case-hacker-2.jpg

Case Study

Security

Client
Large non-profit payroll service provider
 
Issue
Client handles over $2.5 billion in payroll. With sensitive PII data for over 20K people, the Client needed to protect its business and the employee data it manages.
 
Request to Bridgepointe
Bridgepointe was engaged to help the Client assess their information exposure and to develop a comprehensive security program.

Research

We worked with the client’s IT team to research the applications in use, the infrastructure that hosts them and how the data flows through the various systems. The Client had worked with a leading business auditing firm in the past but that effort did not result in an ongoing security program.  We engaged two leading providers in the space to replace the audit-only process with a comprehensive solution. Based on the extensive assessment, the selected provider developed a program including processes & procedures for the Client’s security posture.  Application testing was conducted along with internal and external penetration testing.  Best practices were applied in the implementation and managing of applications and databases.  All of this was supplemented by a robust security information and event management (SIEM) implementation in conjunction with the provider’s security operations center.

Result

We were able to help the customer transform from ad-hoc security to a program based comprehensive security implementation with a proactive posture in dealing with threats to the business revenue and their reputation as a leading provider of services to their clients. Because of our notable work on the security project, Bridgepointe is engaged with a multiple connectivity and managed services project for the Client.