Back from the Versenkung

After nearly a year of writing nothing, I am writing my first blog article. The last months i was very busy in my job and also in my private life. Last year i did my CCNA Routing and Switching in paralell to a Windows 10 Migration and Rollout project for swiss energy company. In October I started with my Master studies in IT-Governance, Risk and Compliance Management, which is very interesting. In this studies, i learned a lot about digital platforms and how to ensure IT-GRC for them, Digital Forensics, Cloud Security and so on. This studies keep me very busy as I am doing this studies in parallel to my job. At the moment i am preparing a project thesis with the title “Einführung von technischen und Organisatorischen Maßnahmen gemäß DSGVO mit Hilfe von ISO 27001”.

In December last year i renewed my BSI IT-Sicherheitsbeauftragter/ Chief Information Security Officer Certificate. At the 28th September 2018 I was a public speaker at the ISC² Switzerland Chapter Security Conference 2018. This conference was amazing with a lot of interesting topics and for me it was an honer to speak there. I spoke there about Cybersecurity for Healthcare facilities. This is very tricky, because most healthcare facility have not the money to protect and safeguard our medical information as they should be. An example for this is, should a doctor by a new CT or a new firewall. The Firewall protects him/her against some cyber attacks, but the CT brings the money. In this sector good and affordable solutions are the way to go. Open Source can be a good way, when you know how to implement and use them.

From November until Mid-of-May i was on a laboratory equipment qualification project for new revolutionary gene therapeutics medicine from a Swiss based Parma company. This project was very interesting, but also a lot work to do as it was the first product of its kind for this company. For all of you, who want to work in Computer System Validation, i have a little advice for you: Learn the Drug Development Cycle and how GxP fits into it, because this knowledge helps you to deal with project pressure in my opinion. You even know, why the client is so pushy on some projects. This project is an example for the old sentence “no plan survives the first contact with the enemy”.

Since mid-of-may i working currently on an IT upgrade project for a residential home for the elderly. At this client i upgrade the whole IT Infrastructure from Windows 7 and Windows Server 2008 R2 to Windows 10 (1809/1903) and Windows Server 2019. In addition the whole network is redone, new ThinClient Solution from IGEL is also rolled-out and the Cybersecutrity of this residential home for the elderly is improved. If whished, i can do maybe a little blog series in a more general way about this. For this project I have the same conflict as described above in the healthcare sector.

I am planning to write more often blog article about how you can ensure good cybersecurity with open source and/or free tools. This includes also how to implement a solid IT infrastructure for SMEs with open source technology like ProxmoxVE.