About Us News Investors Careers Corporate Responsibility

Home > Case Studies > Security > Safe transactions

In this section
		Security
		A Full Stop with X-Net
		Computer Forensics
		Developing a Security Architecture
		Digital Video Enhancement
		Forensic Investigation for a Local Authority
		Fraud Investigation for a Large Financial Organisation
		IT Security Health Check
		Knowledge transfer through collaboration
		Management of operational risk in a banking environment
		Protecting Online Credit Card use
		Quality Assurance of the E-Voting Pilots for the ODPM
		Response to a Hacking Attack
		Safe transactions
		Securing our Borders
		Travelling in Safety
		US Army deploys QinetiQ vehicle arrest system in Iraq and Afghanistan

Our Business
		Defence
		Security
		Energy & Environment
		Our Capabilities
		Our Products

Case Studies - Security

Safe transactions

Corporate governance for public financial institutions recommends that safeguards be put in place to prevent unauthorised computer access to company systems and data. It is clear from the experience of the Student Loans Company (SLC) that an effective Managed Intrusion Detection System (MIDS) can offer this protection.

Background

The general consensus is that any reputable organisation needs to take adequate steps to protect the interests of all its stakeholders. Not only that, as access to computers becomes more commonplace, all the indications are that the sophistication and frequency of breeches or attacks will also exponentially increase.

Glasgow-based Student Loans Company was set up in 1989 as a not-for-profit, non-departmental Government body and has a central role in the provision of the governments student finance. The Company is charged with organising the payment, maintenance and collection of Government student loans, which are designed to help students meet their living costs while at university or college. It now has over three million customers and is currently in the final stages of introducing a project to provide a single computer system that will be used by students, by Local Education Authorities (LEAs), and eventually by Higher Education Institutions. Students will have the choice of applying on paper to their LEA or online via the Internet - increasing not only the volume of business and network traffic but also its exposure to risk.

Key Benefits

QinetiQs MIDS proactively manages and protects the customers environment 24x7 and this has resulted in zero breaches since system installation.
By using a managed service, SLC gets a comprehensive, more flexible service for half the cost.
Reports are tailored to the customers specific requirements to improve management decision making capabilities.

'We considered setting up our own 24/7 service but quickly concluded that buying in an external offering was the practical and economic way forward.' Fraser Harris, Technical Support Manager, ICT Infrastructure at SLC.

Challenge

In 2003, SLC identified the urgent need to implement a secure infrastructure as part of its corporate governance. Any breach of the system could be damaging both to business but would also have significant implications for the success of the Modernising Government Initiative.

SLC undertook a broad search of potential solutions and this included trawling the Internet, speaking with many vendors and seeking recommendations from several sources.

Solution

Stringent selection criteria are standard procedure at SLC. Compliance with these eventually led to the contract, worth around £150,000 a year, being awarded to QinetiQ to provide a MIDS solution to protect the perimeter of the SLC network from attack. Contributing factors included:

QinetiQs clear demonstration that the team working on the account understood the specific problems
The teams knowledge base for solving future issues
The confidence that QinetiQ was able to instill in the SLC team
QinetiQs related governmental and defence heritage
Assurances that QinetiQ does not employ reformed hackers
QinetiQ was able to demonstrate that the managed service was a cost-effective solution when compared to other options

'The cost of providing an equivalent service in-house would have been in excess of £300k and taken a considerable time to bring on-line. Following a series of requirement exchanges with QinetiQ concerning its MIDS offering, we were able to be fully operational in just a couple of weeks for just 50 per cent of the cost, plus have access to considerably more expertise, should we ever require it.' said Fraser Harris, Technical Support Manager, ICT Infrastructure at SLC.

QinetiQs Richard Harker added, "It's not just about meeting its legal obligations and getting a tick in the right box. QinetiQ has tailored the reporting so that it succinctly illustrates the status of the network and allows informed decisions to be made quickly throughout the management chain."

Results

Since the service went live there have been no recordable breaches of the network reflecting both QinetiQs diligence, the hardware measures and the professional network security procedures that SLC has put into place.

While a number of minor incidents have been monitored, none of these have or could have escalated into anything more serious.

MIDS provides SLC with the reassurance that the information it holds is secure and that any would be abusers would find it impossible to get into the system without detection.

Fraser Harris concluded: 'You just cannot sit back and become complacent when it comes to security and recently we bought in an independent third party to undertake penetration testing. Not only was this attack immediately recognised by our MIDS, preventing access, it also correctly deduced the nature and source of the simulated attempt at defeating our security.'

QinetiQ Solutions
Managed Intrusion Detection Services

Our 24x7 Mangaed Intrusion Detection Service (MIDS) can monitor any sensor or device for co-ordinated risk mitigation and attack response.

Key features of QinetiQ MIDS include:

15 minute response time to business critical events
High availability service where required (99.995%)
Global service capability
Device agnostic monitoring capability
21 day customer tuning period
Tailored response program
Expert event analysis

In addition to immediate alerting of high severity events by phone, along with formal close-out, 12 hour reports are available as encrypted email or through a secure web portal. Reporting in graphical and tabular representations are obtainable with daily, weekly and monthly summaries of attack statistics by type, source and domain.

QinetiQ does not manufacture intrusion detection or firewall technologies; we focus on the integration and support of standard and disparate technologies to provide ore effective event response and improved protection of investments already made.

Related sections

> QinetiQ Security

Supporting information

> Download Case Study [PDF]

QinetiQ Ltd 2008

QinetiQ Group PLC, Company Registration No 4586941, Registered Office 85 Buckingham Gate, London SW1E 6PD