0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn


You are here:

Pinnacle People Penetration Testing.

"Aristi's flexible and professional approach meant that we could deliver the project in a very challenging timeframe and with stringent requirements to fulfil. Their approach and report was commended by our client and the responsiveness to meet our timeframe and re-schedule the plan was greatly appreciated." Matt Brook Head of Corporate Infrastructure

Pinnacle People is an employment and skills business, tackling worklessness and promoting social mobility. Set up in 2008, they have quickly established themselves as a supplier to the Department for Work and Pensions (DWP) and Local Authorities and became a prime contractor to DWP in October 2009. Pinnacle People provide services to over 75,000 people each year, focusing on supporting people into long term, sustainable employment.

Pinnacle People are a subsidiary business of Pinnacle Regeneration Group; providing housing and urban regeneration services to local authorities and the wider public sector.

The challenge

Pinnacle People deployed the Appian Enterprise business process management suite to store and manage the data received from DWP; to support contract delivery across multiple UK re-gions and to pass personal, sensitive data up and down their supply chain. They need to main-tain an Information Security Management System aligned to ISO27001 and the DWP’s own stringent requirements.

Pinnacle People required assurance that all information systems and associated assets of the Appian platform were protected from penetration and compromise from intruders before the sys-tem went live. The scope also included physical security and social engineering tests to be con-ducted on the service provider’s data centre and the Pinnacle People Contact Centre. Time-scales were tight and the service had to go live on time in order to meet contractual obligations.

The solution

Aristi was selected as the trusted security partner and worked with Pinnacle People to develop a project plan for the proposed activities. Internal and external penetration tests were conducted to CESG CHECK standards on the Appian infrastructure and also on a Virtual Desktop environ-ment used to access a secure DWP IT system. The testing also included a review of the server builds and firewall rule bases. During the testing, Pinnacle People were kept informed of any issues found allowing fixes to be implemented and re-tested quickly. Aristi conducted social en-gineering attacks and physical security assessments on the data centre and contact centre iden-tifying a number of issues which were quickly addressed by Pinnacle People. Results of all the testing activity were documented in a detailed report.

Aristi’s flexible approach allowed for moving milestones within the project to be catered for and all deadlines to be met. Working closely with the client, Aristi provided the required assurance allowing the service to go live on time.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

If you haven't registered for our cloud security event on 4th July, there are still a few places left. https://t.co/fBrohkOTJL
'Aristi Raiders' ready for battle on the high seas (well, the canals of Birmingham)...https://t.co/tVaWn0zIYZ
Interesting and thought provoking discussion on GDPR at the 'one year on' event today. Organisational culture and h… https://t.co/xQJha9MBML

Subscribe to our Newsletter

Latest Blog Posts

  • Cyber Resilience for Charities

    A Round Table Event for Charities Charities are increasingly reliant on IT and technology and are falling victim to a range of malicious cyber activity. The recent government Charity Sector Threat Assessment indicates that losing access to this technology, having funds stolen or suffering a data breach through a cyber-attack can be devastating, both financially and […]

    Written on Thursday, 07 March 2019
  • 10 years of Aristi by its founder, Harj Singh

    What’s in a name? The word Aristi has three meanings – security, excellence and calm. Find out where we started and where we believe cyber security to be headed.

    Written on Thursday, 24 January 2019
  • 500 million customers can’t sleep easy with Marriott data breach

    The world’s largest hotel chain, Marriott Hotels, announced on Friday (November 30, 2018) that half a billion of its customers’ data had been breached dating as far back as 2014. Marriott owns more than 5,800 properties around the world with 1.1 million rooms spread across more than 110 countries[.  That makes this incident is a […]

    Written on Wednesday, 12 December 2018