Rosslyn, VA – April 17, 2006 – IDEA, an industry owned eCommerce service provider, today announced that its Industry Data Warehouse (IDW) has earned “Excellent” security ratings by Digital Defense, Inc. (DDI), the highest possible rating that can be issued.
DDI, a company specializing in network security assessments, conducted an External Penetration & Social Engineering Test on the Industry Data Warehouse (IDW) in February 2006.
“There was no hesitation to have this audit performed. We are committed to providing our customers with 100% secure solutions; therefore we understand the importance of keeping their business information safe and accessible only by authorized users,” said Mike Rioux, President, IDEA.
The security tests consisted of launched attacks conducted over multiple phases during a potential penetration to determine a variety of information. The goal was to provide conclusive identification of vulnerabilities that could allow an attacker to gain unauthorized access to components within the IDW network.
After completing all specific tests, a DDI analyst assigned the IDW an overall rating of “Excellent” for the penetration test. The analyst noted that few of the systems and networks tested by DDI are given an “Excellent” rating.
“With this recent accomplishment, security should no longer be a concern for anyone participating in the IDW. These ratings only confirm what Square D Schneider Electric has known all along. IDW is the most secure place to store our product and pricing data,” said Ann Adams, Channel Management/Operations, Square D Schneider Electric. “It is the only 3rd party provider we use to update our product and pricing information directly.”
DDI also performed a remote social engineering exercise that targeted the IIDW call center. The goal was to obtain access information, specifically a valid password, for the target system by deception. Personnel from the IIDW call center responded correctly by refusing to provide compromising information. This earned the IIDW Call Center with yet another “Excellent” rating, this time for the social engineering engagement test.
DDI noted again that “analysts are usually extremely effective in gathering sensitive information during our social engineering engagements, and that VERY few clients achieve an “Excellent” rating”. The IIDW Call Center was lauded for their awareness of, and attention to, security fundamentals.
“I hope this accomplishment will increase the confidence within the industry and that more and more will utilize IIDW in the future,” said Adams.
For questions regarding any of the conducted tests, please contact Rita Hagopian at rhagopian@idea-eSolutions.com or (703) 841-5910.
About Digital Defense, Inc.
Founded in 2000, Digital Defense, Inc. (www.digitaldefense.net) provides affordable security solutions that allow executives and IT personnel to assess their network security condition, manage their IT risk, and validate deployed infrastructure. Frontline™, it’s subscription-based vulnerability management service, combines a superior security information management platform with a trusted and independent team of security analysts who provide continually updated market-specific vulnerability analysis. The Digital Defense team is comprised of recognized security experts who focus on specific markets, through which they garner a better understanding of client needs in an environment of increasingly complex security threats. Based in San Antonio, Texas, Digital Defense has over 400 clients nationwide.
IDEA is an e-commerce service provider jointly owned by NEMA and NAED. Developed to drive down supply chain costs, IDEA (www.idea-eSolutions.com) provides the Industry Data Warehouse (IIDW), a central repository of manufacturer product, pricing, and attributed data; the Industry Data Exchange (IDX) is an Internet-based communications hub that enables business trading partners to exchange business documents using EDI, XML, flat file, or Web form transactions sets; the Industry Retail Database (IRD) a central repository of manufacturer retail product data to meet retail hardware powered by CERICOMX®, CPG and GS1 US requirements; IDEA eCredit (IeC), a hosted industry account receivables reporting database and the Data Audit and Certification (DAC) Program to verify manufacturer data meets specification criteria to ensure data synchronization between business partners.