Secure Yourself a Reliable Partner

Visions come with experience. For a company that through its agility and special skills has prevailed over the Global Players in the field of enterprise-driven IT, project and service management as well as bespoke software development for almost three decades now, moving in the direction of IT Security was a predetermined evolutionary step.
As such, it did not come out of nowhere that Steen Harbach AG started delivering not just the traditional services such as consultancy almost 10 years ago as part of its “Security Solutions” offering into this exciting and fast-lived business. Moreover, we have been a sucker for innovation ever since. It is thus no surprise that today we dedicate ourselves and a whole brand to IT-Security under the name “PointBlank Security” where we not only take a very definite and direct approach to how we manage the essential details, but where we also keep the proverbial big picture in mind.

PointBlank Security

PointBlank Security’s focal point are novel solutions that take the ultimate requirement of consistent data protection to a global scale. It is fair to say that our enterprise-grade insights are a major contributor to the highest level of expectations we are looking to satisfy. On top of Ultra Secure and Ultra Low Power embedded systems (specifically for IoT and Industrie 4.0 applications) that reach an HSM or SmartCard like level of protection, our goal is to develop cloud-based or self-sustaining workflows backed up by strong components such as PKI, two-way TLS, TDE as well as an efficient implementation of cryptographic primitives. To that end, we not only follow through with such concepts in a practical fashion, we also spread the word through applied R&D endorsed by our renowned academic partners of the likes of the Ruhr-University of Bochum and the Brandenburg University of Technology Cottbus-Senftenberg. Those institutions also happen to be the cradle of our splendidly educated staff who we select and accompany early in the process to prepare them for the ambitious daily IT Security business.
It goes without saying that we use the momentum and agility of innovation to transcend our more traditional security services on a continuous trek to surpass the current limits of the industry when it comes to subject matter expertise, consultancy and the good old project management which we all have put to the test working for financial and other institutions all the way up to top-secret or top management applications.


Custom Design und Concepts

As technical architects with years of enterprise-level experience on our tally sticks accompanied by the deep knowledge of IT Security (focussing on cryptography), Electrical Engineering and Information Technologies as well as Computer Science in general, we devise solid solutions allowing for all essential interfaces, standards, regulatory requirements, laws and certainly best practice in order to withstand any audit. We speak the technical tongue and get everyone on the same page to drive home the essential ideas in our relentless pursuit of a successful project delivery.

Security Assessment of Hard- and Software

There is arguably a better way to acquire substantial know-how than to produce your own secure hardware and software solutions. As such, we are aware of the usual pitfalls, gaps, vulnerabilities, shortcomings, technological limitations, but first and foremost we know how to apply and incorporate security above and beyond the usual marketing slogans and shiny attractive packaging. We do not get thrown off by certifications alone always willing to double-check and scrutinise the object or matter at hand. All we need to do for this is simply ask ourselves, how we would go about building the product in question in a secure fashion.

Secure Software Development and Development of Secure Software

These two terms are all but synonyms to us. On the one hand, our experience in the field of custom software design, e.g. for critical production lines and facilities enables us to take a different approach to quality of work thereby minimising the probability of unforced errors through a typical development life cycle. On the other hand, our sophisticated knowledge of the corresponding security schemes and protocols as well as the essential cryptographic algorithms puts us in an ideal position to implement security standards without the need for interpretation while at the same time also actively avoiding catastrophic mistakes such as memory leakage among other things. To seal the deal, we take the time to engage all the valuable low-level platform protection mechanisms, e.g. Windows DPAPI and its successors to outdo the mundane Solid Access Controls everyone seems to want to rely on as a sole line of defence.  We are driven by the recurring observation that most vulnerabilities are in fact caused by poor understanding of the relevant security standards, through oversight or both for that matter.

Integration, Delivery and Support

Even a sound and solid solution requires a seamless and efficient transition into production. In addition to the actual concept, this also involves strong secondary aspects like Identity & Access Management (e.g. PSD2 compliant multi-factor authentication or Single Sign-On), integration with various internal and external interfaces, User Acceptance Tests, Penetration Tests, Risk Management, Disaster Recovery Readiness, Networking & Firewalls, Rollout all the way to comprehensive documentation, communication and of course technical support – either throughout migration or long-term.

General Security Consultancy

With all the practical angles and applied R&D in mind, why not put it to good use outside the realm of a dedicated project as part of a general consultancy service? The main idea is that only someone who has mastered a certain discipline can truly guide someone else on a similar path. Knowing that and learnt it the hard way (sometimes) we refrain from using some text templates or bleak references. Instead, we try to put ourselves in our customers’ place and come up with ideas and solutions as though those were our own projects and applications. Consultancy to us is all about extending a helping hand to get someone out of an impasse and to the next level by showing alternatives and often enough also by thinking “outside the box”.