NetSPI Market Case Studies

Download any of these case studies detailing how clients solved particular security challenges.

• 

  Case Study on Carlson Marketing

  Challenge:

  Carlson is required to provide Visa with an assessment of its compliance with Level 1 standards. PCI standards require an in-depth third-party assessment.

  Results:

  "NetSPI found some gaps in the firewall rules and drove the workflow in making the necessary changes...The results of NetSPI's penetration tests are not typical...They don't just give us a 10,000 foot view, they dig deep, and we are able to act on their recommendations. By the way, they also charge less than other QSA's."

• 

  Case Study on Fairview Health Services

  Challenge:

  Understand all the ramifications of PCI compliance and do an SAQ.

  Solution:

  NetSPI documented gaps between current practice and PCI requirements, studied how credit and debit card data flowed through the Fairview network, assisted with the SAQ, conducted ASV scans, and help set up a "PCI Island" that limited the the scope of the PCI regulations.

• 

  Case Study on Fortune 500 Financial Services Firm

  Challenge:

  The company needed a qualified third-party to to an independent review of the controls in place to safeguard confidential data.

  Solution:

  Over the course of our four year relationship with the client, NetSPI has performed a wide range of tests and assessments - internal and external penetration tests, database audits, application security assessments, reviews of firewall rules and network architecture, as well as social engineering exercises to test human security as well.

• 

  Case Study on Graco Inc.

  Challenge:

  Ensure the security of the clients intellectual property as well as the integrity of its operations.

  Results:

  "NetSPI has done an excellent job understanding risk and compliance and creating usable solutions at Graco. NetSPI has integrated with the Internal Audit group and provided significant value to Graco's IT staff."

• 

  Case Study on HealthEast

  Challenge:

  HealthEast, the largest locally owned heathcare organization in the Twin Cities East Metro, area needed someone who understood the internal and exteral threats to their information security as well as the ability to uncover vulnerabilities in their applications, systems, and technologies.

  Results:

  NetSPI has undertaken a wide range of project for HealthEast, including risk analysis and a variety of assessments: external, internal, and physical security, PCI compliance readiness, as well as application security.

• 

  Case Study on Miner's Inc

  Challenge:

  Miner's Inc., a regional retailer with 29 grocery stores and two liquor stores, found itself confronting the daunting task of achieving compliance with the new PCI standards. This was particularly challenging for a mid-sized business with an IT staff of just seven people.

  Solution:

  NetSPI performed a penetration test and gap analysis to see where the company was and where it needed to be. At the same time, the company was considering using ServerEPS, which would remove all the cardholder data from their environment, so NetSPI did an analysis which detailed all the gaps.

• 

  Case Study on Minnesota State Colleges and Universities

  Challenge:

  Minnesota State Colleges and Universities (MnSCU), one of the nations largest higher-education systems, was faced with creating a definitive yet flexible security and compliance framework that could be executed cost-effectively across a range of independent-minded organizations.

  Solution:

  An on-going partnership with NetSPI covering several initiatives including Strategic Program Review, ISO 17799 Based Policy and Standards Development, Compliance-Based Assessment, and Security Assessment Program Development.

• 

  Case Study on Xcel Energy

  Challenge:

  Xcel Energy Nuclear needed to understand and mitigate the risks that could lead to limiting conditions for operations, total shutdowns, or even contribute to catastrophic events.

  Solution:

  Since 2002, NetSPI was a key partner of Xcel through ongoing security assessments and the development of its cyber security program. Through its relationship with NetSPI, Xcel has been able to reduce its operations risk and ensure regulatory compliance.