Case Study of a Machinery Parts Manufacturer

This case study examines how PCG’s services helped a machinery parts manufacturing shop. The shop has 85 employees and 30+ PC users spread between two locations in New Hampshire and Michigan. Due to the sensitive nature of these details, the client’s name has been omitted from the case study.

Client Background

The client had an aging infrastructure and an internal IT person who was taking a band aid approach to most tech issues. Their business had recently picked up due to increased demand for their products, and they had just landed a contract with the Department of Defense (DOD), increasing the compliance requirements they needed to meet.

Strategy and Tactics

We decided to start with a network and risk assessment so that we could help the client with these two specific needs:

  1. Deploying an application to support their new line of business
  2. Meeting the compliance requirements to work with the DOD

Network Assessment

When we looked at the network, we discovered an aging infrastructure including outdated servers and PCs and site-to-site connectivity issues. Then, we contacted the new line-of-business vendor to see what was needed to support their application.

We came up with a budget and a timeline for the client to upgrade their network and invest in new servers, PCs, and backup storage devices. We also created a plan for managing these systems in the future, and we onboarded the client with our managed services and tools so they would have hardware updates, anti-virus, and other security services in place.

Security Assessment

The DOD as well as the client’s other partners had very specific security and compliance requirements, and to ensure our client was ready to meet these requirements, we took a look at their security gaps and vulnerabilities based on the NIST 800-171 and CMMC Level 2 frameworks.

We started with a 2-hour strategy session with the company’s management team to talk about how they handle their data and user access both internally and externally. Then, we ran third party internal and external vulnerability scans.After that, we sat down with the leadership team to talk about our findings and recommendations.

Together, we created a strategy that outlined the security tools and services they needed, and we drafted a roadmap and a budget to get the client in line with the DOD’s compliance requirements. We also worked out security policies related to password management, file access and permissions, remote access to the network, and backups processes.

To make this possible, we added the following security services:

  • Endpoint Detection and Response (EDR)
  • Security Incident and Event Management (SIEM)
  • Multi-Factor Authentication (MFA)
  • Dark Web/Email Compromises
  • Updated firewall with added security services
  • Managed Detection and Response (MDR)

All of these elements work together to create a more secure environment, and the MDR provided the client with outsourced 24/7/365 cybersecurity support.

Results/Outcomes

After the PCG teamed implemented these changes, our client enjoyed the following benefits:

Up-to-date Network

Now rather than limping along with an outdated network, the client has an up-to-date network that is completely scalable as their business grows. They have a long-term plan in place so they can budget for IT upgrades annually, instead of waiting 10 years and having to deal with everything at once.

Documentation Process

They now have a documentation process in place so they can prove they are compliant with the cybersecurity and technology requirements of the DOD and other clients.

Expanded Business Ability

The documentation process and the improved cybersecurity environment means this company now exceeds the requirements for doing business with the DOD, the military, and other government entities. Their commitment to security also makes them more competitive and better poised to gain contracts with other clients.

Enhanced Peace of Mind

Now that PCG is keeping an eye on the network and regularly reviewing security policies, the client has enhanced peace of mind. They don’t have to worry about cyber attacks or data breaches.

Increased Productivity

The 24/7 helpdesk provides support in under five minutes, allowing workers to avoid time-consuming tech delays. The PCG team also centralized the client’s network which helped to improve productivity. In the past, the company’s two locations each had their own network, and if someone from Michigan needed to access a piece of information stored in New Hampshire, they had to send an email or make a phone call. Centralizing the network removed these inefficiencies.

Proactive Approach to IT

Rather than taking a bandaid approach to IT, the client has adopted a proactive approach. We meet twice a year to talk about our VCIO/IT strategy and to make recommendations about their IT and security plans. This proactive approach minimizes unexpected issues and expenses.

The PCG Difference

When working with this client, we don’t just exclusively focus on IT. Instead, we make sure that the IT environment supports the rest of the business’s operations. To that end, we talk with the client about their business goals and concerns, and we bring our expertise to all kinds of issues including websites, sales and marketing, human resources, employee resource management, hiring, and more.

Ready to improve your IT environment and position your manufacturing company for success? Then, contact PCG today.