ENSO Energie Sachsen Ost AG

Security Check for maximum security

T-Systems MMS carried out a thorough security check on ENSO Energie Sachsen Ost AG in order to identify any potential security vulnerabilities. Under the spotlight were the company's website, its corporate blog, its service and partner portals and its intranet. Along with the findings of the various tests and risk analyses, T-Systems MMS' security experts provided specific recommendations as to how the regional energy provider could systematically and independently improve the security of its applications.

  • Requirements

    Protecting web applications and systems against attacks

    Like any company with digital services, energy providers such as ENSO face the challenge of protecting their web-based applications as best they can against external attacks and misuse. Sensitive company and customer data could fall into the wrong hands – with far-reaching effects on the company's reputation, business activities and competitiveness.

    As well as its Corporate Site ENSO Energie Sachsen Ost AG currently operates a Corporate Blog plus web portals for private clients, business customers and partners, as well as an intranet. When it wished to carry out a thorough check on the IT security of all its online services, ENSO turned to the security experts at T-Systems MMS.

Solution & Implementation

Thorough security check reveals security risks

Over a 10-day period and in three phases, the T-Systems MMS specialists carried out a security check. First, working together with ENSO, the test and production environment was defined, potential test risks were discussed, and the scope of the testing was pinned down clearly. A selection of specific test cases was then made, using only test data.
In the second phase, the web applications were automatically scanned for any security vulnerabilities and any attack paths that could be exploited. The configuration of the IT systems was also tested, though the servers and applications themselves were not changed. The T-Systems MMS security experts also manually carried out active hacker attacks on ENSO's Internet and intranet applications.
The third and final phase of the security check involved analysing the test results. A detailed risk evaluation was deployed to determine the security level of the applications that had been tested. To conclude, the T-Systems MMS experts defined certain specific measures which could eliminate the security vulnerabilities.

  • Result

    Web applications are optimally protected

    The security check enabled ENSO to eliminate potential security vulnerabilities in its web applications. They are now optimally protected against attacks. To ensure this remains the case, ENSO's IT department will be able to take action itself to ensure optimal security, without having to bring in any external resources. This will be based on the comprehensive test documentation and the recommendations made by T-Systems MMS’ security experts. These also showed other testing options and potential attack scenarios.

    Dresden-based ENSO Energie Sachsen Ost AG is a full service energy provider in East Saxony. Its core business lies in electricity, gas and heat supplies, complemented by operations management in the field of drinking water and sewage, as well as energy services. Its service offerings also include shareholdings and associated companies operating in the telecommunications and IT areas.

Contact person