Data security and protection against cyber attacks

Data protection - Protect your data, documents and information in the company from data loss

In recent years, companies around the world have had to protect themselves against increasingly aggressive cyber attacks. The pandemic is mainly responsible for the extreme increase in cybercrime. Private computers in the home office with remote access to the company network are an ideal gateway for attacks. In addition, there is a shortage of skilled workers - specialists for IT security in companies are rare.

It is good that you can count on windream GmbH as an experienced partner at your side in this situation. In the context of our Enterprise Content Management (ECM) or document management system windream and the windream high-performance archive, we offer highly specialised archiving solutions to protect your data and information against cyber attacks. With further hardware and software solutions, IT security in companies can be additionally increased.

Would you like to protect your company against cyber attacks and data loss?

We will be happy to advise you.

Get advice now      Get to know the windream ECM-system now

Data backup and recovery with the windream ECM-system

First measure to defend against a cyber-attack: saving documents in the windream archive

The primary goal for defence against cyber attacks is to archive data and documents in such a way that they are not accessible to an attack. In parallel, the creation of regular offline backups is the first means of choice. Even in case data are no longer accessible, e.g. after an encryption attack, windream is prepared for this if it is configured accordingly. Our ECM-system is able to completely restore entire document stocks, including the associated metadata, from the digital windream archive.

"Data and documents can be archived with windream in such a way that they cannot be accessed by an attack. In parallel, the creation of regular offline backups is the first means of choice."

Stephan SergerCEO windream GmbH

Secure document archiving with index data

In this context, it is possible to store both the data or documents and the document-describing index data securely in an archive of the windream ECM-system. There, they are protected against external access and encryption is not possible. Digital archiving then also ensures that the archived objects cannot be modified during the entire archiving period. In terms of legally compliant archiving, this is an invaluable advantage. It doesn't matter in which way, from which place or by which user an access attempt is made - all data is one hundred percent safe from manipulation - and thus of course also from encryption. The legal conformity of the windream ECM-system has been confirmed by a corresponding legal opinion

To legal opinion

Would you like to protect your company against cyber attacks and data loss?
We would be happy to advise you.

Get advice now      Get to know the windream ECM system

windream and NetApp - a strategic partnership for more cyber security

With NetApp Inc, a leading global manufacturer of storage systems, we have developed secure solutions in the course of our technology partnership that reliably protect your company against crypto attacks.

How does this work?

Basically, it is about being able to react appropriately to a possible encryption attack by ransomware.

windream and NetApp reliably protect companies against crypto attacks

In concrete terms: The systems of windream and NetApp ensure that encrypted data can be restored so that a complete system failure due to extortionate encryption can be avoided. In order to achieve this goal, the windream and NetApp systems are connected on the software side in such a way that they seamlessly cooperate and communicate with each other.

windream controls the NetApp storage systems via the windream ECM and thus supplements the NetApp storages with object-oriented Content Addressed Storage (CAS), Information Lifecycle Management (ILM) and Single Instance Storage (SIS).

With Content Addressed Storage (CAS), data is stored in such a way that direct access to individual objects is possible and at the same time the immutability of the stored information is ensured. Information Lifecycle Management (ILM) involves the management of data over its entire lifecycle - from creation, through processing and retention, to final deletion. Single Instane Storage (SIS) aims to reduce storage requirements by storing identical data only once instead of multiple times.

The windream ECM system's ILM also controls the NetApp Snaplock feature, which reliably protects archived data against encryption by crypto attacks.

Cyber Security - windream GmbH

Cyber Security - Protect your company from data loss

The question why cyber security is so extremely important for your company is self-answering due to the scenarios described here.

With the windream ECM-system, the storage solutions of our partner NetApp and the eXpurgate software as an e-mail guard, you are well prepared. 

Get advice now

E-Mail Security with over 99.9 % spam detection rate

windream archives data - eXpurgate monitors e-mails

As an additional measure to defend against attacks, e-mail communication can also be monitored reliably. Besides the e-mail archiving solution windream Exchange, which archives the entire e-mail traffic of a company, our product portfolio also includes a further powerful solution called eXpurgate as a weapon against cyber attacks.

This is a mail server security software to protect against spam, phishing, DDoS and malware attacks. The software is highly specialised and recognises 99.9% of all suspicious mails. This means that it achieves an extremely high value - especially in comparison to other systems of this kind. In general, eXpurgate is considered one of the leading solutions for the detection of spam and phishing mails. This can be clearly seen from the fact that the system - just like windream - is used by numerous large companies worldwide. Moreover, large and well-known mail providers also use eXpurgate.

