How pen testing helped improve an estate agent's performance

At a glance

With their internal IT department having observed that their network was consistently infected by viruses that were affecting its performance and bringing about costly downtime, EstateCo* contacted ROCK.

The situation

EstateCo’s* internal IT department continuously found the company’s network infected by various forms of malicious software. This had not, as far as they were aware, resulted in data breaches or any other event that would typically be viewed as severe, but did hinder network performance and also resulted in downtime.

In spite of the fact that this team tried multiple different types of anti-virus, infections would return within days of the previous one having been removed. This led them to contact ROCK and request our assistance in determining the best means of securing their network.

As a result, ROCK performed a series of penetration tests wherein we mimicked the likely actions of cybercriminals. These were conducted both remotely and on-site, revealing several flaws that needed to be addressed.

Recommendations

  • Implement ROCK's patch management services
  • Educate employees on their role in cyber security
  • Implement encryption policies throughout EstateCo's* data landscape
    ​​​​​

How we helped

  • Employee productivity increased by 20%
  • 0% downtime in 2019
    ​​​​

Outcome

ROCK observed that patching and updating were undertaken on a sporadic basis and that this generated exploitable gaps. In order to address this, ROCK implemented measures that automated such updates in their entirety, and employed our patch management service, which moved the job of checking and installing patches directly over to ROCK with monthly status reports sent to EstateCo's* internal IT team.

It was also noted that whilst EstateCo’s* staff were mindful of the threat posed by malicious emails, they were less familiar with other ways their actions could compromise devices and networks. ROCK delivered tailored on-site cyber security training to employees in order to address this problem. Staff were tested throughout the next year with engaging training content, and their progress was monitored. When surveyed, staff, on the whole, felt 'very confident' that could identify malicious behaviour on the network and their emails.

Finally, ROCK implemented encryption policies. This further enhanced the robustness of EstateCo’s* cyber security solutions and ensured the company adhered to stipulations set out in GDPR legislation. As a result of these changes, the performance of EstateCo’s* network improved significantly. This yielded a 20% improvement in terms of employee productivity and, vitally, the company suffered no downtime in 2019.

*We value our clients and their right to a confidential consultation. While the name has been altered, the results are real.

Next

How a VoIP phone system generated significant savings

© 2022 ROCK. All rights reserved.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×