Make your business more responsive and flexible with agile approaches, create more business value for yourself and your customers, and win with faster time to market.

Agile Service Management Scaling Agile

The iTSM Group is a holistic partner for the digital transformation of services and processes - from comprehensive consulting to implementation and operation.

Consulting for Digitalisation
Identity & Access Management

Aligning processes more closely with business objectives and ensuring the smoothest possible process organization, optimally complemented by digitization and automation of business processes - these are the strategic goals of our services relating to processes.

Business Process Management Digitalisation of business processes Process consulting

We provide you with extensive support in setting up and reorganizing as well as in operating your service management, thus contributing to quality services that act as an effective interface between offer and customer.

Agile & IT Service Management Customer Service Management Enterprise Service Management HR Management Software Service Management as a Service Service management trainings

ServiceNow®

ServiceNow®

The Now Platform is a powerful tool for digitising and partially automating your processes and services.

Here you will find an overview of the various fields of application in departments and industries. 

As a ServiceNow® Elite Partner, the iTSM Group and its subsidiaries are one of the most distinguished consulting firms for the Enterprise Service Management platform in Europe.

Here you can find an overview of our ServiceNow® consulting services. 

We support you in setting up and implementing ServiceNow® Cloud SaaS correctly - with a holistic approach at various levels.

Get to know our services in the context of ServiceNow® implementation.

ServiceNow® as a Service is the ideal product for a quick entry into the digital transformation of small and medium-sized enterprises: We take care of the setup and configuration of your ServiceNow® environment, map your processes there, and enable tailoring to individual needs without long-term contractual commitments.

Increase the acceptance and use of your service portal with user experience design - for more satisfaction and efficiency in the company.

In our ServiceNow® training courses, you will gain experience in using the software and learn how to map and optimise your work processes in ServiceNow®. As an authorised ServiceNow® training partner, we also offer you official certification.

Trainings for the IT Infrastructure Library (ITIL® 4) - the globally recognized best practice model for implementing IT service management.

ITIL® 4 Foundation ITIL® 4 Foundation Plus

Training for the process-oriented method for project management, which is based on best practices.

PRINCE2® Foundation Online

Trainings on a variety of aspects of the cloud-based Now platform of ServiceNow®.

Operation of ServiceNow Customer Service Management Introduction Handling Scoped Applications Java-Script Coding in ServiceNow ServiceNow Asset vs. CI ServiceNow HR Workshop ServiceNow Best Practice Service Portal ServiceNow Reporting

Learn about the possibilities of ITIL®, PRINCE2® and DEVOPS in your company through playful simulations. Experience a fictitious space flight or increase the productivity of a pizza delivery company. In the process, many typical problems encountered in IT organisations become visible.

Apollo 13 Simulation Challenge of Egypt™ Grab@Pizza-Simulation ITSM around the World MarsLander® – an ITIL® 4 Simulation The Phoenix Project Simulation

In our practical workshops, competent trainers support your organisation in integrating theoretical frameworks and software know-how into everyday practice.

Together with you, we develop solutions for the introduction, advise on the concrete design of processes

Our online training courses prepare you digitally, diversely and efficiently for your certification.

In the basic training courses for ITIL®, PRINCE2® and Security Awareness, you will be familiarized with the content with the help of case studies and quizzes and chapter questions - all you need is a computer or tablet with a stable internet connection.

ITIL® 4 Foundation Online PRINCE2® Foundation Online

With the combined expertise of experienced consultants and educational professionals, we offer digital learning formats that are tailored to your needs. These include interactive learning experiences, knowledge nuggets and context-specific learning formats.

Knowledge

Read more

Tips for the use and handling of ServiceNow®. Learn more about detailed questions regarding the use and optimization of the ServiceNow® service portal in short videos.

Categories

22.06.2022

Protecting against cyberattacks: Security automation for email attacks

Companies of all sizes insufficiently protect their infrastructure or procure important products that provide IT with "Security Information and Event Management", for example. In almost all cases, there is no tailored, product-independent solution to perform automated initial response to serious security incidents. Two things are certain: a complex Trojan can only be made more difficult to attack with automated processes in the first few seconds, and users in the company will run Trojans recurrently regardless of any sensitization measures.

