"The key considerations for our team were all about the organisation, their approach and their business philosophy. We all know penetration testers can provide a level of service that discovers the vulnerabilities within an organisation, but what we wanted from our partners was something more than just a penetration testing service. We needed a partner who would go the extra mile to provide a personalised service, who could provide broader support in all areas of security and we wanted a very “hands on” approach to this level of service. More importantly to us here at Bromford is our DNA. It is what makes us different and drives us to deliver brilliant service to our customers at every opportunity. Aristi’s core values closely aligned to our DNA and we’re looking forward to building a close working relationship with them over the next three years. " Information Security Lead
Bromford is one of the biggest housing associations in the country, with 44,000 homes and plans to build a further 12,000 new homes by 2028. They believe in providing safe, secure and warm homes for people who can’t access market housing. But ultimately they are a people business, committed to building relationships with their 100,000 customers to enable them to thrive.
Bromford has well-established risk management processes and control frameworks, which guide and support how they work, behave and the decisions they make. Security plays a pivotal role in Bromford’s culture and the need to protect customer data is integral to its IT strategy. To meet Bromford’s security goals, the housing association were looking to secure the services of a cyber security provider for regular penetration testing of its computer infrastructure, specific projects as they were delivered and ad-hoc testing of their suppliers and partners.
Aristi were awarded a three-year contract to act as a cyber security partner for Bromford to provide penetration testing and information security services including:
Soon after the initial project kick off meetings, the country went into lockdown due to COVID-19. To minimise the disruption to Bromford and meet the requirements of the government’s social distance guidance, we developed a secure remote testing facility to allow us to test Bromford’s internal and external IT infrastructure remotely.
A detailed report was delivered identifying security vulnerabilities that needed addressing with recommendations and a remediation action plan. This has provided Bromford with a valuable security baseline to build upon.