Working together to deliver an effective cyber security solution
Background
Infomedia is a small business based in Northampton, UK, providing technology services to the direct carrier billing industry. The direct carrier billing industry connects online retailers, their customers and mobile network operators allowing users to pay for services via their mobile phone bills. Infomedia develops and operates software that connects merchants and mobile network operators, enabling each to have maximum customer reach through a single platform.
Infomedia has always recognised that the security of its platform was critical, and the cyber security threat was constantly growing and diversifying.
As Infomedia has grown beyond its home market, developing a significant presence in the Middle East and Americas, it became apparent that managing their security arrangements internally was becoming more challenging and less cost effective. With a staff of 17, employing a full time CISO plus support staff was not feasible and so started looking at outsourcing options.
Since D2NA’s collaboration with Infomedia began in 2017, during which they provided Cyber Security services, we have developed a strong working relationship. Infomedia expressed a keen interest in maturing their cybersecurity posture within the Direct Carrier Billing payment platform, with the ultimate goal of fostering growth and increasing compliance. To address this, D2NA conducted a comprehensive Cyber Security Audit, the findings of which have provided a valuable roadmap for implementing future security measures.
Infomedia's Challenge
The key challenge for Infomedia in identifying a security partner was the unusual configuration and operational approach needed for the DCB industry in which the supply chain is not a standard linear model.
Infomedia’s platform connects to three or sometimes four different parts of the supply chain; the mobile operator, the operator’s technology partner, the merchant and their end users. Each connection attracted a different risk profile. End user connections needed to accommodate the wide variety of public-facing devices and networks. Merchant connections were in our control, and could therefore be secured to a high level. Finally, connections to mobile network operators could vary widely depending on the state of the art in their respective territories – some were operating the latest security principles whereas others may be a number of iterations behind.
Furthermore, Infomedia processed high levels of traffic with its platform, processing millions of micro-transactions every month each of which generated multiple contact points with each level of the supply chain.
With a disproportionate amount of traffic compared to other businesses of Infomedia’s size, it was challenging to find the right security solution.
D2NA's Solution
The solution placed significant emphasis on comprehending Infomedia’s operational infrastructure and needs, as this was crucial for crafting an implementation roadmap that would grant comprehensive insight into their environment. Right from the beginning, D2NA prioritized integration methods that aimed for minimal disruption and operational interference with the client’s daily operations.
The delivery of this solution was executed in a comprehensive manner, involving the evaluation, recommendation, and optimization of the most suitable endpoint security, SIEM, and other solutions tailored to Infomedia’s specific environment.
The resulting service enables the continuous provision of Vulnerability Management, establishing a baseline for collaboration and the identification of pertinent critical assets, threats, and vulnerabilities. This approach ensures ongoing vigilance and security enhancement for Infomedia’s operations.
Conclusion
Infomedia have been pleased with the outcome of the project with D2NA; the services provided have delivered exactly what was required for a small business – an effective cyber security solution that delivers peace of mind to Infomedia and its partners and clients that is both light touch and light-weight in terms of resource whilst leveraging the power of expert knowledge and experience. Risks have been identified swiftly and neutralised allowing Infomedia to focus on its core business.