Leading New York based ENT provider selects Breadcrumb as trusted security partner.
ENT and Allergy has over 180 physicians practicing in 40+ office locations in New York and New Jersey. The practice sees over 80,000 patients per month. The ENT and Allergy Associates subdivision, Night and Day Sleep Services, currently has 7 Sleep Laboratories and Sleep Centers located in New York and New Jersey.
CIS 20 Control Review
It was a pleasure working with the team at Breadcrumb. Their understanding of security far surpassed our expectations. Breadcrumb’s findings helped shape our path forward to better protecting our critical data.
– Anthony Venuto
Director of Information Technology
ENT and Allergy Associates, LLP
With thousands of IT assets spread across 40+ medical offices throughout New York, the complexities of the ENTA security posture were staggering. “Every IT department is strained for resources,” noted Anthony Venuto, Director of Information Technology for ENTA. “We needed a security partner who understood medical environments, and who could help push our team in the right direction.” More than providing security assessment and analysis services, the chosen partner had to efficiently identify and communicate security deficiencies as well as assist in the prioritization of remediation efforts.
Given the size and geographic distance of ENTA medical offices, effectively capturing and documenting security exposures posed a challenge. “We didn’t have an unlimited budget,” said Brian Horton, CEO of Breadcrumb Cybersecurity. “We had to break the mold a bit to ensure we met our client’s requirement while ensuring our quality and standards were met.” Utilizing a mixture of vulnerability management appliances, on-disk agents, and manual control reviews, Breadcrumb engineers assessed the entire organization within the CIS Top 20 Controls and all within budget. In addition, Breadcrumb performed systematic Wi-Fi testing, on-premise physical barrier assessments, and highly customized penetration testing campaigns. “By performing targeted penetration testing, we demonstrated real-world outcomes,” said Brian Horton.
From start to finish, the overall engagement was completed in approximately nine (9) weeks. Breadcrumb delivered a cohesive report outlining organizational strengths, weaknesses, and strategic recommendations. This type of actionable reporting promoted meaningful resource prioritization and the measurement of ongoing remediation efforts.