Case Study:
Administrative Solutions, Inc.

You may download the full case study here.


Objective

Falling under federal guidelines as a HIPAA Business Associate, Administrative Solutions, Inc. required a security partner with the experience to guide them through the complexities of the HIPAA regulatory framework. In addition to traditional HIPAA compliance, ASi desired to implement a holistic security program, addressing both disaster recovery planning and breach response preparedness.


Solution

As a benefits management firm, ASi had to account for various types of cybersecurity exposures. Considering the volume of e-PHI, partner integrations, and fluctuating customer requirements, Breadcrumb developed a multi-faceted approach. Simulating real-world scenarios, Breadcrumb engineers deployed custom malware and phishing campaigns, isolating key staff members and the e-PHI they controlled. In addition, Breadcrumb conducted an in-depth vulnerability and risk assessment fulfilling traditional HIPAA SRA requirements. To conclude the engagement, documented exposures were categorized within the CIS framework for future trending and benchmarking .


Having a local firm that specializes in cybersecurity was indispensable. Their findings and recommendations were insightful and practical. We look forward to an on-going security partnership with Breadcrumb.
— Barry Maas, President

Results

By experiencing real-time simulated data breaches, ASi staff members were not only more aware of their cybersecurity risks, but considerably more prepared. "This was a very informative process for our team," said Barry Mass, CEO of ASi."The breach simulation scenarios developed by Breadcrumb were eye-opening." As the conclusion of the engagement, Breadcrumb executives performed onsite security training for all ASi team members, reviewing engagement outcomes and best practices.

Service Delivered

  • CIS Control Framework

  • HIPAA SRA

  • Penetration Testing


Breadcrumb Cybersecurity helps organizations protect their infrastructure, critical data, and reputation of from advanced threats seeking to do them harm. Based in California, Breadcrumb offers comprehensive cybersecurity services for organizations throughout the U.S. Our services include regulatory compliance, risk assessments, digital forensics, penetration testing, incident response, technical/staff training, 24/7 security operations, and on-going advisory services.