top of page

IT Security

Your Data Are Safe With Us.

We are GDPR and NIS2 compliant.
Below are some of the ways we protect your data. 

​End point security solution: An advanced behaviour-based threat protection, currently the highest standard of 'anti-virus' via SentinelOne.

 

Encryption: BitLocker is installed on each one of our laptops.

 

How operating systems are patched: End-points are automatically patched and kept up to date.

 

Device back-up: Working with OneDrive for business, all information is kept on the cloud and nothing is stored on individual laptops.

 

The Cloud is OneDrive for business (Organization license). 

 

Professional IT Security: is managed by CHEOPS, a dedicated IT company. (CHEOPS.com)

 

Data storage: No data related to the engagement will be stored, transferred or accessed outside of the United States or the European Union.

The data are stored in a single place on the Cloud, never on any individual computer. Therefore, at the end of the services and if Company requires this, we can permanently delete the engagement data from the cloud.

Alerting mechanisms that are in place for unusual activity (authentication failures, SLA violations, large data transfers etc.): All our laptops are continually monitored by CHEOPS for any issues, including security breaches etc. and CHEOPS has the possibility to erase all content from the laptop remotely in case of theft from reading the data on the laptop if it is stolen or found.

 

BitLocker also protects against unauthorized removal of the hard drive. By using BitLocker in conjunction with Azure Active Directory, there is no need to store encryption keys manually, as they are automatically stored in Azure AD. The device is encrypted using a unique TPM (Trusted Platform Module) chip, which is present in every laptop offered. This means that a device is uniquely encrypted on the basis of this chip and the data on the drive linked to the physical hardware. This makes it almost impossible to read this data externally via another device. Device encryption is one of the few measures described that you can take to comply with GDPR legislation.​

Email Security Protections: DMARC & SPF

​

DMARC is a security tool that helps stop fake emails by checking if messages come from a trusted source. It works with SPF and DKIM to confirm email authenticity. DKIM adds a digital signature to emails, allowing receivers to verify that the message is real and hasn’t been changed. DMARC makes sure both systems agree with the sender’s domain. Together, they protect against email scams and phishing.

 

  1. SPF (Sender Policy Framework)

    • Purpose: Allows us to specify which mail servers are authorized to send emails for their domain.

    • Benefit: Reduces the risk of email spoofing by validating sender identities.

  2. DMARC (Domain-based Message Authentication, Reporting & Conformance)

    • Purpose: Builds on SPF and DKIM to provide a framework for email authentication and reporting.

    • Benefit: Enables domain owners to receive reports on email authentication failures, helping to monitor and enforce email policies.

 

Together, DMARC and SPF significantly enhance email security and help protect against fraudulent emails.

​

Enterprise Mobility + Security is at the security level.

​

Microsoft Intune: centralized management of all devices (MDM & MAM)

Azure Information Protection Plan 1

  • Configuration of “do not copy” and “do not forward” for specific data

  • Classification of sensitive data such as “confidential”

Azure Multifactor Authentication

Integration of two-factor security

Azure AD Premium P1

  • BitLocker

  • MS Cloud App security integration

  • Conditional access

  • Single Sign On functionality including 3rd party integrations

  • Advanced password management

  • Password self service reset portal

  • SMS verification

  • Enterprise roaming

We also have the Defender for Business functionality.

​

Microsoft Defender for Business

  • Automated Investigation & Response: AIR capabilities are designed to investigate alerts and take immediate action to resolve violations. Air capabilities significantly reduce the alert volume, allowing security operations to focus on more advanced threats and other valuable initiatives.

  • Block at First Sight: Block at First Sight is a next-generation threat protection feature that detects new malware and blocks it within seconds.

  • Tamper Protection: During some types of cyberattacks, bad actors attempt to disable security features, such as antivirus protection, on your machines to gain easier access to your data, install malware, or otherwise misuse your data, identity, and devices. Tamper Protection helps prevent this from happening.

  • BitLocker encrypts the hard drive of the workstation and protects against unauthorized changes to your system, such as installing malware or modifying system settings. This prevents anyone from reading the data on the laptop if it is stolen or found. 

Contact Us

​For queries or IT Security concerns, please contact us at info@she-consulting.be or (+32) 470 92 04 49.

​

IT Security Updates​

This information is subject to occasional review, and any updates will be posted on our website.

In need of our services?
Get in touch!

Statistical Analysis

Economic Modelling

Data Collection

Literature Review

Publications

bottom of page