly shows that there are actually quite different interests at play here.

The proposed approach

Messaging services such as Signal, Threema and WhatsApp transmit their data in encrypted form. If malicious software is installed on the source of the communication, i.e. the cell phone, PC or tablet, the communication can be read by this software. The installation could then be disguised as a software update. Persons who are generally under suspicion or suspected of a crime should in this way be able to be spied on digitally. The crazy thing about it: Telecommunication providers (such as Telekom) are supposed to support the authorities by obliging them to smuggle in the spy software.

Data protection concerns

For years, various authorities have been trying to expand the scope of action for investigating authorities. So far, the Federal Court has created strict guidelines for digital surveillance, but since 2017 the police have had considerable leeway.¹ And for years, data protectionists have also been warning that such trojans are technically illusory. A sharp distinction between ongoing communication - the actual target of the investigations - and the rest of the data is not possible. The verdict is also problematic in other respects:

The verdict is dominated by an idea of information technology systems that refers to concrete technical devices, social networks, e-mail providers and the cloud. But targeted systems with IP addresses are not only limited to laptops or cell phones: It could be cars, power plants, emergency call pillars or pacemakers. This means that not only could the most personal items be tapped, but that there could actually be danger to life and limb if such systems were infiltrated.²

In addition, the vulnerabilities that the software exploits to be installed on the device make it also more vulnerable to other attacks. It should be the government's intention to close these vulnerabilities.

The draft can be read here (german version): https://www.bmi.bund.de/SharedDocs/gesetzgebungsverfahren/DE/Downloads/referentenentwuerfe/anpassung-des-verfassungsschutzrechts.html

--------------------

1 Vgl. https://www.zeit.de/digital/datenschutz/2020-10/ueberwachung-geheimdienste-datensschutz-warnung-staatstrojaner-bundesregierung-schadsoftware/komplettansicht
2 https://www.ccc.de/de/updates/2016/staatstrojaner-bka

Our new video for the campaign "More Internet Security" is available now!

Just in time with our anniversary and on the occasion of the transition from Zarafa to Kopano, we have updated our video for the campaign "More Internet Security" and are pleased to present the result here. Based on DANE (DNS-based Authentication of Named Entities) and DNSSEC (Domain Name System Security Extensions) protocols, aixzellent has developed various solutions to secure your data in the best possible way. The protocols use origin authentication to ensure that no invisible third party (man-in-the-middle) can engage in, intercept, or even steal data. On the one hand, especially small and medium-sized enterprises (SMEs) are often faced with a major challenge due to the lack of resources and know-how. On the other hand, data loss can be very expensive, particularly for SMEs, with far-reaching consequences that can even threaten their very existence. In addition to that, the dangers of increasing digitisation are steadily increasing in frequency and refinement. Therefore, we made offering tailor-made solutions for such companies at affordable prices with first-class service our business. An overview of our offer can be found here. What is special about each of our solutions is that they are designed specifically for you based on what you need. In that way we can guarantee the highest level of individuality and that you will only get and pay for what you really need. In a personal conversation we take the time to advise you free of charge and without any obligation. Please do not hesitate to contact us.

Konzeption und Realisierung für das simTD Feldversuchslogging erfolgreich fertiggestellt

Im Auftrag von Hessen Mobil wurde erfolgreich eine Web-Smartphone-Applikation in nur 2 Monaten zur Logdateiverwaltung und -replikation konzeptioniert und realisiert. Die Verwaltung und Replikation der Logdateien des größten deutschen Feldversuchs in Sachen C2C/C2X (Car to Car/Car to Infrastructure) - simTD (Sichere Intelligente Mobilität) konnte so weitestgehend automatisiert und in die Prozesse von Hessen Mobil integriert werden. Es wird bis zum Ende des Feldversuchs mit bis zu 30 TB Datenvolumen in bis zu 10 Mio. Logdateien gerechnet.

