With over 25 years in business, one of the largest accounting firms in the U.S.— a leader in tax and accounting work for mid-sized and large organizations — was challenged with its growth. Over the past five years, the organization has been acquiring firms at a fast pace and was looking to become SOC2 compliant to avoid loss of customers due to the changes in the law. Their existing infrastructure and security program were not equipped to support compliance with the changed regulations.
As the organization grew through acquisition, its customer database grew — along with its sensitive client data. With such growth, the firm was looking for an innovative way to enhance its security posture and become SOC2 compliant. Additionally, the organization wanted to have secured communication channels for data transmission to prevent confidential data from falling into the wrong hands.
Triden Group quickly implemented a strategic program that mapped the organization’s path to becoming SOC2 compliant. The program included the following:
- Discovery and assessment of existing infrastructure and security posture.
- Implementation of multi-factor authentication for critical applications with PII data.
- SOC2 readiness assessment.
- Segmentation of PII information with a secured SOC services perimeter 24×7.
- Implementation of a new security model for the entire organization and previously acquired organizations.
- Review and implementation of an MDM solution to protect organizational data on mobile devices.
- Implementation of a security program for SOC2 compliance submission.
- Implementation of secured email communication for the transmission of data on a secured channel.
The final product provided visibility to potential blind spots, enabling the security team to triage, investigate and respond to cyber threats from any entry point. The management team now has full confidence in the technology that protects their clients’ information.
In a short period of time, Triden Group was able to assess and present a strategy that raised the organization’s security posture and SOC2 compliance with new technology. This was accomplished through a combination of SaaS, managed services and virtual CISO advisory services. The result was a secure, SOC2 compliant environment. Ultimately, Triden Group has allowed the organization to advertise its security posture to its clients and raised the firm’s level of confidence that the clients’ data is secured.