Case Study
A Leading Software Organization Uses Coalfire®-Authored White Paper to Enhance Go-to-Market
A leading software company understood that producing a white paper had the potential to be a powerful marketing strategy to communicate and support its product claims. The company knew it needed an industry expert to perform technical testing and validate its suite of security products to demonstrate secure functionality and the ability to achieve PCI DSS and HIPAA compliance for end users.
CHALLENGE
The international software company develops end-to-end encryption technologies that help organizations protect their customers’ data. For the company, evaluating its suite of products against security best practices and various standards, such as the Payment Card Industry Data Security Standard (PCI DSS), was critical to doing business. To validate its sales and marketing claims, the company wanted to ensure its products enabled customers to meet the PCI DSS and the HIPAA compliance standard.
Since 2012, the company has retained Coalfire to perform security reviews for various technology solutions including tokenization, ecommerce, mobile, and more. Attracted to Coalfire’s security focus, vendor-agnostic approach, and highly skilled team, the company employed Coalfire to conduct a heavily tailored engagement to validate the complex functionality of its software suite to support the go-to-market strategy.
APPROACH
Coalfire started the engagement using security best practices and customized testing methodologies to review each solution. Coalfire reviewed documentation, interviewed developers and other key stakeholders, and set up the solutions in a lab environment. Using the lab environment, Coalfire tested the company’s claims to ensure its products were secure, as well as to confirm they could meet various compliance requirements.
RESULTS
Coalfire wrote and updated multiple white papers to confirm the end-to-end product series met security best practices and multiple compliance standards, including PCI DSS and HIPAA compliance.
“Not all Qualified Security Assessors (QSAs) understand PCI data security in depth,” stated the senior director, data security specialist at the software company. “Coalfire and their depth of knowledge and experience give our prospects and customers actionable information on how to protect PCI data through all their payment channels, including customer-present, mobile, web and post-authorization. Coalfire’s guidance gives our prospects the confidence to launch a data security strategy that will meet both their security and compliance objectives.”
“Leveraging these white papers, the international software company has been able to offer its clients confirmation that its products and solutions will meet specific compliance requirements, as well as provide up-to-date security protection. The organization has been able to differentiate its product offerings in the marketplace, thereby shortening the sales cycle and increasing sales. The company continues to partner directly with Coalfire to demonstrate its unique value offering.”
DAN FRITSCHE, PRINCIPAL, RETAIL AND FINANCIAL SERVICES, COALFIRE