2018 will be all about IT security and the implementation of the EU GDPR

According to the latest report IT security and privacy 2017 of the National Initiative for Information and Internet Security (‘Nationale Initiative für Informations- und Internet-Sicherheit e.V.’ NIFIS), protecting and securing data is and will remain the most important issue for the German economy. As a result, the sensitivity to this topic will continue to grow inexorably. For the report, 100 executives and specialists from the IT industry were interviewed and their results evaluated.

Multiple answers were possible to assess the trends of the future. 95 percent of the respondents believe that increasing awareness will determine 2018. 94 percent of them see the protection against hacker attacks as trend-setting. The implementation of the EU General Data Protection Regulation (GDPR) will determine the next year according to 92 percent of the respondents.

Many of the data protection principles and concepts of the GDPR largely correspond to the previously valid EU data protection directive 95/46/EC. Their regulations were implemented in Germany with the German Federal Data Protection Act (‘Bundesdatenschutzgesetz’ BDSG). The provisions of the BDSG for companies are largely replaced by the provisions of the GDPR.

Since the new provision is an EU law, it is directly valid in all Member States and does not have to be implemented at the national level. Following the transitional period settled on 25 May 2016, the EU GDPR will apply two years after its entry into force, so that it will apply to everyone as of 25 May 2018. As a result, developers, programmers and above all software architects will have to rethink security and privacy by design.

[Sources: http://www.nifis.de/uploads/media/NIFIS-PI1612AD-Trends-2017-Datenschutz.pdf, https://www.finanzen.net/nachricht/aktien/trendstudie-2018-steht-ganz-im-zeichen-der-it-sicherheit-5790188, http://www.nifis.de/veroeffentlichungen/news/article/studie-ausg/ – further information: https://dsgvo-gesetz.de/]

Redmine – Flexible Configuration, Version and Project Management

Atlassian – Professional Support for Your Knowledge and Project Management

Manufactory

Enquire now

Managed Hosting for WordPress – Unique web presence without any prior knowledge

Starting at
10,71€*/month

Starting at
34,51€*/month

Contact

Digital event

"Compared to similar events, our conference
was perceived as much more professional."

- Executive committee of the GfT e.V.

Your conference rooms
could look like this!

Statement on facebook

facebook is the largest global social network and is used enthusiastically by more than 1.5 billion people to share and communicate with friends all over the world. The use of the portal is free of charge but you have to accept certain conditions regarding privacy policies and the general terms (GTC). This is exactly the crucial point. Those who take the trouble to go through these documents will be confronted with a huge number of unclear and vague guidelines.

According to the currently applicable GTC (as of 30/01/2015) each user has to grant a permit for a worldwide license ‘explicitly’. This allows the corporation to use all contents (texts, pictures and videos) which are posted on facebook and protected by intellectual property rights. Moreover, for all contents which have been shared with others this IP-license does not even expire when you delete your account (Article 2.1).

This means in practice that the right of property and security of every post, every picture, every video, and anything else you publish on your facebook profile must always be handed over to and shared with third parties. As a consequence, the data and IP content are still yours but you have to allow facebook to collect and use them (Article 1). In this regard the possibility to change the privacy settings in order to determine what to share and with whom is also not very helpful. In case you really want to keep the control of your property you can basically not share anything with anyone anymore. However, then both the meaning and the benefits facebook is supposed to offer become increasingly questionable.

In addition to that, the information on data protection offer insights in what kind of data facebook collects, for which purpose and with whom it shares them. This concerns for instance the registration, all posts which are created and even messages. Moreover, facebook collects data on where a posted picture was taken, when a document was created, with whom you interact, which contents you look at, how often you do this, etc. This includes also all information others share about you.

Furthermore, all kinds of devices (computer, tablet, smartphone, etc.) you access facebook and use its services with, as well as other websites which are visited, are affected by this ‘information collecting mania’. Besides, facebook cooperates with third party companies for advertising and analysis purposes to which it transfers the collected data and information, even to the United States. In the end of 2015, the European Court of Justice (ECJ) clearly condemned the transfer of data to the US to be invalid. Also, the German consumer advice centre declared 19 provisions of the user conditions to be against the law and filed a suit against the corporation.

