Hepburn Delaney Solicitors, established in 2013 by Jane Hepburn and Rebecca Delaney, operates as a law firm in Hemel Hempstead, specialising in family matters. With a focus on tailored services and efficiency, the firm embraces innovative technology, evident in its adoption of a paperless system and ongoing efforts to modernise their services securely.
Hepburn Delaney, dealing with sensitive personal data, sought to ensure GDPR-compliant data systems and low cyber and commercial risk perpetually. As a fast-growing company, digital changes were frequent, and the historical approach of annual testing was deemed woefully inadequate. If vulnerabilities existed or were introduced during the year the business needed to know and act on them quickly.
Independent testing is crucial due to potential biases in results from internal or outsourced providers; this is a result of fear it will reflect badly on their previous data management. Unfortunately, that does little to address security issues and poses a significant risk.
Recognising this, GDPR now mandates independent testing to mitigate such risks effectively. In light of lengthy testing durations, which typically span 2-3 months and involve substantial internal resource consumption, Hepburn Delaney sought after a faster and higher-quality testing approach.
Hepburn Delaney opted to use TotalPenTest,the UK’s leading Pen Test as a Service solution (PTaaS, or Penetration Testing as a Service). Providing scheduled or on-demand tests with assured compliance and knowing peace of mind with risk mitigation only ever a mouse click away.
Total Group swiftly dispatched its plug-and-play micro test server the same day and we were testing within 24 hours.
Whilst managed and deployed by Total Group, strict independence and integrity are maintained using the leading global penetration testing engine from Vonahi Security with over 15000 tests performed on the platform. Unlike manual or consultative testing the TotalPenTest automation never makes a mistake or an omission and delivers the highest quality results consistently every time.
TotalPenTest provides comprehensive environment testing, regime including network and cloud penetration testing and vulnerability scanning.
External Test 1 – We attacked from the outside targeting the perimeter firewalls of Hepburn Delaney’s head office and branch offices.
External Test 2 – We attacked their Microsoft 365 environment.
Internal Test 3 – We attacked inside and out using a micro test server evaluating every device attached to the network, from Windows devices to CCTV cameras to printers. No device was safe from our attempts to hack and test its resistance to attack.
Being the first test incorporating a new office and following a period of major IT change there was an expectation that some high-risk issues may be found, however this was not the case. The Windows network and all computers passed with flying colours. Some issues were found with print copier devices, despite being new their default configuration had vulnerabilities that needed to be addressed.
Many copiers can interact with business data, via services like scan to email or scan to folder, so need to be as secure as is possible.
The ability to update and secure the printers was deemed to be outside of the ability of print management companies. Whilst they often install or physically maintain such devices this service seldom extends to being accountable for data security.
Total Group collaborated closely with Hepburn Delaney to gain admin access to the devices and then took on responsibility for hardening them. Firmware was updated, legacy functionality and services not required was disabled, password complexity was improved.
On completion of the mitigation works, the pen test was rerun to verify that the risks were resolved and that the entire network was secure.
Stay ahead of cyber threats with automated, real-time testing that highlights vulnerabilities before they become business risks.
Avoid blind spots and internal bias with third-party testing built to meet GDPR requirements and deliver trustworthy results.
Accelerate issue resolution and maintain continuous compliance with fast test deployment, retesting, and mitigation support.
Whatever your IT requirements we can help.
The Old Gig House
Smallgrove
Windmill Road
Pepperstock
Hertfordshire
LU1 4LQ
Book a free 30-minute session with our experts.
