When a leading community housing organisation decided it was time to examine and evaluate their IT infrastructure, they turned to AZTech IT Solutions.
When a leading community housing organisation decided it was time to examine and evaluate their IT infrastructure, they turned to Aztech IT Solutions.
Red Kite Community Housing is a tenant-led, not for profit, charitable housing association who own and manage more than 6,700 homes in the Wycombe District. They are a social landlord but have expanded with new companies that have been set up to offer rents based on a person's ability to pay, build more homes and offer an estate agency service.
In December 2018, we were instructed to conduct a full audit of the Red Kite Community Housing (Red Kite) IT Infrastructure. The infrastructure Red Kite operated from was physically located at their head office, as well as an offsite datacentre provided by their MSP.
We needed to gather significant information on-site both manually and with our auditing software. We also worked closely with the existing MSP for additional information.
The purpose of the audit was to identify the extent of Red Kite’s IT infrastructure and document the processes and procedures used. (in prep for full RFP)
We were to provide a comprehensive audit with the resulting report focused on the infrastructure and IT operations as of December 2018, whilst taking all locations into consideration.
The audit included:
We provided Red Kite with a high-level summary of the hardware, focusing on the core hardware of their IT systems. We conducted an extensive audit both on-site and remotely with the assistance of the current service provider and internal IT resource.
We took all locations into consideration and were able to gather significant information by deploying our auditing software and carrying out on-site checks. We requested information from their existing MSP, the majority of which were fulfilled with a few questions left unanswered.
Most of the hardware was still within warranty periods, with no current warnings or predicted failures. Although we were unable to view the physical hardware at the datacentre, there were no warnings on the state of these devices.
There were some question marks over the hardware found in the server room at head office, and determining whether everything was still active, or needed to be removed physically. Furthermore, we informed Red Kite their AD structure needed to be looked into further due to there being a vast amount of old records, whether they were computer accounts or disabled users (many with admin rights).
With more reliance on mobile systems and Office 365, the lack of a Mobile Device Management (MDM) policy and hardening of access to Office 365 (such as MFA, IP Lockdown), is one area that would be of concern and we informed them that we would expect it to be reviewed.
The audit identified Red Kite have a small amount of hardware and services on-premise, with the majority being hosted at the MSP’s datacentre. The core hardware at the datacentre was owned by Red Kite, but the firewalls and physical location had been provided as a service by the existing MSP.
Additionally, a secondary datacentre had been provided by the MSP, which was used for limited backup replication/DR and redundant internet connectivity.
However, overall, we found that the systems and processes in place were those expected for an organisation type like Red Kite and were in a good state with no critical issues.