It is likewise complicated to file a lawsuit against facebook as private person. It is in principle possible under certain conditions but much more difficult in comparison to other companies. Legally tricky is the fact that facebook is not active in Germany. As a consequence, the court in California (USA) or the European headquarter of the United Group in Ireland are principally responsible. Finally, the enforcement of a judgment in these countries is very difficult.

The most recent developments concerning facebook are by no means less worrying. At the f8 Facebook Developers Conference the owner of the company Mark Zuckerberg presented his idea of a future universal platform. It is an attempt to additionally control all contents of sites outside facebook, while developing a network that the users are not supposed to leave anymore. A network, in which guidelines which are as unclear and vague as the general terms and the privacy policies decide what contents are feasible and legitimate.

The bottom line is that facebook is simply not a transparent platform. Not the user and his interests are in the foreground, but rather the benefits for facebook and the owner of the platform. All laws for the protection of personal data will be ineffective if they are constantly ignored by Internet companies. For all these reasons, we have as a company deliberately chosen not to be represented on facebook. However, since we support the basic idea of online networking you can find us on other, more user-friendly, platforms. As IT organisation focusing on data protection an security we would therefore also like to call special attention to alternative open source solutions.

One example in this regard is the diaspora* project: Instead of storing data on large centralised servers, which are part of a large organisation and are located in regions with questionable privacy policies, local servers (pods) can be set up anywhere in the world. You only need a diaspora-ID and may then decide yourself in which pod you want to register. Thereby you will always retain the rights over your data. We also support a pod under www.diasporaix.de. Of course, you may opt for any other server (Pod Liste, Pod Statistiken) like for instance the largest diaspora* pod geraspora or several other alternatives from which you can choose your pod yourself (wiki.diasporafoundation.org).

Finally, we would like to commend everyone to consider carefully what information to provide to whom, how, when, where and to be aware of all consequences.

For more information see:

Facebook:
Allgemeine Geschäftsbedingungen
Zusatz für Nutzer mit Wohnsitz in Deutschland
Datenrichtlinie

Press:
heise online - Zuckerbergs Vision von der Universalplattform
Spiegel Online - Verbraucherzentralen verklagen Facebook

Groupware: “Mailserver in a Box” – everything synced, always & everywhere

Matrix – secure communication with full data sovereignty

Mattermost is a messaging platform for secure and efficient enterprise communication across web, desktop and mobile. This web-based team chat software is a true open-source alternative to Slack that meets demanding privacy and security standards.

It offers all the features users know from Slack: public and private chat rooms, one-to-one messaging, file sharing, custom emojis, webhooks, slash commands and multi-language support. Beyond the standard features, SSO (single sign-on), advanced permissions, multi-factor authentication, performance monitoring, compliance reporting, custom branding and enterprise search are among the specialized enterprise capabilities.

As an aixzellent solution, your server is hosted by us in Germany and your data is transmitted exclusively via encrypted SSL/TLS connections. We assist you with setup, productive integration of Mattermost into your environment and regular security updates.

Our Mattermost hosting service is operated in full compliance.

Zimbra Basic Edition

Price

on request

• Dedicated mail server
• Custom domain
• 5 user licences
• Zimbra support
• 300GB HDD or 100GB SSD storage
• 30GB separate backup storage
• Unlimited transfer volume
• Secured by SSL certificate

Request a quote →

Team Chat / Business Messenger Enterprise Edition

Price

on request

• Dedicated mail server
• Custom domain
• User licenses on request
• 300GB HDD or 100GB SSD storage
• 30GB separate backup storage
• Unlimited transfer volume
• Secured by TLS/SSL certificate²

Request now →

Save valuable time

All solutions are hosted exclusively in Germany, backed up daily/nightly and all transfers are encrypted.

Managed Hosting!

Private. Secure. Open Source.
Perfectly suited for your needs.

13.03.2026

Private clouds in companies

Cloud computing is no longer a future trend, but rather a fundamental component of modern IT strategies. However, while public cloud offerings were long considered the ultimate solution, a shift...

Liability notice

We regularly review and update the information on our website. Nevertheless, changes or falsification of data cannot be entirely ruled out. No liability can therefore be assumed for the timeliness, accuracy and completeness of the information provided.

