Reference ENSO Energie Sachsen Ost AG

Protecting web applications and systems

More about the project

Security Check for maximum security

Telekom MMS carried out a thorough security check on ENSO Energie Sachsen Ost AG in order to identify any potential security vulnerabilities. Under the spotlight were the company's website, its corporate blog, its service and partner portals and its intranet. Along with the findings of the various tests and risk analyses, Telekom MMS' security experts provided specific recommendations as to how the regional energy provider could systematically and independently improve the security of its applications.

Requirements

Requirements

Protecting web applications and systems against attacks

Like any company with digital services, energy providers such as ENSO face the challenge of protecting their web-based applications as best they can against external attacks and misuse. Sensitive company and customer data could fall into the wrong hands – with far-reaching effects on the company's reputation, business activities and competitiveness.

As well as its Corporate Site ENSO Energie Sachsen Ost AG currently operates a Corporate Blog plus web portals for private clients, business customers and partners, as well as an intranet. When it wished to carry out a thorough check on the IT security of all its online services, ENSO turned to the security experts at Telekom MMS.

Solution & Implementation

Thorough security check reveals security risks

Over a 10-day period and in three phases, the Telekom MMS specialists carried out a security check. First, working together with ENSO, the test and production environment was defined, potential test risks were discussed, and the scope of the testing was pinned down clearly. A selection of specific test cases was then made, using only test data.

In the second phase, the web applications were automatically scanned for any security vulnerabilities and any attack paths that could be exploited. The configuration of the IT systems was also tested, though the servers and applications themselves were not changed. The Telekom MMS security experts also manually carried out active hacker attacks on ENSO's Internet and intranet applications.

The third and final phase of the security check involved analysing the test results. A detailed risk evaluation was deployed to determine the security level of the applications that had been tested. To conclude, the Telekom MMS experts defined certain specific measures which could eliminate the security vulnerabilities.

Result

Web applications are optimally protected

The security check enabled ENSO to eliminate potential security vulnerabilities in its web applications. They are now optimally protected against attacks. To ensure this remains the case, ENSO's IT department will be able to take action itself to ensure optimal security, without having to bring in any external resources. This will be based on the comprehensive test documentation and the recommendations made by Telekom MMS’ security experts. These also showed other testing options and potential attack scenarios.

About ENSO Energie Sachsen Ost AG

Dresden-based ENSO Energie Sachsen Ost AG is a full service energy provider in East Saxony. Its core business lies in electricity, gas and heat supplies, complemented by operations management in the field of drinking water and sewage, as well as energy services. Its service offerings also include shareholdings and associated companies operating in the telecommunications and IT areas.

Do you have any questions?

Dr. Cornelia Mossal

Corporate Communication

+49 351-28 20-0
Send e-mail

Für morgen.
Und übermorgen.

Subjects

Media

Kanäle

Subscribe to RSS feed
Follow us on Instagram
Follow us on XING
Follow us on LinkedIn
Follow us on YouTube