In this SPOTLIGHT ON CLIENT SUCCESS, Roan Solutions Inc. shares how it is driving the success of its clients.
Solutions Provider: Roan Solutions Inc.
Client Name: The Boston Group
Describe this client’s problem that precipitated the need for your solution(s).
The Boston Group is a B2B and B2G marketing communications firm serving clients in the aerospace and defense, technology, and healthcare industries, among others. The agency’s staff utilizes several dozen machines: a majority of Mac computers along with some Windows-based desktop PCs and servers. The Boston Group’s work for a large client with government contracts in the defense space requires the agency to comply with NIST 800-171 regulatory requirements, which delineate the proper and secure handling of controlled unclassified information (CUI). This meant that all devices in use at The Boston Group needed to be secured according to NIST 800-171, calling for a managed solution capable of providing encryption, robust device access control, and specific data protection.
What solution did you implement and how did it address the client’s challenge?
We had been using an encryption/data security solution, but it had become more cumbersome and relatively time-consuming to manage – largely due to the need to deploy it on our infrastructure rather than in the cloud. Our incumbent solution also required additional efforts to avoid compatibility issues, given The Boston Group’s mixed environment that included both Mac and Windows-based systems. We realized we needed to adapt and change course.
We then transitioned to implementing Beachhead Solutions’ SimplySecure for MSPs, which has the tight access controls and data encryption we needed to ensure Boston Group’s NIST 800-171 compliance. We chose the platform because it provides access management for any client’s full fleet of devices, including PCs and Macs. We also enabled SimplySecure’s protection option for securing USB devices and any data on them. This way, if one of The Boston Group’s devices is lost, stolen, or otherwise compromised, data access from that device can be immediately revoked and quarantined, and any data can be deleted remotely if need be. The cloud management portal also provides documentation for proving that data on a compromised device has remained encrypted – demonstrating that no data breach took place. This is important if there is ever a security audit.
In tandem with SimplySecure, we also use SOCSoter to meet Boston Group’s compliance needs; the solution provides us with threat and intrusion detection along with vulnerability scanning.
How is the solution helping the client do business more efficiently?
With our managed solution and technologies in place, we were able to implement access controls and encryption across all of The Boston Group’s devices in a single day. This gave us huge savings in time and effort versus our previous non-cloud-based solution. We were also able to apply these NIST-adhering security initiatives to Macs and PCs with equal simplicity. Additionally, the solution allowed us to smoothly deploy the solution across the client’s devices, with no significant interruption to employees or their work.
How is that success being measured and attributed to your solution?
By providing The Boston Group with an easy-to-deploy access control and data encryption solution, it’s simple for the firm to demonstrate secure protections that align with the stringent NIST 800-171 compliance requirements. For these reasons, The Boston Group attributes the solution as playing an essential role in helping it earn and retain clients in the defense sector, as well as across industries the firm touches – like healthcare – that demand similar security protocols be in place.
Has this solution led to any new business opportunities or product/service offerings for your company?
Our success with The Boston Group has provided a powerful blueprint for helping other Roan clients that must adhere to NIST 800-171 and any other compliancy requirements. It has been a valuable case study for how the right device encryption technologies can deliver protection even under the most stringent regulations, and we’re confident in what we can offer businesses in similar situations. It’s been a powerful narrative for business development, particularly as compliance requirements – and this is true across industries, not just for government contractors – continue to become more comprehensive.