Fixing Legacy Code Risk:
A Security Audit Worthy of Elrond’s Council
"The work product from TeraTech was fantastic - detailed, focused on our application, and incredibly valuable."
Brad Metzler | Senior Network Engineer, Concordia University
Problems Faced (The Shadows Deepen)
- A 10-year-old ColdFusion-based application managing user credentials had undergone little maintenance, like a forgotten sword rusting in the corner of a dusty armory.
- Hidden security vulnerabilities lurked like orcs in the mountains, unseen, but no less dangerous.
- Internal staff lacked the time and resources to hunt down every possible threat.
- With outdated code and old server versions, there was a looming risk of non-compliance. Or worse, a breach of sensitive student and staff data.
- Leadership needed more than good intentions; they needed proof that the app wasn’t riddled with flaws.
About Concordia University
Nestled in Portland, Oregon, Concordia University employed over 1,000 faculty and staff across on-campus and online programs. With great size comes great responsibility, especially in managing secure access to student and employee accounts. One such internal app, written in ColdFusion some ten years prior, had become a matter of concern for Senior Network Engineer Brad Metzler.
It had served faithfully, like a loyal steward of Gondor, but time had worn it thin. The lack of updates and ever-changing digital threats left Brad uneasy. The university needed more than hope. They needed a thorough inspection.
Improvements Achieved (The Turning of the Tide)
- Delivered a thorough security audit tailored specifically to their application, not a templated scroll from some far-off vendor.
- Uncovered hidden vulnerabilities and prioritized them with the wisdom of Elrond.
- Offered clear, actionable steps that Brad’s team could implement without delay.
- Provided leadership with a trustworthy report with equal parts shield and roadmap.
- Freed up staff resources for more strategic work.
- Most importantly, brought peace of mind that user privacy was protected and the system was secure.
How TeraTech Helped (The Fellowship Forms)
Brad knew the stakes were high. Despite his own considerable skills in ColdFusion, the scope of change across the coding landscape, from HTML standards to server configurations, meant this wasn’t a quest he should take alone. The risk of missing something crucial was simply too great.
Enter TeraTech. Not clad in cloaks or bearing ancient swords, but armed instead with project planning tools, open communication, and deep ColdFusion expertise. From the outset, they brought clarity and confidence. With Basecamp as their palantír, they maintained visibility and trust throughout the process.
The real treasure came in the final audit report. This wasn’t some soulless checklist from a distant land - it was a detailed, thoughtful, and application-specific map of vulnerabilities and solutions. Every risk was identified, prioritized by urgency, and paired with actionable recommendations.
For Brad, this meant peace of mind and a solid plan. For Concordia’s leadership, it meant assurance that their data and their reputation were being guarded like the gates of Minas Tirith.
Brad walked away from the experience not just with a stronger application, but with confidence. And in the world of legacy code, that’s more precious than mithril.