The same applies to websites referred to via hyperlinks. aixzellent is not responsible for the content of websites reached through such links.

Sources & Credits

Matrix Logo — © The Matrix.org Foundation — matrix.org
Mattermost Logo — © Mattermost, Inc. — mattermost.com
Atlassian Logo — © Atlassian B.V. — atlassian.design
GitLab Logo — © GitLab B.V. — gitlab.com
Redmine Logo — © Martin Herr — redmine.org
WordPress Logo — © WordPress Foundation — wordpress.org

All trademarks are property of their respective owners. Other product or company names may be trademarks of their respective owners.

Image and media sources include iStock, Pexels, Adobe Stock, PxHere, PublicDomainPictures, and other publicly licensed media providers.

Mastodon - An alternative to Twitter

Elon Musk is soon to take over Twitter and is already talking about changes to the social media platform. Concerns are being voiced by many critics. At the moment, however, the takeover cannot go ahead because Musk wants to have confirmed that spam accounts really make up less than 5% of the user base. Additionally, Musk wants to push the purchase price (as of May 18, 2022). Since a Twitter takeover is associated with many negative effects, alternatives such as Mastodon should be relied upon. In the following, we introduce Mastodon. 

The name for the social media platform goes back to the American mastodon, a prehistoric relative of the mammoth. The Mastodon platform is a distributed microblogging service, was developed by German programmer Eugen Rochko in 2016, and gained considerable importance, especially recently.

Functionality and features

Mastodon is very similar to Twitter: messages are posted in public, where the group of people can be limited. The recipients can reply to the messages or forward them, which is called "boosting". When posting, it is also possible to embed links, graphics, audio and video files without any problems. The messages are not called a tweet, but a toot. These can be given an expiration date so that deletion is automated. In addition, there are hashtags and the option to follow people. It is also possible to save messages as favorites. The user's own profile is very similar to that of Twitter, but liking is symbolized by an asterisk and referred to as favoriting. Mastodon can be accessed not only via the browser, but also via mobile operating systems.

Advantages over Twitter

The biggest advantage of the Twitter alternative is that it is organized in a decentralized manner. Thus, there is no "mastodon.com", but many servers cooperating with each other, which are called instances. If a communication is to take place on the same instance, an @ with the corresponding account name is sufficient. Otherwise the address of the instance is still appended. Mastodon can also be used to communicate with platforms in the Fediverse that support either the ActivityPub or OStatus protocol. Fediverse is based on Federated Universe and is composed of the word "federation" and "universe". It represents a network consisting of federated, interdependent social networks, microblogging services, and online publishing websites. The ActivityPub protocol is an open, decentralized social networking protocol. Content can thus be created, uploaded or deleted through the included client-to-server API. Another positive aspect is that no user tracking is used.

Mastodon provides users with significantly more characters than Twitter. Instead of 280 characters, there are 500, which significantly reduces the typing restriction.

Even if the overview takes some getting used to, it offers an enormous advantage: in contrast to Twitter, Mastodon has transparent rules and thus also timelines whose content is not shaped by an opaque algorithm. Mastodon offers users a simple and chronological overview. On the one hand there is the federated timeline, on the other hand the local timeline. The former shows all public messages from a given instance and the instances with which that instance exchanges. The latter always contains all public posts of the members of only one instance.

Distribution

In May 2017 there were only 650 000 Mastodon users, but within the next 5 years the social media platform grew significantly. There are now 5 million user (as of May 2022). The trend continues to rise, with Musk's Twitter takeover fueling the increased growth of Mastodon users.

In addition to celebrities, a great many companies use Mastodon, including us! The social media platform has many advantages and is an excellent Twitter alternative. Register with Mastodon and follow us!

6 Kern-Produkte

6 Core Products

Mobility Solutions

Promotion of Open Source

In January 2001, the beginning of a success story was written:  Jimmy Wales published the online encyclopedia Wikipedia, marking the beginning of open source development. Until today, however, the topic of open source has played a subordinate role in Germany and has been pushed into the background. However, open source brings with it many advantages that are currently not being exploited.

