T&VS Delivers Security Improvements for a Complex Health Care Application 2018-03-01T15:23:31+00:00

Case Study

Security Improvements for a Complex Health Care Application

graphix-logo
About the Client

GraphixAsset is a UK-based software company building iPhone and Android apps, designing and building web applications, computer graphics, point-of-sale and motion graphics.

Background

GraphixAsset developed the eMAR (electronic Medical Administration Record) system specifically for a national charity, providing services for people with learning disabilities throughout England. The application maintains MARs (Medical Administration Records) electronically. A web interface provides admin functions whilst end users access the system from their Android smart phone or tablet. GraphixAsset approached T&VS to perform the security testing.

The T&VS Technical Solution

T&VS asureSECURE team tested the eMAR application’s defence against an unauthorized attack and identified vulnerabilities that could potentially pose a security threat. T&VS provided recommendations and guidelines for such threats, which help in protecting the confidentiality and integrity of personal data.
The eMAR web application penetration test was carried out with reference to the OWASP ASVS (Application Security Verification Standard). The T&VS security experts created a customized security testing checklist for eMAR web application. After running 600+ security test cases, the T&VS asureSECURE team came up with a list of serious security issues and assisted eMAR developers with fixes.
The eMAR android app penetration testing was performed with the reference to the OWASP Mobile security standard. T&VS again created a customized checklist and performed in-depth android app security assessment from following three attack vector possibilities.

  • Client side security assessment
  • Server side security assessment
  • Communication level security assessment

Client Benefits

  • T&VS introduced an efficient methodology for security testing.
  • The T&VS security assessment will improve business continuity.
  • The fixes made will minimize Black Hat (malicious) attacks.
  • The security assessment will help to protect clients, partners and third parties data.

Find out more

For more information on our asureSECURE service, including Security Coaching and Penetration Testing or to discuss you security requirements in more detail, please Contact Us.

Get in Touch

Find Out More

Contact one of our consultants today to discuss your requirements.
No hard sales, just pertinent questions to understand your needs and to discuss how we may be able to help.

Alternatively contact one of our Local Sales Offices.

Get in Touch
T&VS NEWSLETTER SIGN-UP
The T&VS newsletters inform you about industry news, events and information from T&VS. No spam, we promise and it is always easy to unsubscribe.
We never share your information. Read our Privacy Statement
Interested in Formal Verification?
Then why not attend the TVS Formal
Verification Bootcamp training?
The 2-day Formal Verification Bootcamp is for design and verification engineers looking to enhance their knowledge of formal verification and to learn how to write effective assertions to find and fix bugs. The course is a mix of presentations and hands-on development exercises.
Bootcamp Enquiry Form
If you are interested in receiving additional information on the course then simply email Mike Bartley (TVS CEO and Course Leader) by entering your details below.
Interested in SystemC?
FREE SystemC UVM Library Now Available
The TVS SystemC UVM library closely mimics UVM but gives users a license free UVM-based verification environment.
Have your product requirements been successfully tested and implemented?
Find out how asureSIGN can help you implement a successful Requirements Driven Verification and Test Strategy by visiting asureSIGN or enter your details and we will be in touch.
Course Dates and Pricing
To receive additional information, including course dates and pricing, please contact our training team who will be happy to help.
Download Request
Please complete the following form then click 'submit' to access the download.
Presentation Request
Please complete the following form then click 'submit' to gain access to the presentations.
DOWNLOAD REQUEST
Please complete the following form and then click 'submit' to gain access to the download.
FREE QA ASSESSMENTS
Did you get what you were looking?

Let the testing experts help. We will run a FREE QA assessment which will include our top 5 recommendations to help maximise your testing.