Christian Aid operate in the highly competitive not-for-profit sector. Their web enabled services play a key part in maintaining and strengthening public visibility as well providing a secure area for donation contributions.
Christian Aid were keen to minimise the potential for downtime due to possible flaws and vulnerabilities. This would include setting a security baseline for future comparisons to ensure that all issues could be tracked and rectified.
Another requirement was the identification of any legacy infrastructure components. Finding any such redundancies within networks would enable Christian Aid to remove any further risks.
Cross module testing
A full report was delivered 3 days after the conclusion of the test via SSL secure download.
Full support, and direct telephone access to the testing team was provided during the test and in a follow-up meeting onsite to discuss the issues raised and advise on tactics for tackling them
Expectations
Christian Aid required a security provider who could perform two very broad and fundamental functions:
1. Testing and assessment of appointed infrastructure
2. Mentoring and guidance on the practical processes of implementing recommendations
Problems solved
. Testing identified issues for improvement within the internal network.
. Remedial work was conducted which removed existing risks arising from vulnerabilities and exploits.
. The remedial work was guided by a rectification plan which was used to inform Christian Aids overall IT strategy.
. The security of Christian Aids internal networks has been improved.
. Christian Aid can now devote more resource to maintenance and patching.
Testimonial
"I have been impressed by the performance of MWR InfoSecurity not only in terms of their technical capabilities and the comprehensive presentation of results but also their flexibility and real commitment to helping us gain the most from their work"
Phillip Humphries
2005-04-01
Infrastructure and Operations Manager
