News Events Career Search ,Website Version: EnglishEnglish
Website Version: DeutschlandDeutschland Website Version: SchweizSchweiz Website Version: ÖsterreichÖsterreich

Focus

Our focus topics
Agile Transformation Digital transformation Information Security Process Transformation Service Management

Make your business more responsive and flexible with agile approaches, create more business value for yourself and your customers, and win with faster time to market.

Agile Service Management Scaling Agile

The iTSM Group is a holistic partner for the digital transformation of services and processes - from comprehensive consulting to implementation and operation.

Consulting for Digitalisation
Identity & Access Management

Aligning processes more closely with business objectives and ensuring the smoothest possible process organization, optimally complemented by digitization and automation of business processes - these are the strategic goals of our services relating to processes.

Business Process Management Digitalisation of business processes Process consulting

We provide you with extensive support in setting up and reorganizing as well as in operating your service management, thus contributing to quality services that act as an effective interface between offer and customer.

Agile & IT Service Management Customer Service Management Enterprise Service Management HR Management Software Service Management as a Service Service management trainings

ServiceNow®

ServiceNow®
Now Platform portfolio ServiceNow® Consulting ServiceNow® Implementation ServiceNow® Managed Services ServiceNow® UX Design ServiceNow® trainings

The Now Platform is a powerful tool for digitising and partially automating your processes and services.

Here you will find an overview of the various fields of application in departments and industries. 

As a ServiceNow® Elite Partner, the iTSM Group and its subsidiaries are one of the most distinguished consulting firms for the Enterprise Service Management platform in Europe.

Here you can find an overview of our ServiceNow® consulting services. 

We support you in setting up and implementing ServiceNow® Cloud SaaS correctly - with a holistic approach at various levels.

Get to know our services in the context of ServiceNow® implementation.

ServiceNow® as a Service is the ideal product for a quick entry into the digital transformation of small and medium-sized enterprises: We take care of the setup and configuration of your ServiceNow® environment, map your processes there, and enable tailoring to individual needs without long-term contractual commitments.

Increase the acceptance and use of your service portal with user experience design - for more satisfaction and efficiency in the company.

In our ServiceNow® training courses, you will gain experience in using the software and learn how to map and optimise your work processes in ServiceNow®. As an authorised ServiceNow® training partner, we also offer you official certification.

Trainings

Trainings for ITSM and project management
Inhouse Trainings ITIL® PRINCE2® Scrum ServiceNow® Simulations Workshops Online trainings Digital Learning Solutions

With our in-house trainings we support the development of the competencies of your employees specifically for your company.

Trainings for the IT Infrastructure Library (ITIL® 4) - the globally recognized best practice model for implementing IT service management.

ITIL® 4 Foundation ITIL® 4 Foundation Plus

Training for the process-oriented method for project management, which is based on best practices.

PRINCE2® Project Management Foundation Online
Scrum Fundamentals Online

Trainings on a variety of aspects of the cloud-based Now Platform of ServiceNow®.

ServiceNow® Administration Fundamentals ServiceNow® Application Development Fundamentals ServiceNow® CMDB Fundamentals ServiceNow® Hardware Asset Management Fundamentals ServiceNow® HR Fundamentals ServiceNow® HR Implementation ServiceNow® ITSM Fundamentals ServiceNow® ITSM Implementation ServiceNow® Strategic Portfolio Management

Learn about the possibilities of ITIL®, PRINCE2® and DEVOPS in your company through playful simulations. Experience a fictitious space flight or increase the productivity of a pizza delivery company. In the process, many typical problems encountered in IT organisations become visible.

Apollo 13 Simulation Challenge of Egypt™ Grab@Pizza-Simulation ITSM around the World MarsLander® – an ITIL® 4 Simulation The Phoenix Project Simulation

In our practical workshops, competent trainers support your organisation in integrating theoretical frameworks and software know-how into everyday practice.

Together with you, we develop solutions for the introduction, advise on the concrete design of processes

Our online training courses prepare you digitally, diversely and efficiently for your certification.

In the basic training courses for ITIL®, PRINCE2® and Security Awareness, you will be familiarized with the content with the help of case studies and quizzes and chapter questions - all you need is a computer or tablet with a stable internet connection.

IT service management at a glance (EN) ITIL® 4 Foundation Online PRINCE2® Foundation Online Scrum Master & Product Owner Online

With the combined expertise of experienced consultants and educational professionals, we offer digital learning formats that are tailored to your needs. These include interactive learning experiences, knowledge nuggets and context-specific learning formats.

Knowledge

Read more
Guides ITSM News iTSM webinars ServiceNow® Tutorials

Tips for the use and handling of ServiceNow®. Learn more about detailed questions regarding the use and optimization of the ServiceNow® service portal in short videos.