What is Open Source?

Open source refers to software or code that is freely accessible to the public. Thus, it can be viewed, modified or distributed by third parties. Often the open source software can be used for free or at a very low price.

How does it look with the use in Germany?

Unfortunately, Germany fares rather poorly compared to other countries. This is mainly because, although digital sovereignty has been created in recent years, nothing or little has been done by the state. There is neither a common policy in the area of open source nor is this a major topic in our society. However, the EU Commission recommends that every EU state promote open source at all levels and in all areas, as this has a significant positive impact on economic growth. In addition, open source has a good effect on other aspects as well, which we will explain below.

So why is open source so important?

For one thing, the skills and knowledge of workers in companies can be kept up-to-date and even expanded through open source. In addition, the employees are motivated by varied activities, which also increases the work productivity of each individual. Furthermore, software development skills are specifically promoted. Countries that already promote open source also have excellent software development skills, according to studies.
Secondly, the operating costs in the public sector would decrease. This is because the overall costs in the IT sector would decrease significantly, as proprietary software would be dispensed with in the public sector.

In addition, dependency on third-party vendors would greatly decrease and digital sovereignty would be strengthened. Furthermore, services such as standardization, knowledge transfer and community development can be provided through open source. Consequently, open source foundations play an essential role here.
Another benefit is the increase in start-up foundations. According to comprehensive studies, an increase of 10% in open source contributions would enable the creation of an additional 600 start-ups per year. This is mainly driven by the high quality of (free) open source software, which results from the collaboration of many people who have different skills. Thus, many young companies benefit from this, which then can more easily bring innovative products to the market.

We offer a wide range of Open Source

We as a company attach great importance to the use of open source. Therefore, it is also important to us to offer you the best possible open source offers. We provide you with a wide range of attractive offers, where we are happy to advise you. If you have any further questions or concerns, please feel free to contact us at any time.

All solutions include as standard:

Security always
up to date

your brand name
as domain

For growing teams and businesses

• Groupware Premium & Private Cloud
• Unlimited users
• 300 GB storage
• Priority support
• Advanced analytics
• API access & extensions

Private Cloud

Application Hosting

Privacy policy for the use of our website

The protection of your data is our highest priority at (aixzellent, Leonhardstraße 23–27, 52064 Aachen). We would therefore like to inform you in detail about the purpose, type and scope of the processing of personal data through the use of our website in accordance with the German Telemedia Act (TMG), the Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU-GDPR).

You may exercise your right to access, rectification, deletion or restriction of processing of your data at any time, insofar as this is permitted under other existing legal obligations.

You also have the option of filing a complaint related to data processing with the data protection supervisory authority responsible for us.

When contacting us (e.g. by e-mail), the user's details are processed to handle the enquiry and, in the event of follow-up questions, in particular to carry out pre-contractual measures.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

Anonymised analysis of visitor traffic

To analyse the behaviour of users on our website, we use the open-source web tracking tool Piwik/Matomo. With this alternative to Google Analytics, the collected data is processed exclusively internally by aixzellent.

This means that the data is not shared with or used by third parties, but is stored and analysed exclusively on our own server. In this way, we can ensure that all data is stored exclusively on systems in Germany.

For anonymisation purposes, the last digits of the IP address (the last byte of the IPv4 address) are obscured. This reliably prevents any personal reference to the data.

Private Cloud

aixCloud is a free cloud server software based on the open-source solution Nextcloud (AGPL). The platform offers extended features as well as dedicated enterprise functionality (Premium). Multiple team members can access and collaboratively edit Microsoft Office files, PDF documents, images and other files.

Thanks to its open-source approach, aixCloud provides a high level of data security, flexibility and transparency, along with the opportunity to actively contribute. The software is updated regularly.

We are happy to provide personal consultation and tailored offers. Get in touch with us!

References

Groupware

Web Hosting
Wordpress Hosting

Private cloud

* Includes 19% VAT, plus setup fees.
150 GB of separate backup storage.
220 TB/month included; if the transfer volume is exceeded, the connection speed will be reduced.
3SSL certificate from Let's Encrypt, other certificates available at extra cost.
4Valid for .de domains.

