Secure Yourself a Reliable Partner
Visions come with experience. For a company that through its agility and special skills has prevailed over the Global Players in the field of enterprise-driven IT, project and service management as well as bespoke software development for almost three decades now, moving in the direction of IT Security was a predetermined evolutionary step. As such, it did not come out of nowhere that Steen Harbach AG started delivering not just the traditional services such as consultancy almost 10 years ago as part of its “Security Solutions” offering into this exciting and fast-lived business. Moreover, we have been a sucker for innovation ever since. It is thus no surprise that today we dedicate ourselves and a whole brand to IT-Security under the name “PointBlank Security” where we not only take a very definite and direct approach to how we manage the essential details, but where we also keep the proverbial big picture in mind.
Custom Design und Concepts
As technical architects with years of enterprise-level experience on our tally sticks accompanied by the deep knowledge of IT Security (focussing on cryptography), Electrical Engineering and Information Technologies as well as Computer Science in general, we devise solid solutions allowing for all essential interfaces, standards, regulatory requirements, laws and certainly best practice in order to withstand any audit. We speak the technical tongue and get everyone on the same page to drive home the essential ideas in our relentless pursuit of a successful project delivery.
Security Assessment of Hard- and Software
There is arguably a better way to acquire substantial know-how than to produce your own secure hardware and software solutions. As such, we are aware of the usual pitfalls, gaps, vulnerabilities, shortcomings, technological limitations, but first and foremost we know how to apply and incorporate security above and beyond the usual marketing slogans and shiny attractive packaging. We do not get thrown off by certifications alone always willing to double-check and scrutinise the object or matter at hand. All we need to do for this is simply ask ourselves, how we would go about building the product in question in a secure fashion.
Secure Software Development and Development of Secure Software
These two terms are all but synonyms to us. On the one hand, our experience in the field of custom software design, e.g. for critical production lines and facilities enables us to take a different approach to quality of work thereby minimising the probability of unforced errors through a typical development life cycle. On the other hand, our sophisticated knowledge of the corresponding security schemes and protocols as well as the essential cryptographic algorithms puts us in an ideal position to implement security standards without the need for interpretation while at the same time also actively avoiding catastrophic mistakes such as memory leakage among other things. To seal the deal, we take the time to engage all the valuable low-level platform protection mechanisms, e.g. Windows DPAPI and its successors to outdo the mundane Solid Access Controls everyone seems to want to rely on as a sole line of defence. We are driven by the recurring observation that most vulnerabilities are in fact caused by poor understanding of the relevant security standards, through oversight or both for that matter.
Integration, Delivery and Support
Even a sound and solid solution requires a seamless and efficient transition into production. In addition to the actual concept, this also involves strong secondary aspects like Identity & Access Management (e.g. PSD2 compliant multi-factor authentication or Single Sign-On), integration with various internal and external interfaces, User Acceptance Tests, Penetration Tests, Risk Management, Disaster Recovery Readiness, Networking & Firewalls, Rollout all the way to comprehensive documentation, communication and of course technical support – either throughout migration or long-term.
General Security Consultancy
With all the practical angles and applied R&D in mind, why not put it to good use outside the realm of a dedicated project as part of a general consultancy service? The main idea is that only someone who has mastered a certain discipline can truly guide someone else on a similar path. Knowing that and learnt it the hard way (sometimes) we refrain from using some text templates or bleak references. Instead, we try to put ourselves in our customers’ place and come up with ideas and solutions as though those were our own projects and applications. Consultancy to us is all about extending a helping hand to get someone out of an impasse and to the next level by showing alternatives and often enough also by thinking “outside the box”.