• Home
• About Us
  • Services
  • Case Studies
  • Clients
  • Framework Agreements
  • Certifications and Accreditations
  • Memberships
  • History
  • Contact Us
• In Focus
  • Improving Data Handling
  • UK National Security Strategy
  • UK Cyber Security Strategy
  • Information Superiority
  • Information Sharing
  • Information Exploitation
  • London 2012 Olympic and Paralympic Safety and Security Strategy
  • Managing Efficiency
  • Connecting to Secure Government Networks
  • Acquisition Reform
  • Through Life Capability Management (TLCM)
  • Business Continuity Planning and Management
  • Addressing Sustainability
• Services
  • Understanding the Enterprise
  • Exploiting Technology
  • Securing Cyberspace
  • Assuring Programme Delivery
• Markets
  • Defence
  • Security
  • Civil Government
  • Transport
• Newsroom
  • Press Releases
  • Events
  • Media Contacts
• Publications
  • White Papers
  • Case Studies
  • Brochures
• Careers
  • Opportunities and Development
  • Our value to clients
  • VEGA People
  • Consultants
  • Career Events
  • Vacancies
  • Cyber Security Job Opportunities
  • Careers Contacts
• Contact Us

eDisposals

Since 2002, VEGA has been assisting the Disposal Services Authority (DSA) in its security requirements for its eCommerce website, eDisposals.com.

The Challenge

The DSA provides expert and accessible disposal solutions to a wide range of clients – military and civilian alike. It not only supplies a collect-to-dispose service, but also sells a wide range of refurbished items, from socks to computers.

With the increased use of the Internet and online selling, particularly through websites such as Amazon and eBay, the DSA decided that having an online marketplace for the disposal of its non-contentious items would be a viable sales channel. It would enable sellers and buyers to introduce each other in a modern manner, thereby facilitating the exchange of equipment and subsequently generating more return to the Government. The end result is eDisposals.com, the DSA’s own eCommerce website.

How VEGA helped

The very nature of the website demands that its integrity and the confidentiality of its customers must be assured. Since 2002, VEGA has played a key role in ensuring that this requirement has been met by providing a Security Assurance Coordinator under the CLAS scheme to help define and manage the resources and processes required to address the security requirements of eDisposals.

In addition, VEGA managed and supplied CHECK-approved staff to perform two rounds of formal penetration and application testing of different versions of the website before they went live in 2004 and 2005. The first covered the entire operational basis of the site, which led to successful accreditation, while the second covered the security testing of an important extra module which integrated with other DSA systems. VEGA also specified, managed and reviewed at least six rounds of penetration and application tests from other CHECK suppliers, in between 2002-2008, explaining their consequences to the DSA. The results of all of these tests proved the quality of the advice given by the VEGA Security Assurance Coordinator.

Value being delivered

eDisposals is the first operational eCommerce website the MOD is managing and is in the vanguard of a raft of security, technology and usability issues. VEGA has also ensured that the implementation of the credit card payment facilities across the site – the first MOD website to do so – and a two-factor authentication system have complied with all the appropriate security and privacy regulations.

In January 2009, eDisposals.com won the Shared Services category at the e-Government National Awards.

Testimonial

DSA Director for Business Development and Information Systems, Les Taylor, said: “The main VEGA consultant has become an integral part of the project, delivering cost-effective, practical and secure solutions to the DSA as it leads the way in this area of eCommerce within the MOD. He has taken the DSA’s side in all matters, and steered it through the practical use of Her Majesty’s Government (HMG) and MOD security policies. This has led to the whole project being successful for the MOD, HMG and its commercial partners. To date, the system has remained operational 24/7 for four years without succumbing to embarrassment (through hackers defacing the site) or denial of service (hackers trying to bombard the site with erroneous and voluminous data). The project has even been mentioned favourably in Hansard.”

Contact VEGA for further information about our work in Government