With our services in the area of Agile & IT Service Management we support our customers in the optimal alignment of the structural and process organization and digitize and automate common tasks in service management - according to classic, agile or hybrid methods.

Make your business more responsive and flexible with agile approaches, create more business value for you and your customers and win with a faster time to market.

With our experience in integrated ITSM and DevOps environments, Scrum/Kanban and strategic focus on scaling agile, iTSM Group is the ideal partner for agile practices and organisational transformation. 

With our services in the area of Customer Service Management (CSM), we help service organisations to work in a customer-centric and efficient way.

With "AI"-based self-services, you enable your customers to interact mobile, efficiently and 24/7, while your service agents have all customer-relevant information available centrally - in every process step, across departments and up-to-date at all times.

With our services in the area of Governance, Risk and Compliance, we help our customers to meet the constantly growing compliance requirements from information security, data protection and risk management with suitable concepts, processes, services and technical solutions. 

In this way, we put our customers in a position to sustainably anchor the right and affordable measures in the organization from the multitude of possible and necessary measures.

In an increasingly data-driven world, the classic methods and tools for handling IT operations are no longer sustainable.

With our IT Operations Management services, we support our customers in modernizing and transforming their IT operations and help them to reach the next level of automation.

With our services in the area of Project Portfolio Management (PPM), we support our customers in better aligning their project management with the corporate strategy and in making project work more efficient overall - regardless of whether it is carried out according to classic or agile approaches. 

ServiceNow®

ServiceNow®

The Now Platform is a powerful tool for digitising and partially automating your processes and services.

Here you will find an overview of the various fields of application in departments and industries. 

As a ServiceNow® Elite Partner, the iTSM Group and its subsidiaries are one of the most distinguished consulting firms for the Enterprise Service Management platform in Europe.

Here you can find an overview of our ServiceNow® consulting services. 

We support you in setting up and implementing ServiceNow® Cloud SaaS correctly - with a holistic approach at various levels.

Get to know our services in the context of ServiceNow® implementation.

ServiceNow® as a Service is the ideal product for a quick entry into the digital transformation of small and medium-sized enterprises: We take care of the setup and configuration of your ServiceNow® environment, map your processes there, and enable tailoring to individual needs without long-term contractual commitments.

With our Application Management Service (AMS), we take care of the daily tasks involved in the operation of our customers' platform solutions - especially with regard to global ServiceNow® platforms. 

Our cross-project expertise and maximum transparency in our approach are the basis for a successful and trusting partnership.

Increase the acceptance and use of your service portal with user experience design - for more satisfaction and efficiency in the company.

In our ServiceNow® training courses, you will gain experience in using the software and learn how to map and optimise your work processes in ServiceNow®. As an authorised ServiceNow® training partner, we also offer you official certification.

IT Infrastructure Library (ITIL®) is a globally recognised framework for implementing IT-Service Management.

In our ITIL® training courses for v3 and ITIL® 4 you will learn the processes, organisational structure and tools necessary for operating an IT infrastructure and can become officially certified according to the globally valid standard.

ITIL® Foundations

PRINCE2® (Projects in Controlled Environments) is a process-oriented method for project management that is based on best practices.

In our PRINCE2® training courses, you and your colleagues learn the framework for successful projects and concrete recommendations for action for each project phase. In addition, you can also take an exam and receive your PeopleCert® certificate of the international standard right away. 

ServiceNow® is a provider of cloud-based software-as-a-service (SaaS) for enterprise service management.

In our ServiceNow® training courses, you will gain experience in using the software and learn how to map and optimize your work processes in ServiceNow®. As an authorized training partner of ServiceNow®, we also offer you the official certification.

Learn about the possibilities of ITIL®, PRINCE2® and DEVOPS in your company through playful simulations. Experience a fictitious space flight or increase the productivity of a pizza delivery company. In the process, many typical problems encountered in IT organisations become visible.

