Housing associations, letting agencies, real estate agents, building developers – none are safe from the attentions of cybercriminals. Increased digitisation of services and a rise in the amount of personal data being held by these organisations means that they are increasingly targeted by hackers.
The personal information, such as payment details or names and addresses, can be used by well-funded hacking groups as part of a wider cyberattack. The real estate industry is a stepping stone to wider fraud, identity theft, and breaches at other organisations. And they could rob your business too.
Fidus can help you better understand your security posture and provide actionable advice on how to improve your defences. We offer:
For every test we will provide a full report of our findings, along with an action plan to help you tighten security and better protect your data – and your clients.
By storing personal data belonging to buyers and tenants, your organisation is bound by the General Data Protection Regulation (GDPR). The GDPR places several obligations on all real estate businesses to prevent that data being lost or stolen – or risk a heavy fine of up to €20m.
In the event that your letting agency or estate agency accept card payments, you are also expected to meet the PCI DSS standard. This security framework was designed by the payment card industry to ensure that transactions and details are stored securely. Breaching the PCI DSS may also incur large fines from payment card providers.
Fidus are compliancy specialists, and we can test your systems against both GDPR and PCI DSS frameworks. And our consultants are on hand to help you make the necessary changes to ensure you comply with these and any other regulations that may come into force.
Penetration testing reveals your most sensitive network vulnerabilities – so you need a partner you can trust. Fidus Information Security are an NCSC CHECK Green Light and TIGER scheme approved consultancy. Our cyber security experts hold some of the most recognised certifications in the industry, including CREST Certified Tester and Senior Security Tester. Fidus is also a Cyber Essentials verified company. Every assessment we perform is carried out according to UK industry approved methodologies (OWASP, PETS, NIST) along with our own internal testing frameworks.
More than just identifying security vulnerabilities, our cyber security experts are on hand to help you fix them too.
Certified Security Consultants
Our CREST and TIGER approved team holds a range of industry-leading security certifications including OSCP, CCT, SST and CISSP
Easy to Understand Reports
We’ll ensure that your executives and technical teams properly understand our assessment findings using plain-English reporting.
Fixed Price Proposals
The price you’re quoted is the price you’ll pay. Our quotes are broken down into a detailed costing table so you know exactly what to expect.
Other approaches we've witnessed have included convoluted steps and commonly ends with incorrect information being handed to the consultant assigned to the engagement.
Our approach to security involves a qualified security consultant through the entire process to ensure quality, accuracy and consistency.
Exploiting the eRosary Application In this post we’re going to cover a trivial full account takeover vulnerability our team identified within the new eRosary application, whilst placing an order for the watch! The ClickToPray eRosary beads are advertised as ‘an interactive, smart and app-driven device that serves as a tool for learning how to pray […]
In this post, we’re going to detail some of the issues our team identified with the an extremely common Alarm & GPS device used by vulnerable people around the world (at least 10,000+ in the UK). The device in question is manufactured in China and seems to be purchased in bulk by numerous providers who […]