 

The crime scene

After the last conference, "Mr. W" checks the incoming emails. In one email, an important recent purchasing transaction is escalated. The sender is known to "Mr. W". "Mr. W" tries to open the PDF. The loading bar of the PDF application appears and disappears after a few seconds without an error message. It is already late and the sender is only available in the mornings on this day of the week, so "Mr. W" ends his workday.


The attack

A personalized attack is launched on "Mr. W's" company. Even before "Mr. W" logs off, the attackers have, within a few minutes, automated their own encrypted tunnel into the company network, rich information about the company's infrastructure the identities of "Mr. W" and a deployed service account used on the company's workstations with local system privileges installed malware collection on the temporarily disabled workstation of "Mr. W".


The countermeasures

An automated attack must be responded to with automated countermeasures in order to minimize the damage. It must also be possible to identify the workstation of the perpetrator "Mr. W" in the company's network when a local report of detected malware on a remote file server is triggered. Once identified, forensic data must be collected and the user account and workstation isolated for subsequent manual action. Finally, a comprehensive report and notifications of the incident must be sent out to the enterprise, and reactive manual actions are required in the aftermath. No more than five seconds should elapse from the time a malware is detected to the time the perpetrator and his or her workstation are isolated.


The technology

In the company's infrastructure, when malicious code is executed, events can indicate a malware incident early on and trigger an automated process that checks the situation under an algorithm. Each server can initiate this process without the use of service accounts, communicate and exchange information. In mutual communication, jobs can be sent to other systems. Identification and isolation of the originator complement dedicated auxiliary systems.


The effort

Such an automation project begins in the enterprise with the realization that measures against malware need to be handled in an automated way. The intelligence lies in the code and in the architecture. The individual infrastructure of each company is taken into account and no requirements are placed on specific products or antivirus programs. After a quarter of development work, the first version of the "antivirus extension" can provide supplementary protection for the company and, in the event of danger, valuable preliminary work for the IT security department.

 

About the author Mathias Rühn

Mathias Rühn joined the iTSM Group in March 2015 and went straight into a challenging infrastructure project. In the first few years, he was primarily responsible for the design, development and operation of the central file services. In addition to the implementation of sub-projects and the support of cross-sectional topics, such as the automation of processes, his responsibilities also include organizational activities and the support and further development of the central basic infrastructure at our customers. As a senior technical consultant since 2003, he now has in-depth expertise in numerous infrastructures and server systems.

Governance, Risk and Compliance

With our services in the area of Governance, Risk and Compliance, we help our customers to meet the constantly growing compliance requirements from information security, data protection and risk management with suitable concepts, processes, services and technical solutions.

News about iTSM Group

How can we support you?

The iTSM Group in Europe

iTSM Group Headquarters

ITSM Consulting GmbH
Uwe-Zeidler-Ring 12
55294 Bodenheim

 

Telefon: +49 6135 9334 0
E-Mail: info@itsmgroup.com

iTSM Group Great Britain

Trusted Quality UK Ltd.
1 Bartholomew Lane,
London, EC2N 2 AX

info@itsmgroup.com

iTSM Group Netherlands

Trusted Quality NL B.V.
Hutteweg 24
7071 BV Ulft

 

Telefon: +49 6135 9334 0
E-Mail: info@itsmgroup.com

iTSM Group Austria

Softpoint Trusted Quality GmbH
Linzer Straße 16e
4221 Steyregg/Linz 

 

Telefon: +43 732 794479 0
E-Mail: kontakt@softpoint.at

iTSM Group Switzerland

Trusted Quality Switzerland GmbH 
Prime Center 1, 7th Floor
8058 Zürich

 

Tel.: +41 44 567 61 00
E-Mail: info@trusted-quality.ch

iTSM Group Romania

iTSM Trusted Quality S.R.L.
2 Mexic, Bl. 1, Ap. 17, sec. 1,
Bukarest, RO-011756

 

Telefon: +40 (744) 180499
E-Mail: office@trusted-quality.ro

iTSM Group Italy

Trusted Quality Italy S.r.l.
Via Leonardo Da Vinci 12
39100 Bolzano BZ

info@itsmgroup.com

New impulses for service management

Guides, webinars and tutorials in the iTSM knowledge area.

 

iTSM Knowledge