0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn

You are here:


"The key considerations for our team were all about the organisation, their approach and their business philosophy. We all know penetration testers can provide a level of service that discovers the vulnerabilities within an organisation, but what we wanted from our partners was something more than just a penetration testing service. We needed a partner who would go the extra mile to provide a personalised service, who could provide broader support in all areas of security and we wanted a very “hands on” approach to this level of service. More importantly to us here at Bromford is our DNA. It is what makes us different and drives us to deliver brilliant service to our customers at every opportunity. Aristi’s core values closely aligned to our DNA and we’re looking forward to building a close working relationship with them over the next three years. " Wayne Pownall Information Security Lead

Bromford is one of the biggest housing associations in the country, with 44,000 homes and plans to build a further 12,000 new homes by 2028. They believe in providing safe, secure and warm homes for people who can’t access market housing. But ultimately they are a people business, committed to building relationships with their 100,000 customers to enable them to thrive.

The Challenge

Bromford has well-established risk management processes and control frameworks, which guide and support how they work, behave and the decisions they make. Security plays a pivotal role in Bromford’s culture and the need to protect customer data is integral to its IT strategy. To meet Bromford’s security goals, the housing association were looking to secure the services of a cyber security provider for regular penetration testing of its computer infrastructure, specific projects as they were delivered and ad-hoc testing of their suppliers and partners.
One of the key requirements was that the provider had to align with Bromford’s DNA and become a trusted partner to the business to help reduce cyber exposure and implement industry good practice.

The Solution

Aristi were awarded a three-year contract to act as a cyber security partner for Bromford to provide penetration testing and information security services including:

  • Annual and ad-hoc IT Health Checks of Bromford’s network boundary infrastructure, websites and web applications, LAN, WAN and WLAN networks plus VPN technologies and cloud platforms
  • Cyber resilience support for business continuity which provides a review of Bromford’s business continuity processes and documentation to ensure they can continue to operate in the event of a cyber-attack, IT failure or staff loss due to the pandemic.
  • GDPR support to identify any gaps in compliance and develop an improvement plan.
  • Ongoing information security and assurance guidance and support to meet Bromford’s security targets and external certifications.
The Outcome

Soon after the initial project kick off meetings, the country went into lockdown due to COVID-19. To minimise the disruption to Bromford and meet the requirements of the government’s social distance guidance, we developed a secure remote testing facility to allow us to test Bromford’s internal and external IT infrastructure remotely.

A detailed report was delivered identifying security vulnerabilities that needed addressing with recommendations and a remediation action plan. This has provided Bromford with a valuable security baseline to build upon.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


    Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

    Latest Tweets

    A useful reminder of the data protection obilgations on businesses. Key is to understand the risks and apply approp… https://t.co/9Bhsxk89Jf
    Some useful info from the ICO on home working and data security. https://t.co/yWfOWJNxS4
    COVID-19 update https://t.co/wRDHY7IR6Q

    Subscribe to our Newsletter

    Latest Blog Posts

    • Pulse Secure Vulnerability

      By Dave Buckley On 16th of April 2020 the CISA released an alert covering continued exploitation of pulse secure VPN’s post patching. This is an update to the original alert the CISA published back in January 2020 which advised organisations to immediately patch CVE-2019-11510. Pulse secure released patches for this vulnerability in April 2019 (SA44101). […]

      Written on Thursday, 07 May 2020
    • COVID-19 Update

      Aristi has made preparations to protect our operations from disruptions caused by the Coronavirus (COVID-19) outbreak. Our aim as always is to provide an excellent service to our customers, and we will continue to do so through this uncertain time. We will be monitoring the situation closely and following the latest government advice with regards […]

      Written on Tuesday, 14 April 2020
    • Testing as a Service

      Aristi has developed an innovative new cyber security service to give businesses and public sector organisations reassurance that they are doing all they can to defend against hackers. Many organisations conduct annual IT Health Checks to identify security weaknesses in their IT systems. However, a cyber-attack can occur at any time resulting in significant business […]

      Written on Monday, 24 February 2020