Tork & Mains

Network

Objectives: 

A medium-large sized legal firm in downtown Toronto needed assistance on several fronts, GRIP I.T. was brought on board to help assist the onsite I.T. team with remote support, assurance that its client’s information was protected against unauthorized access. In addition, a PEN test was required to protect sensitive information was against hackers and other Internet threats. Tork & Mains was concerned about compliance-related issues and wanted assurance its systems were protected against external threats. 

Solution: 

GRIP I.T.  was asked to come on board to perform a Network Penetration Test.  Our services included a variety of hacker type tools and techniques that identified and evaluated the Tork & Main’s infrastructure & information systems risks. We determined the type of security infrastructure in place, and tailored our attacks to take advantage of gaps.  

Firewall – reviewed and analyzed configuration 

External penetration – evaluated vulnerabilities 

Social engineering – determined employee risks 

Phishing – used fake e-mails and USB devices 

False web sites – determined risks 

Network & Endpoint Policies – evaluated security related policies 

Our reports documented several areas that placed the organization at risk to compliance and network-related threats. The remediation report provided a prioritized risk response plan for the legal firm with ways to enhance security, ensure the protection of its information assets, and meet compliance requirements. Post audit, we were tasked with a project to fix all gaps within the network within 30-90 days for full resolution. 

Technology 

PEN Testing  Managed Services  Consulting Services 

Resolution:  

GRIP I.T. compliance audit enhanced the law firm’s security controls.  Management has the assurance that systems and data are secure.  Tork & Mains had a secure perimeter safe from external & internal unauthorized access. Once the prioritized remediation plan was successfully completed, our solutions delivery helped the organization increase security while increasing the protection of its information assets & keeping client data secure.