Ephibian personnel interviewed 3C management and several 3C country managers for system security requirements. Ephibian personnel examined and evaluated the existing 3C system and network topology, providing a strategy, priorities, and recommendations to secure the operation. Upon approval, Ephibian also worked with local IT staff to implement recommendations.

Ephibian performed a network and system evaluation from topology studies, non-intrusive port scanning, and audit technology that identifies weaknesses in network and server configuration as well as identification of known vulnerabilities. Our evaluation considered 3C’s individual assets and risk profile and was customized to their needs.

Ephibian personnel recommended and worked with 3C staff to secure server configurations, increase firewall security, and new security technology like VPNs, Tripwire, Log Monitor, and automated notification tools. This resulted in:

• The secure reports server currently processes information on over 80 million transactions and imports an additional 60,000 new credit card transactions every day.
  
  
• Over 3,000 reports are processed and securely accessed each day through 128bit encrypted HTTPS connections
  
  
• Secured servers include both Windows 2000 and Red Hat Linux systems with the IIS web server and Oracle RDBMS
  
  
• Cisco PIX firewall and routers were examined and improved
  
  
• VPN employed for secure, remote administration
  
  
• Access logs provde data on connectivity and system login attempts