Security Audit and Improvements Case Study

Client Challenge

The client experienced multi-million dollar losses due to a number of successful Spear Phishing Attacks. Senior management decided to take drastic measures to address the situation. An IT forensics assessment was requested that demonstrated the possibility of an inside conspiracy to embezzle.

Results

The client was able to successfully manage the reduction in force with no issues or breaches in security. They are currently rebuilding their IT team following the implemented policy and procedures.

Our Solution

To address the situation, an IT security audit was performed to discover vulnerabilities within their IT environment. Discovered in the assessment were 63 deficiencies that painted a significant risk profile for the organization. The recommendations included changes to user accounts, IP endpoints, services accounts, implementation and modification of policy and procedures regarding how users are handled within the organization, and perimeter security changes. Guidance was provided to the client during the remediation process. The client opted to make the changes using internal staff supervised by Beyond Impact’s security team. The client determined that a number of personnel would need to be let go and requested that Beyond Impact transacted the security part of that process and monitor the entire network before, during and after the reduction in force.