Frequently Asked Questions

IWH stands for Internet Why's and How's. During an AI-assisted creative session, a productive hallucination proposed the expansion Integrated Web Holdings — which we adopted as it perfectly captures our approach: delivering integrated, holistic solutions across web, infrastructure, and security.

Both names reflect our philosophy: the “Why” always comes before the “How”. We don't implement technology for technology's sake. We first understand why a solution is needed, then determine how to deliver it effectively.

We are based in Athens, Greece, and serve clients across Greece, the EU, and internationally.

We serve a wide range of industries including maritime, professional services, healthcare, energy, financial services, education, and the public sector. Our solutions are tailored to each sector's specific regulatory and operational requirements.

We work with organizations of all sizes — from SMEs to large enterprises. Our advisory model is designed to provide enterprise-grade expertise at accessible price points for smaller organizations.

Our services are advisory and consulting engagements where we work directly with your team. Our products are software platforms we've developed that you can deploy to address specific needs like security monitoring (Argus), vulnerability management (VulnGuard), or project tracking (ProjectFlow).

We offer both, but our model emphasizes long-term advisory relationships. We believe continuous engagement delivers better outcomes than point-in-time projects. Many clients start with an assessment and evolve into ongoing advisory relationships.

We support ISO 27001, NIS2 Directive, GDPR, IMO maritime cybersecurity requirements, DORA, and various industry-specific standards. We help organizations navigate the intersection of multiple frameworks efficiently.

Support levels depend on the engagement type. For managed security services and critical infrastructure clients, we offer extended support options. For advisory clients, we provide business-hours support with emergency escalation procedures.

Most of our products support both deployment models. We offer managed hosting for clients who prefer a hands-off approach, and on-premise deployment for organizations with strict data residency or sovereignty requirements.

Yes, we offer demonstrations and pilot programs for most products. Contact us to discuss your specific needs and arrange a trial period.

Yes, our products are designed with integration in mind. They support standard APIs, common authentication protocols (SSO/SAML), and can connect with popular enterprise systems including Microsoft 365, various SIEM platforms, and ticketing systems.

Data protection is fundamental to our operations. We follow strict data handling procedures aligned with GDPR and ISO 27001. Client data is encrypted at rest and in transit, access is strictly controlled, and we maintain comprehensive audit trails.

We implement ISO 27001 controls in our operations and help clients achieve certification. Contact us for current certification status and audit reports.

No. We do not share client data with third parties except where explicitly required for service delivery (e.g., cloud infrastructure providers) and always under strict contractual controls.

Most engagements begin with an initial consultation to understand your needs, followed by a scoping discussion and proposal. For assessment-based services, we typically start with a discovery phase to understand your current state before making recommendations.

Payment terms vary by engagement type. Advisory retainers are typically billed monthly. Project-based work may include milestone payments. Product subscriptions are billed monthly or annually with discounts for longer commitments.

Yes, we provide training as part of many engagements — from security awareness training for staff to technical training for IT teams on specific products or compliance requirements.