Apogepha Arzneimittel

Security Awareness Training Against data espionage

Die Dresdner APOGEPHA Arzneimittel GmbH looks back on an eventful company history. Starting in 1882 as a pharmacy, it is now a thrid generation family-owned pharmaceutical enterprise, developing urological drugs and selling beyond Germany as well. The research and development of new products and services in the healthcare sector generates sensitive data that requires special protection. Data loss through criminal acts also poses an existential threat to an innovation company. APOGEPHA is well aware of the risk and wants to train the attention of the employees so that they can recognize threats by phishing attacks via e-mail and thus avert a possible fraud attempt.



Customer Benefit


Security awareness training for employees

Reducing the risk of phishing scams

Avoidance of data loss, operational failure and espionage

Hendrik Leder, APOGEPHA'S IT Security Officer

„We rehearsed the worst-case scenario and tested it vividly by sending a fictitious phishing e-mail. Our employees were able to experience first-hand what a careless click means.“


Reference at a Glance


Task

Security awareness training for employees to raise awareness of the threat posed by phishing emails.

Solution

Setting up and sending test e-mails, evaluating the results and deriving security measures with advice.

Result

Trained employees with heightened awareness of social engineering and development of security measures.

  • REQUIREMENTS

    One wrong click can be the gate to fraud

    As an established company in the healthcare sector, APOGEPHA focuses on the research and development of therapies for urological diseases. The focus is on pharmaceutical developments for new dosage forms and drugs, as well as clinical development. To this end, APOGEPHA also enters into scientific collaborations with universities and hospitals. The sensitive data from research and development are particularly worthy of protection, even against espionage or data theft. Since fraudsters most often exploit human vulnerabilities as a gateway into IT systems, employees must be particularly attentive and vigilant and trained to deal with typical fraud situations.

  • Solution

    Training of all Employees by Fictitious Phishing

    In social engineering, human nature is, such as helpfulness and stress is exploited by criminals, for example by requesting sensitive access information in a deceptive e-mail and feigning time pressure or the supervisor's consent. The training is intended to draw attention to this situation and to train employees to be more vigilant. For this purpose, T-Systems Multimedia Solutions set up a test mailing of fake phishing e-mails using the open-source phishing framework "Gophish". The reaction of all recipients was recorded with this fake mail. The evaluation served as a basis for consulting on further training and security measures.

  • Benefit

    Increased Vigilance due to Test Run

    The vivid and up-close test by the fictitious mail opened the eyes of all participants. Being able to see from your own reaction whether the wrong click would have led to a fraud attempt in the form of unauthorized disclosure of confidential information is more instructive than any theoretical explanation. Further training on security measures and increased vigilance can be built on this experience.

About APOGEPHA

As a traditional drug manufacturer APOGEPHA Arzneimittel GmbH has written Dresden's pharmaceutical history. After its foundation in 1882 by the pharmacist C. Stephan, APOGEPHA developed into today's economically independent, family-owned pharmaceutical company. APOGEPHA currently employs around 150 people.




Contact Person