ROKE Logo
Vault

Case Studies

Roke Security has been involved in many projects, some of which have been summarized here for you to get a feel for the types of project that we deal with. This is by no means an exhaustive list, so don't be put off if you don't see a situation like yours here.

  • New Web Application

    A web company had an idea for a new web-based temp-agency service. They knew what they wanted to achieve with the service, how to advertise it and their revenue streams. However, they would be asking people to add their personal information to the site and allow for online contracts to be agreed between the temp and the employer, but they didn't know how to deploy the service securely. The company were very concerned that any security features should be easy to use and familiar for users as well as low-cost.

    They were advised on their network and system topology, part of which was a multilayered network and security mechanisms to completely segregate the database and the public network. SSL/TLS was used to secure communications and authenticate the servers. Passwords were used for access to the site and non-sensitive information, but signing contracts and updating sensitive information required two-factor authentication via mobile phones.

  • Mobile Hardware Manufacturer

    An international hardware manufacturer was selling a new wireless product into the market, but kept getting asked "How can we guarantee that this is secure?" The company produced hardware, not software or infrastructure components, so they were stuck as to how to advise their customers.

    A scheme was developed for them to implement in the OS, to allow for strong encryption between the wireless device and the base unit. This needed to be asymmetric in nature due to the very one-sided data flow and security requirements. In this product key-presses were being sent between the devices as well as screen clips. In this situation it is more important to secure the key-presses than the screen clips, as these would reveal passwords, amongst other things, whereas the screen clips would only reveal the length of passwords. Two different encryption algorithms were used to secure the traffic flowing in the two directions.

  • Web Hosting Company

    A web hosting company had many clients who rented rack space or servers from them and were suffering virus and worm attacks. They had a flat network with no internal segregation. They were running IDS products and could see problems. They knew that changes needed to be made and they wanted to move towards BS7799 accreditation.

    Their network topology was completely redesigned for them, with a separate, private management and monitoring network in addition to the 'live' public network. This also included a full VLAN structure and firewall policies to completely segregate hosts, so that each client had a private network.

  • Reliability for Services Company

    A physical services company was providing services at several facilities across the country. They work on a shift-pattern clocking-on and off. They were facing problems and failure of SLAs due to network and inter-site line outages. These had also caused isolated data-loss. Everything across the enterprise was controlled from the head office, including the time management, and they wanted to retain overall control.

    A new logical network architecture was implemented, allowing for the distribution of services and eliminating all single-points-of-failure as well as replacing their aging tape backup solution with distributed, live backups. As cost was an issue, this was achieved by using server virtualisation and network attached storage. The virtualisation of servers allowed for services to be maintained and migrated quickly and easily as well as reducing the number of physical machines required.

Roke Security

Roke Security is a specialist IT services company, focusing on providing complete and end-to-end solutions in the information security market.

Roke Security provides a range of specialist Consulting, Professional and Managed Services, Solutions and Integration capabilities - thereby enabling us to offer an end-to-end portfolio of security services and solutions.

As a specialist in information security, our expertise lies in identifying, analysing and minimising network and system security risks and offering comprehensive solutions that address the total IT requirements of our customers, allowing them to grow and achieve their business goals securely.