Security Threat Risk Assessment - eServices Platform


The Government of the Yukon, Highways and Public Works, ICT leadership required an understanding of where and how sensitive information may be at risk of being compromised for the public facing systems serving their citizens. Adding to complexity was that their systems had many touch points between business owners, multiple external software vendors, IT and front line staff.


Make IT was engaged to conduct a Security Threat Risk Assessment for several web based applications developed and supported by the eServices Frameworks spanning several departments. A total of 8 applications were evaluated including systems in operation for Highway and Public Works, Health and Social Services, Environment Services and the Yukon Courts.

Our assessment required us to interview business owners from each department, external software contractors, ICT infrastructure staff, and eService program management staff. Following the interview process, we evaluated the eServices platform, supporting network infrastructure and security for structural weaknesses that may be vulnerable to multiple internal and external threats.


Reporting directly to the eServices Branch Senior Management, Make IT delivered a report detailing sensitivity of the data managed by the platform, confidentiality and privacy considerations, data integrity and availability. The client was left with a comprehensive view of the overall risk profile of its eServices platform. As well, we were able to guide them through multiple approaches and tactics for risk mitigation they could act on immediately to secure their systems. Critical risks identified by the assessment were then addressed by the client and the 8 applications were deployed safely to production.


Problem solving. Spitballing. What-iffing. Whatever shape the conversation takes, we’d like to hear from you.