50 GB hard disk space
+ separate backup storage1

1 domain4

Mattermost – More options for data security & management

element is a cross-platform open source software for chat, IP and video telephone using the matrix protocols. Existing communication platforms such as IRC, Slack, Twitter, Telegram and Apple iMessage are integrated. This large network means that cross-platform communication on multiple devices can be implemented without any problems. Group chats, the exchange of pictures and other files and sharing them is also possible. Riot also offers a searchable archive and can serve as a kind of collective memory in companies or organizations.

The messenger is also open source and supports optional end-to-end encryption. That distinguishes it from Mattermost. Messages can be encrypted with one click within the matrix network. At your request, we host our own matrix server in Germany – of course, exclusively via encrypted SSL / TLS connections.

Starting at
34,51€*/month

on demand

Our team

Who We Are

With us, you have a competent and experienced partner by your side. We are the successful information and communication technology division of a leading consultant and planner for transport facilities, traffic telematics and traffic management systems in Europe. We offer you a comprehensive range of IT services.

What We Can Do for You

Based on our many years of experience and interdisciplinary expertise, we design the optimal solution for your requirements together with you and then implement it quickly and effectively. We are happy to incorporate open source solutions alongside commercial ones.

Where We Stand

Originating from the engineering office Theis Consult, which has been operating successfully since 1991, we continue to evolve into a full service provider for our customers based on our success. With our team members from engineering, telecommunications and computer science, as well as a broad network of specialists across all relevant fields, we offer our customers all the competencies required today for efficient project delivery.

Our aixCMS

We have been continuously developing our aixCMS since 2012. Recently, some new functions have found their way into our website builder again. It is now possible to create new and varied animations on the websites. In addition, the replacement of background images and the setting of jump marks in the navigation bar is now easily possible. We took this as an opportunity to present our CMS once again.

Written on the basis of Ruby on Rails, aixCMS is the content management system on which our own website is based. The application is particularly flexible and can be customized specifically according to the wishes of our customers. One of the reasons for this is that we can adapt the intuitive customer user interface (the CMS editor) to the customer's needs, thus avoiding operating errors and the need for time-consuming training. The layout is designed to be easy to use and attractive. Changes can be made by the customer without HTML knowledge. In order to support the authors and designers in their work and to increase the efficiency of the web applications, the functions that are superfluous for the customer are removed. On the other hand, it is possible to add more functions needed by our customers. For this we consult with the customer very well, so that the requirements are worked out precisely and the customer is very satisfied with the final result.

Security

Our aixCMS is constantly developed by our team and always follows the spirit of the times. It supports responsive designs by default and is thus perfectly adapted to any smartphones, tablets and laptops/PCs. In addition, aixCMS supports the highest possible security standards and transmits data exclusively via an encrypted SSL/TLS connection. As a result, the highest standards and optimal ranking of the website are guaranteed. Furthermore, we host the data exclusively on servers in Germany and do not require our own IT. In this way, our customers can effectively run their business with minimal staff effort.

Maybe another CMS after all?

We are convinced for many reasons that our customers are best advised with our CMS. Alternative CMS, such as TYPO3, certainly offer many great features. Nevertheless, on the one hand, it happens again and again in customer projects that the complexity in typical use rather leads to problems and higher expenses. On the other hand, the flexibility to implement individual designs quickly reaches the limits of the "standard functionality" of the corresponding tools. Plug-ins or individual extensions then come into question as the only "help", which is cumbersome and actually avoidable. If our customers nevertheless choose an alternative CMS, we are of course happy to advise them there as well. Many of our customers use Wordpress, for example.

Web Hosting for SMEs – Individual Solutions Based on LAMP, Ruby on Rails or HTML

aixCMS – Our Content Management System Developed Specifically for You!

WordPress is a free web application for creating and managing websites (images & text) and weblogs. Using design templates, custom designs can be created quickly, easily and individually with just a click. Based on the programming language PHP, WordPress requires a MySQL database and allows full use as a content management system.

