SpotON – our blog around digital compliance in enterprises
SpotON – Digital Compliance
Read here regularly on selected topics, developments and news from the areas:
SAM & Cloud – use software legally compliant and cost-effective
IT Security & Threat Intelligence – protect the IT landscape effectively
Data & Digitization – manage digital assets across the lifecycle
Complion Insights – look behind the scenes of digital compliance consultants
10/11/2022
License management for specialist software – a necessary extension?
The focus of classic license management is usually limited to a few software vendors. Special applications offer high potentials, but are often disregarded.
Cybersecurity October Review: Zero-Day Vulnerabilities in Microsoft Exchange Servers
In early October, reports became public about two vulnerabilities in Microsoft Exchange Server 2019, 2016, 2013 - an email server software widely used in enterprises. To exploit them, malicious actors chain both vulnerabilities together. Thus, they can execute malware on Exchange Server to move further into the network, exfiltrate and/or encrypt data. In addition to the severity of the vulnerability, the problem is that malicious actors, presumably a state-sponsored organization, identified and exploited it before Microsoft did.
Security Operation Center – Realization and Implementation
In our past blog post, "SOC 101 – a brief introduction to Security Operation Centers," we talked about the mission and goals of a Security Operation Center. In this article, we will go into more detail about realization and implementation.
The People's Republic of China is commonly regarded (along with special cases like North Korea) as the most digitally regulated country in the world. The Great Firewall of China and laws such as the Personal Information Protection Law (PIPL) enable China to shape its internal software market. This is especially true for the provision of cloud services. We explain what sourcing such services looks like in the Microsoft environment in China in this blog post.
Half a Year of War: Interim Analysis of the VOICE Cyber Security Competence Center (CSCC)
On Feb. 24, 2022, when the first bombs hit Kyiv and Russian tanks rolled across the Ukrainian border, a turning point occurred. The global security situation had abruptly changed from "extremely tense" to "most critical point since 1945." It was clear to all experts, even before the invasion, that cyber activities would play a significant role in the Russian war of aggression. However, how Russian network operations are shaping up has been observed by the CSCC over the past six months and discussed with companies in the community. What we found out is described in this blog post.
COMPLION Insights - Employee introduction: Christian Grabner
Our company is made up of people and we want to introduce them to you in the coming weeks and months. The first one is COMPLION co-founder Christian Grabner. We find out what COMPLION is all about for him, what his daily tasks are, and what he does when he's not working on customer projects.
Salesforce Licensing – better you know in advance what you need
Salesforce is the vendor with the largest market share in the customer relationship management (CRM) software sector. SAP, Oracle, Microsoft and Adobe follow at a great distance. To license Salesforce's cloud-based solutions cost-effectively, a good overview of the products and the licensing model is essential in advance.
TeamOn: Complion travels to Beilngries in the Altmühl Valley
It's finally summer and our annual team event took place in Beilngries near Ingolstadt, in the beautiful Altmühl Valley. Together we spent a few beautiful days in best weather and finest hospitality – both in front of the laptop and on the water. What we experienced, we want to describe in this blog post.
Complion Insights: Mobile working on flexible time at COMPLION
Flexible work schedules and home offices have become both salvation and memes in the pandemic. While it's clear that many companies have both saved lives and kept their businesses afloat by switching to home working, jokes along the lines of "home office - I'll live in the office from now on" aren't without their shred of truth either. How to find the right balance between relaxed productivity and home office burnout is often determined in large part by corporate culture. In this blog post, you can find out what this looks like at COMPLION with regard to mobile and flexible working.
Emotet, Agent Tesla, ZeuS. These three of the best-known malware families have one thing in common, they all use phishing as a central strategy for their spread. Social engineering strategies, for example in the form of phishing or spear phishing, are often used. The "human vulnerability" therefore continues to be a popular target for attack, which is also confirmed with regard to current studies, such as those conducted by Bitkom.
But how can you protect yourself and your employees from such attacks? This blog post deals with one of the possible approaches to effectively mitigate such threats: so-called sandboxing.
SOC 101 - A Brief Introduction to Security Operation Centers
SOCs are increasingly being used to monitor corporate IT. In the coming weeks, we will therefore take a comprehensive look at this topic. In the first part, we will look at the components and tasks of security operation centers.
New SACS conference: cost-effective software deployment in the spotlight
The SACS Conference will take place in Frankfurt/Main, Germany, on September 21-22, 2022. It focuses on the topics that help user companies to procure their software and cloud services cost-effectively and to use them in compliance with the contract. The conference puts its participants on an equal footing with software and cloud providers when it comes to negotiating and drafting contracts.
