This network security expert earned a multiyear IT consulting project with a medical company by helping the client self-discover its security vulnerabilities.
Quality Plus Consulting (QPC) is a five-employee firm that architects and secures networks, servers, cloud platforms, infrastructures, applications, endpoints, and email solutions. One thing that stands out about its business model is that it doesn’t focus on signing customers up for monthly recurring managed services programs.
Help Prospects Self-Discover Their Security Vulnerability
LifeCenter Northwest (LCNW) is a 100-employee company specializing in organ transplants that QPC engaged with last year. “Oftentimes when we meet with a client, they know something is wrong, but they don’t know how serious the problem is,” says Felicia King, president of QPC. “For instance, in this case, they knew their network was sluggish, and they wanted to make it faster, but the culprit was much different from what they thought it was.”
When QPC’s architects took a closer look, they discovered that the client had no visibility into who was accessing its network, servers, or endpoints; it lacked adequate endpoint security; and it had inadequate documentation for its network standards, security policies, and procedures.
“The root problem was that over the years the client had hired contractors to perform specific network projects, and there was no continuity with the network architecture,” she says. “For example, one of the contractors created a subnet and put everything on it with no segmentation, which made it impossible to monitor and secure the network.”
QPC’s thoroughness with its assessments and inquiries earned the client’s trust, and after validating that the client understood what would be entailed in resolving its problems, a deal was struck.
Take A Long-Term View Of Network Health
QPC recommended and implemented several solutions and networking services, including:
The network reconfiguration and upgrades were rolled out in stages over a two-year period, which allowed the organization to fully adopt each new security solution, server, network, or endpoint change one at a time. “It also allows for the IT staff to manage any ticket load associated with the changes,” she says.
The client now has nearly total awareness of what is going on at the network, server, and endpoint level, says King. “We are adding cloud awareness and additional security controls every quarter. The new network visibility tools provide the IT staff the ability to identify which devices unauthorized traffic is associated with in less than 5 minutes, even when the endpoint is on the guest network and is not joined to the domain.”
Another sign of the success of the project is that the medical company continues to contract with QPC — not because it’s locked into a long-term contract, but because it continues to receive valuable advice and visible improvements to its network.