How a recent Pen Test has resulted in significant cost savings at BoatyardX.
Penetration Testing (or Pen Testing) is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defenses which attackers could take advantage of.
As a growing start up, it’s important not to lose sight of the security and controls required on the IT systems that underpin the business.
Specifically, successful technology enabled start-ups which rely heavily on cloud technologies and open-source software need to be conscious of the threats to their business as it scales.
Technology provides a fantastic platform in exploiting and developing new ideas, delivering a significant advantage over many traditional industries which struggle with the pace of technological change. Many smaller start-ups can provide a product or service that can be far superior and faster to market.
Yet as a business scales, IT managers should consider that while they are a threat to the existing business landscape through disruption … they become a target themselves. No business is ever 100% safe or protected entirely from cybercriminals and start up organisations are no different.
Keeping a close eye on your technology’s security is an important defence against such threats. Executing regular Penetration Testing (annually or in line with major technology/business changes) is an effective way of identifying and demonstrating the weaknesses of any organisation by simulating the behaviour of a real cybercriminal.
Paul Quinn, Head of Technology Services Tweet
BoatyardX partners with its customers to build, launch and operate cloud software products. In line with this, we have partnered with a specialist penetration testing organisation to assist us in identifying threats and to guide us in remediation activities where required.
We are including penetration testing in our standard offering and would recommend a test to any growing organisation to understand their security position and to identify corrective actions they may need to take.
Interestingly, here at BoatyardX we observed a significant unexpected benefit! In completing our penetration testing, it shone a spotlight on our own infrastructure, highlighting unused software components and further prompting us to examine the cost profile of some of our cloud instances. Removing and consolidating instances secured our environment and enabled us to reduce our cloud costs by over 50%!!
Paul Quinn, Head of Technology Services Tweet
If you’re scaling at a pace, be sure to be doubly conscious of your security and consider removing unnecessary vulnerabilities. If you’d like to hear more about our experience at BoatyardX, please contact us.