Ensured IT security & GDPR compliance for the international web hosting provider
Information security is not something that a responsible business can avoid these days. Especially when it comes to EU citizens’ data processing. General Data Protection Regulation (GDPR) is an essential regulation that every company must follow. The GDPR’s purpose is not only to protect against cyber attacks but also to ensure the proper processing of EU citizens’ personal data.
In 2021, more than 130,000 personal data breaches caused by poor data processing were notified to regulators, ending in a total worth €1.087 billion in fines. Moreover, one cyber crime can cost companies $2.9 million every minute worldwide. Based on global statistics, more companies need to step up their information security game. Especially when cyber criminals do not plan to stop stealing personal information, blackmailing or using that data against businesses and individuals.
Although the number of cyber attacks and data breaches arises, we see a positive tendency in companies that more often decide to strengthen their IT security with professional assessment services. Therefore, we proudly present a case study about Information Security and GDPR assessments provided for the international web hosting provider — Hostinger.
Situation
Hostinger is a customer-obsessed, idea-driven web hosting provider recognised as the fastest-growing hosting brand in 2020. The company provides top-notch web hosting services and technology, allowing people around the globe to unlock the power of the internet and acquire the freedom to learn, create, and grow.
For Hostinger, which stores much information of their clients from businesses and individuals, it is crucial to guarantee a solid information security not only of clients’ data but also of their customers’ data. Moreover, the company operates within the EU, where data protection and privacy are ensured by the GDPR. Therefore, professional GDPR Compliance and Information Security assessments are needed to prevent any possible cyber-attack or internal data breach.
Hostinger looked for a partner that could offer a team of certified IT security experts with proven GDPR and information security expertise. Thus, Baltic Amadeus has proposed executing two assessments to evaluate Hostinger’s IT infrastructure security and GDPR compliance and provide an action plan to remove any found threats and risks.


Solution
During the 2 months, Baltic Amadeus provided a comprehensive IT security assessment divided into three main steps: organising needed information; reviewing and evaluating provided documentation; delivering a report document with found observations and recommendations.
Throughout the process, the Baltic Amadeus executed Information Security Controls, their compliance with ISO/IEC 27001, 27002, GDPR requirements and CSA Cloud Controls Matrix.
In the final stage, the Baltic Amadeus team presented a final report, enabling the Hostinger team to clearly understand their IT security situation. With the report, the Baltic Amadeus team explained identified threats, risks, priorities, and recommendations for treating identified IT security vulnerabilities.
Added value
Experts, who have carefully implemented an in-depth assessment process, hold long-year expertise in the IT security field. Their experience includes Information Security management, IT Security risk management, IT Security Architecture, ISO 27001 implementation, IT Security audits and assessments, Information Security awareness training, Penetration testing, Vulnerability assessments, and more.
In addition, the assessment team’s competencies are proven by various international certificates such as CISA, CISSP, CDPSE, TOGAF, ITIL, CompTIA Security+, CEH, OSCP and CompTIA Pentest+.
The full spectrum of expertise proved the highest quality of the provided GDPR and Information Security assessments.

Other projects
Azure-based solution that cut infrastructure costs by over 4 times
ProMark
Data/API Hub solution for the international ferry service provider
TT-Line
Security assessment and InfoSec training for a global media company
Internews
Infrastructure and data migration assessment for agricultural retail provider
Lytagra
Upgraded analysis platform boosted paid user base by 43%
Börsdata
In-depth penetration testing for a specialised Lithuanian bank
General Financing Bankas
Mobile app for the fastest-growing payment solutions provider in Lithuania
ConnectPay
Mobile app development for the largest insurance company in the Baltics
Lietuvos Draudimas
Boosted sales performance for the leading digital services company in the Baltics
Bitė
Highly rated mobile app for Baltic digital services company
Bitė
Progress OpenEdge solution for the US medical billing and management service provider
Professional Billing, Inc.
Efficiency-driven ordering and billing system for large-scale military training
WilNor Governmental Services AS
High-performing eCommerce platform for one of the largest pharmacy providers in the Baltics
EUROAPOTHECA
PSD2-based mobile banking solution for financial institutions
LCCU
Fully automated and scalable leasing solution for DNB Bank
DNB BANK
Convenient daily banking solution for credit unions
KREDA
Mobile banking app for DNB bank
DNB bank
Performance monitoring solution for the global shipping company
Shippersys
Custom Business Intelligence solution for a global maritime company
Shippersys
Crisis management system for Norway’s educational institutions
Akershus County
eCommerce platform for the global maritime Enterprise Asset Management provider
Star Information Systems
Web and mobile applications for preschools to ensure children’s safety
FamWeek
Fully upgraded communication platform for the Norwegian telecoms company
SIMCOM AS
eCommerce reservation platform for the Norwegian Aviation Museum
Norwegian Aviation Museum
Data visualisation solution that highly increased business productivity
UNIPARK