ICT Ignite - Cyber Security Project for ElektraFi
Project scope
Categories
Security (cybersecurity and IT security) Information technologySkills
incident response cyber security incident reporting vulnerabilityThe primary goal of this project is to thoroughly document the security architecture of ElektraFi's financial wellness platform and to identify and recommend improvements that will enhance our ability to confidently answer vendor security questionnaires. These efforts will ensure that ElektraFi can provide clear, comprehensive, and convincing assurances to customers regarding the safety and security of their data.
Tasks and Activities:
Security Architecture Review:
- Conduct a detailed assessment of the existing security architecture, including network security, application security, data encryption, identity and access management, and incident response protocols.
- Evaluate the current security posture and identify any potential vulnerabilities or areas for improvement.
Vendor Security Questionnaire Analysis:
- Review and analyze common security questionnaires from vendors to identify key areas of concern and required security assurances.
- Map ElektraFi’s current security practices to the requirements and expectations outlined in these questionnaires.
Gap Analysis:
- Compare ElektraFi’s current security architecture against industry standards and best practices.
- Identify gaps between existing practices and the security measures required to confidently answer vendor security questionnaires.
Recommendation Development:
- Propose actionable recommendations to address any identified security gaps.
- Prioritize recommendations based on potential risk impact and ease of implementation.
Documentation:
- Create comprehensive documentation of ElektraFi’s security architecture
- Develop standardized responses to common security questionnaire topics, supported by the documented security architecture.
A walk-through of the product, and access to ElektraFi's development and staging environments, enabling learners to analyze the security architecture in a controlled and safe setting.
Time with our development and devops teams to learn how our systems are designed and configured.
Access to our existing security and incidence response policy documentation.
We will provide sample vendor security questionnaires that the learners can use to align their findings with real-world requirements.
We will have a dedicated contact person available to answer questions and coordinate access to any additional resources that may be required.
Supported causes
The global challenges this project addresses, aligning with the United Nations Sustainable Development Goals (SDGs). Learn more about all 17 SDGs here.
About the organization
ElektraFi is a financial wellness platform designed to empower employees with actionable insights and personalized financial guidance. We provide a comprehensive, easy-to-use tool that helps users manage their finances more effectively, regardless of their income or financial background. Our platform offers budgeting tools, financial planning resources, and contextual insights that assist users in making informed decisions about their money. By partnering with employers, we aim to enhance employee financial wellness, reduce financial stress, and promote overall well-being in the workplace.