Apollo 13 Simulation Challenge of Egypt™ Grab@Pizza-Simulation ITSM around the World MarsLander® – an ITIL® 4 Simulation The Phoenix Project Simulation

In our practical workshops, competent trainers support your organisation in integrating theoretical frameworks and software know-how into everyday practice.

Together with you, we develop solutions for the introduction, advise on the concrete design of processes

Our online training courses prepare you digitally, diversely and efficiently for your certification.

In the basic training courses for ITIL®, PRINCE2® and Security Awareness, you will be familiarized with the content with the help of case studies and quizzes and chapter questions - all you need is a computer or tablet with a stable internet connection.

With the combined expertise of experienced consultants and educational professionals, we offer digital learning formats that are tailored to your needs. These include interactive learning experiences, knowledge nuggets and context-specific learning formats.

Categories

22.06.2022

Protecting against cyberattacks: Security automation for email attacks

Companies of all sizes insufficiently protect their infrastructure or procure important products that provide IT with "Security Information and Event Management", for example. In almost all cases, there is no tailored, product-independent solution to perform automated initial response to serious security incidents. Two things are certain: a complex Trojan can only be made more difficult to attack with automated processes in the first few seconds, and users in the company will run Trojans recurrently regardless of any sensitization measures.

 

The crime scene

After the last conference, "Mr. W" checks the incoming emails. In one email, an important recent purchasing transaction is escalated. The sender is known to "Mr. W". "Mr. W" tries to open the PDF. The loading bar of the PDF application appears and disappears after a few seconds without an error message. It is already late and the sender is only available in the mornings on this day of the week, so "Mr. W" ends his workday.


The attack

A personalized attack is launched on "Mr. W's" company. Even before "Mr. W" logs off, the attackers have, within a few minutes, automated their own encrypted tunnel into the company network, rich information about the company's infrastructure the identities of "Mr. W" and a deployed service account used on the company's workstations with local system privileges installed malware collection on the temporarily disabled workstation of "Mr. W".


The countermeasures

An automated attack must be responded to with automated countermeasures in order to minimize the damage. It must also be possible to identify the workstation of the perpetrator "Mr. W" in the company's network when a local report of detected malware on a remote file server is triggered. Once identified, forensic data must be collected and the user account and workstation isolated for subsequent manual action. Finally, a comprehensive report and notifications of the incident must be sent out to the enterprise, and reactive manual actions are required in the aftermath. No more than five seconds should elapse from the time a malware is detected to the time the perpetrator and his or her workstation are isolated.


The technology

In the company's infrastructure, when malicious code is executed, events can indicate a malware incident early on and trigger an automated process that checks the situation under an algorithm. Each server can initiate this process without the use of service accounts, communicate and exchange information. In mutual communication, jobs can be sent to other systems. Identification and isolation of the originator complement dedicated auxiliary systems.


The effort

Such an automation project begins in the enterprise with the realization that measures against malware need to be handled in an automated way. The intelligence lies in the code and in the architecture. The individual infrastructure of each company is taken into account and no requirements are placed on specific products or antivirus programs. After a quarter of development work, the first version of the "antivirus extension" can provide supplementary protection for the company and, in the event of danger, valuable preliminary work for the IT security department.

 

About the author Mathias Rühn

Mathias Rühn joined the iTSM Group in March 2015 and went straight into a challenging infrastructure project. In the first few years, he was primarily responsible for the design, development and operation of the central file services. In addition to the implementation of sub-projects and the support of cross-sectional topics, such as the automation of processes, his responsibilities also include organizational activities and the support and further development of the central basic infrastructure at our customers. As a senior technical consultant since 2003, he now has in-depth expertise in numerous infrastructures and server systems.

Governance, Risk and Compliance

With our services in the area of Governance, Risk and Compliance, we help our customers to meet the constantly growing compliance requirements from information security, data protection and risk management with suitable concepts, processes, services and technical solutions.

News about iTSM Group

New impulses for Service Management

Learn more about solutions in Service Transformation

in our webinars.

To our webinars