About

Get to know the iTSM Group
Our Mission Management Career References Partners Companies Locations Social Responsibility
Homepage / News / Security automation and group Managed Service Accounts for better protection against cyberattacks

Mathias Rühn

Senior Technical Consultant

Categories
Information Security

31.07.2025

Security automation and group Managed Service Accounts for better protection against cyberattacks

Cyberattacks threaten companies of all sizes. According to the "Bitkom-Studie Wirtschaftsschutz 2024", cyberattacks in Germany caused damages amounting to €178.6 billion, an increase of 20% over the previous year. In 2024, 81% of German companies were affected by cyberattacks. The BSI Status Report 2024 on IT security in Germany shows that phishing emails, malware, insecure web browsing, IoT devices, and vulnerabilities in third-party providers are common gateways for attackers.

Against this backdrop, cybersecurity measures—and particularly effective, automated security measures—are becoming increasingly important. This is exactly where our solution comes in: it combines security automation with group Managed Service Accounts (gMSA) in Windows servers to effectively protect companies and initiate countermeasures.

What is security automation?

Security automation uses existing security systems such as antivirus software or network monitoring to automatically initiate countermeasures, collect forensic data, and document incidents when threats arise. In Windows Server and client environments, it offers:

  • Real-time detection: As soon as antivirus software or security tools report malicious code or suspicious network traffic, the system intervenes.
  • Isolation: Affected devices are disconnected from the network to stop the spread of malware.
  • Forensic data collection: Data is backed up for analysis.
  • Emergency processes: Tickets are created in service management systems such as ServiceNow® to alert IT teams. In environments without a service management system, alternative communication channels such as Microsoft Teams, email, or desktop messages are used to ensure a rapid incident response.

The KPMG study e-Crime 2024 highlights that overlooking the first signs of cyberattacks significantly increases their success.

A real-life scenario: The phishing attack

Imagine an employee opens an email that appears to be from a customer. An attached document turns out to be malware. Without a quick response, attackers could infiltrate your network. Our security automation:

  1.     Detects the threat immediately.
  2.     Isolates the affected device in seconds.
  3.     Collects forensic data for analysis.
  4.     Creates a ticket in your ITSM system.

This approach not only protects against emails containing malicious code, but also against threats such as malicious links when browsing the web.

The vulnerability of traditional service accounts

Traditional service accounts with static passwords are a security risk. According to the Bitkom study, compromised access data is one of the main causes of data leaks. Manual password management is time-consuming and error-prone, especially in large environments.

Group Managed Service Accounts (gMSA): A secure alternative

Our protected Windows servers do not use service accounts at all. Instead, we use central task servers with group Managed Service Accounts (gMSA) that control supporting processes. gMSA offer:

  • Automatic password management: Passwords are automatically changed every 30 days, making brute force attacks more difficult.
  • Multi-server use: gMSA can be used on multiple servers, ideal for clusters or load balancing.
  • Simplified administration: Administration can be delegated to service administrators, reducing the effort involved.
  • Kerberos support: These accounts use the strongest security features.

Using gMSA on central task servers increases security without increasing complexity.

Protection against multiple entry points

Cyberattacks use various entry points:

  • Phishing emails: According to a KPMG study, 53% of companies have been affected.
  • Web browsing: Compromised websites or malicious links.
  • IoT devices: Weakly secured devices as backdoors.
  • Physical access: Unauthorized access to devices.
  • Third-party providers: Vulnerabilities in the supply chain.

Our Security Automation solution responds to a variety of triggers that indicate potential threats. When malicious code is detected on a file server by antivirus software, Security Automation identifies the affected user by analyzing the file server's access logs to see which user accessed the malicious file. The user's affected devices are isolated to prevent the spread of the malware, and comprehensive countermeasures such as malware removal and system restoration are initiated. The user is logged out of all devices and receives an accessible system message, compatible with screen readers such as JAWS, informing them of the incident and the next steps to be taken.

Integration of security automation and gMSA

The combination of security automation and gMSA creates a robust defense:

  1. Threat detection: Antivirus software reports malicious code or suspicious traffic.
  2. Automated response: Affected systems are isolated and data is backed up.
  3. No service accounts on compromised systems.
  4. ITSM integration: Tickets are triggered in systems such as ServiceNow.

The central task servers with gMSA ensure that measures with elevated privileges are possible at any time without granting these privileges to third parties.

Advantages for your company

The solution offers:

  •     Fast response times: Threats are neutralized in seconds.
  •     High security: gMSA minimizes password risks and is only located on specially protected servers.
  •     Seamless integration: Compatible with any service management product.
  •     Cost efficiency: Less downtime and damage.
  •     Scalability: Ideal for large environments.