Cyber Security Awareness

Increase IT security - sensitise employees

Last but not least, in connection with cyber attacks, especially when they occur via e-mail as phishing messages, it is always about the user. Because the best technology is only as efficient as the user who uses it. This means: sensitisation and targeted training of employees are further means of choice to recognise attempted attacks by e-mail and to react adequately to them. Especially if the work is done in a home office and the private computer has access to the company network. Because the attacks are not only becoming more aggressive, but also more and more professional.

Cyber Security - Data security has top priority

What is cyber security? Cyber security is generally understood to be a whole range of measures that can be taken to defend against attacks on your IT infrastructure. Regular backups, which take place offline and are thus not accessible to attackers, and an appropriate spam filter for e-mails, which also recognises other suspicious messages that may contain malware, belong as basic equipment in every IT infrastructure.

In this context, it makes sense to know the individual threats and to know what types of attacks there are and what can happen in the event of an attack. Here are the answers to the most important questions.

Crypto attacks or encryption attacks aim to encrypt your system's data in order to make you vulnerable to blackmail. Only after paying a ransom - hence the name ransomware - should you be able to decrypt the data again. Often, the encryption is also linked to the threat to publish internal company data if the demanded ransom is not paid.

Ransomware generally refers to malware that is able to encrypt your IT system's data in such a way that you can no longer access it. This is supposedly only possible again after paying a ransom. Often, the cyber criminals offer you a code with which you can restore the encrypted data after you have paid the ransom. Since the cyber criminals often use so-called asymmetric encryption technologies, it is almost impossible to decrypt the data again with your own means.

Synonyms to the term "ransomware" are also used, such as "blackmail Trojan", "extortion software", "crypto Trojan" or "encryption Trojan".

How does ransomware get into your system?
There are various ways in which ransomware finds access to your system. For example, through contaminated email attachments opened by a user, through security holes in web browsers, through transmission via cloud services or via remote access to an IT infrastructure.

Malware is the generic term for all kinds of malicious programs. The term malware is composed of "mal" for "harmful" and "ware" as an abbreviation for "software". Attempting to encrypt data by infiltrating a malicious programme is only one form of malware use. There are others.

Spam is primarily spoken of in the context of e-mail communication. Spam mails do not necessarily have to contain malware (for example in the e-mail attachments). Often, spam mails are just special and annoying forms of transmitting advertising messages. But caution is advised, because in many cases spam mails cannot be recognised as such at first glance either and may of course also contain malware under certain circumstances.

In phishing, criminal organisations or perpetrators try to obtain personal information about the recipients of the fake e-mail messages. These e-mails are often disguised, for example, as an important message from your bank. You are then asked to disclose passwords and user names or even credit card data as part of an alleged system maintenance. It is also possible that you will be taken to a "fake page" via a link, where you will be asked to enter your data as in a form. Generally speaking, absolute caution is advised here! Be vigilant, because cyber criminals are usually always developing new and imaginative methods to deceive you as a user.

One speaks of so-called DDoS attacks when perpetrators manage to paralyse a server by means of targeted and countless server requests. After the maximum number of requests that can be processed by the server has been exceeded, the server is overloaded. A system failure with serious consequences is imminent. Because this means that the server is no longer accessible, as it can no longer answer any requests (hence the term "denial of service"). With this method, the perpetrators try to put certain servers - especially those used in a critical infrastructure - out of action. This can lead, for example, to power failures or the inaccessibility of emergency services. Here, too, many scenarios are conceivable in which damage can be done in all possible shapes and forms!

What damage can crypto attacks cause

In the case of encryption of central systems and important data stocks as well as accessible backups, there is a risk of a longer-term company shutdown, as you can no longer access the data. It is advisable not to respond to ransom demands, as decryption of the data is not guaranteed. There is a threat of permanent data loss, which is usually associated with high costs. The BSI warns decisively of this danger from crypto attacks.

IT security is mandatory!

It hits you even worse when cyber criminals threaten to publish internal company information. Especially if it is sensitive personal data. Even if you have been the victim of a cyber attack: You are responsible for the security of the data and your IT infrastructure! A disclosure often results in a loss of reputation and trust, which can lead to high financial losses.

Would you like to protect your company against cyber attacks and data loss?

We would be happy to advise you.
Get a non-binding consultation now

Would you like to learn more?

We will be happy to advise you personally on our solutions for digitalisation!

image description
Do you have questions about our solutions?
Please contact us!

windream News en2

Stay up-to-date and subscribe to our windream newsletter now.