A large debt consolidation services organization was dealing with IT turnover and a migration of IT services to a cloud hosting provider. During this time, the organization's management wanted to ensure its IT systems were still adequately protected and secured.
Baker Tilly assisted the client in performing external penetration testing against the current and new environment to identify potential weaknesses that could be exploited by an attacker. During our testing, the team identified various enhancements to current IT security operations, as well as an exploitable vulnerability that allowed our team to access sensitive customer information due to an improper configuration of an internet-facing server.
The results of Baker Tilly's testing allowed the organization to quickly close the security vulnerability and implement enhanced change management controls to ensure this type of lapse would not occur again.