Your digital investigator

A cyberattack is a crime scene: every second counts. Our security automation acts like an investigator who secures the scene, collects evidence, and prevents damage, while gMSA ensures secure authentication. This investigator navigates effortlessly through any Windows server and client environment and integrates seamlessly into existing systems, regardless of the product used.

 

About the author Mathias Rühn

Mathias Rühn has been a valued member of the iTSM Group since March 2015 and has extensive expertise in IT infrastructure and server systems since 2003. Right from the start of his career at the iTSM Group, he took on responsibility for a complex centralization project involving over 20,000 users and contributed significantly to the success of the project. His responsibilities include managing sub-projects, overseeing cross-functional topics such as process automation, and providing technical consulting to our customers. As a Senior Technical Consultant, Mathias Rühn combines in-depth technical knowledge with a pragmatic approach to develop innovative and customer-oriented solutions that make operations efficient and future-proof.

Governance, Risk and Compliance

With our services in the area of Governance, Risk and Compliance, we help our customers to meet the constantly growing compliance requirements from information security, data protection and risk management with suitable concepts, processes, services and technical solutions.

To Governance, Risk and Compliance

News about iTSM Group

Mathias Rühn

Senior Technical Consultant

31.07.2025

Security automation and group Managed Service Accounts for better protection against cyberattacks

Companies of all sizes insufficiently protect their infrastructure or procure important products that provide IT with "Security Information and Event Management", for example. In almost all cases, there is no tailored, product-independent solution to perform automated initial response to serious security incidents.

Read more

iTSM Group

Public Relation

28.05.2025

iTSM Group partners with AvanteNow to strengthen ServiceNow® delivery

Together with our new partner AvanteNow we will be able to offer our clients even more flexible, efficient, and cost-effective ServiceNow solutions.

Read more

Karita Kuusisto

Senior ServiceNow Business Consultant

23.05.2025

Optimizing procurement processes: 5 practical ways with ServiceNow® Source-to-Pay

Procurement departments confront great challenges, as they have to cut costs, enhance compliance and accelerate procurement cycles while maintaining healthy supplier relationships and seamless employee experiences. The old manual methods simply do not suffice anymore, leading to automation emerging as the key solution for organizations looking to optimize procurement.

Read more

Christian Seiberl

CSM & FSM Lead

09.04.2025

ServiceNow® migration: What to do with the old ticket data

This article provides a brief overview of a large number of customer projects involving the introduction of ServiceNow and focuses on the handling of data.

Read more

iTSM Group

Public Relation

20.03.2025

ServiceNow® honours iTSM Group with Reseller Partner of the Year Award

The ServiceNow 2025 Partner Awards recognize partners in various categories, geographies and sizes. The awards are based on a rigorous evaluation process that takes into account factors such as customer satisfaction, innovation and business impact.

Read more

How can we support you?

Icon eines Smartphones, das von einer hand gehalten wird und ein Kontaktsymbol zeigt

The iTSM Group in Europe

iTSM Group Headquarters

ITSM Consulting GmbH
Uwe-Zeidler-Ring 12
55294 Bodenheim

 

Telefon: +49 6135 9334 0
E-Mail: info@itsmgroup.com

iTSM Group Great Britain

Trusted Quality UK Ltd.
1 Bartholomew Lane,
London, EC2N 2 AX

info@itsmgroup.com

iTSM Group Netherlands

Trusted Quality NL B.V.
Hutteweg 24
7071 BV Ulft

 

Telefon: +49 6135 9334 0
E-Mail: info@itsmgroup.com

iTSM Group Austria

Softpoint Trusted Quality GmbH
Linzer Straße 16e
4221 Steyregg/Linz 

 

Telefon: +43 732 794479 0
E-Mail: info@itsmgroup.com

iTSM Group Switzerland

Trusted Quality Switzerland GmbH 
Prime Center 1, 7th Floor
8058 Zürich

 

Tel.: +41 44 567 61 00
E-Mail: info@trusted-quality.ch

iTSM Group Romania

iTSM Trusted Quality S.R.L.
2 Mexic, Bl. 1, Ap. 17, sec. 1,
Bukarest, RO-011756

 

Telefon: +40 (744) 180499
E-Mail: office@trusted-quality.ro

iTSM Group Italy

Trusted Quality Italy S.r.l.
Via Leonardo Da Vinci 12
39100 Bolzano BZ

info@itsmgroup.com

New impulses for service management

Guides, webinars and tutorials in the iTSM knowledge area.

 

iTSM Knowledge