WordPress is also available as an application for various mobile device operating systems (iOS, Android, Windows Phone, Blackberry OS, Symbian, HP webOS).

Our WordPress Managed Hosting is a service specifically tailored to WordPress for maintaining and managing your content. This includes regular, comprehensive and automatic updates for the software and operating system, as well as virus and spam filters. In addition to daily full server backups, all available designs and plug-ins for extended functionality are already pre-installed. On request, we can also create your complete website according to your specifications.

We place particular emphasis on security and data protection in accordance with German standards. Your data is transmitted exclusively via encrypted SSL connections and stored in German data centers, allowing us to guarantee the highest level of protection for your company without any additional staffing effort. You can get started right away and create your web presence easily, securely, flexibly, quickly and individually. We are happy to advise you personally. Get in touch with us right away!

Wordpress Starter Package

Starting from

34.51€*/month

• Dedicated CMS server
• 300GB HDD or 100GB SSD storage
• 30GB separate backup storage
• Unlimited transfer volume
• Secured by TLS/SSL certificate¹
• 1 domain²

Big Blue Button

The open source software enables video conferences with one or more participants. In addition to video or audio chat, Jitsi Meet also offers functions of desktop sharing and screen sharing of certain windows to present content. In addition, an integrated chat function is available to share text-based content with other participants. Furthermore, Jitsi Meet is also available as an app on Android and iOS.

On the basis of WebRTC, data or media streams are transmitted in encrypted form via datagram transport layer security and secure realtime transport protocol. At your request, we host your own Jitsi Meet instance on servers in Germany with your data protection always in focus.

We would be happy to advise you personally and work with you to design your own individual solution. Feel free to contact us!

• BigBlueButton room for up to 25 participants
• unlimited transfer volume
• Secured with SSL certificate1

Kopano Video Meetings Basic Edition

Mikogo

on demand

Starting at
34,51€*/month

Increase in cyberattacks

Many studies show that the number of companies affected by cyberattacks is always on the rise and an increase in cybercrime victims can also be assumed in the future.
In addition, cybercrime is coming even more into focus due to the Ukraine war. Many ransomware-attacks are carried out by Russian hacker groups. The target is not only Ukraine, but also other European countries.

The current situation is worsening

Cyberattacks are no longer singular cases. According to a study commissioned by the digital association Bitkom, 84% of the more than 1000 companies surveyed were affected at least once last year by data theft or sabotage, for example. The German economy alone suffered losses of around 203 billion euros. Alarming numbers that show how damaging such attacks are. In the worst case, critical infrastructures, administrations or supply chains are paralyzed, which can lead to problems of public safety and lack of supply. 2021 the Anhalt-Bitterfeld administration was attacked by ransomware, so that regular operations were not possible for months. This is considered to be the first cyber catastrophe case in Germany.

Digital war - the "Vulkan Files"

The so called "Vulkan files" now reveal, that Russia apparently wants to use the fatal consequences of an successful attack. They name important transport- or energy networks as targets. But being in control of the internet in occupied territories also plays a central role in the Russian cyberwar. Vulkan is said to be just one of over 30 competing Russian companies.

"These examples, as well as many incidents in recent years, make it clear that there is a real threat from cyberspace to Germany's critical infrastructure." Konstantin von Notz (Bündnis 90/Die Grünen) member of the Bundestag

Lack of security as the main problem

The main reason why many companies are affected by successful cyberattacks is a lack of investment in IT security. This is because the costs for appropriate measures are high and they do not pay off directly as long as no damage occurs. However, the consequences of an attack are even more expensive and additionally damage the company's reputation. Investments in IT security measures are therefore essential.

Preventing a hacker attack is a continuous process that pays off. The following graphic shows the procedure according to the BSI-Grundschutz standards.

Our company pays attention to cybersecurity (security by design) from the very beginning of the solutions & services we offer. In addition, our customers' data is backed up daily and transmitted exclusively in encrypted form. The employees of our company who are responsible for IT security are certified as BSI basic protection practitioners and therefore have the necessary qualifications in data protection and IT system security. If you have any questions about our services, please contact us by e-mail or phone. We will be happy to advise you!