Meet Industry-Specific Security Compliance Requirements

Regal Credit Management logo
Every company has a unique set of IT security compliance requirements and industry-specific expectations to meet. Find out how Digital Maelstrom helped a credit management company nail each one of theirs.
The Challenge

Regal Credit Management is a financial services business that helps its clients develop impressive credit profiles. Their organization partners with a diverse mix of business management firms, accounting firms, financial planners, wealth advisors, and other financial institutions. Their certified FICO professionals use highly effective, cutting-edge credit management strategies to help clients achieve high quality results.

Due to the very nature of Regal’s business model, they handle extremely sensitive financial information about each and every one of their clients. At one point, Regal’s leaders decided they were going to take a more robust, comprehensive approach to their organizational security. Several of their financial partners had begun requesting information about the security measures Regal was taking to protect PII, PCI, and other sensitive data. Regal wanted to be able to demonstrate that they had a strong information security program in place. More than appeasing their business partners, Regal also sought to ensure they were compliant with the many industry regulations and laws applicable to companies in the financial services industry. Whenever Regal’s team members began researching relevant industry expectations and rules for their security plan, they were surprised upon finding they may not have been meeting each industry requirement. Already upset by this discovery, they became even more agitated when they realized how much it would cost to meet these requirements. Regal needed a knowledgeable, highly experienced, and empathetic IT security provider to help them foundationally upgrade their IT software security stance from the ground up.

Woman looking at computer shocked at all of the security compliance requirements her company must follow
Our Solution

Regal Credit Management hired a third party information security company to help them begin to meet the security compliance requirements. Shortly afterwards, the InfoSec company recommended Regal hire us as well. This recommendation was based on our IT advisors’ experience working with a variety of companies, knowledge of security compliance requirements relevant to various industries, and the quality of our Secure Software Development (SSD) services in protecting personally identifiable information (PII). Eager for more insight and assistance, Regal’s team met with ours to share in several valuable conversations about their business model and their unique set of business practices. After speaking with our team about their project, they happily selected us as their IT partner.

Meeting Specific Security Compliance Requirements

Our IT experts architected and implemented a highly secure Salesforce environment by following the Secure Software Development Lifecycle (SSDLC). The SSDLC is a comprehensive, complex, highly effective development process which fully integrates security into every step. Because Regal regularly deals with extremely sensitive information about their customers, they needed to have an equally secure product holding the information. We configured the Salesforce environment to highly encrypt sensitive information. As an extra security measure, internal access to this data is protected with concrete, need-to-know company security policies. Additionally, we also used the Angular HTML5/JavaScript framework to create a stylish client-facing web enrollment application that lives underneath Regal’s main website.

After providing our initial information security services and helping them meet security compliance requirements, Regal asked us to stay on as their IT partner to assist with recurring IT services and expertise. Today, we manage their Salesforce system and their custom enrollment system through code management, providing ongoing support, and answering any security questions they have.

Services Used

Secure Software Development
Take your application to all new levels of security with Secure Software Development. Click to learn more!
Architecture Planning
Build top-of-the-line software when using our architecture planning services. Click to learn more!
Change Management
Change doesn't have to be stressful - let our operations team guide your company to the other side. Click here to learn more!
Cloud Migration
Migrating to the cloud reduces costs, secures your data, and creates redundancy for your business. Click here to learn more!
Business Continuity & Disaster Planning
Equip your business with a comprehensive emergency plan to prevent cyber attacks. Click here to learn more!
Risk Assessment and Classification
Discover your company's unique risks and analyze what they mean with the help of our Security team members. Click here to learn more!
Architecture Review
Improve your software from a foundational level with our architecture review services. Together, we'll analyze your existing architecture, go over our findings, and make plans for any relevant enhancements.
Managed Infrastructure
With our Cloud Migration services, we seamlessly move your IT assets from an on-premise environment to a third-party cloud provider. Click to learn more!

Technology Used

Logo for technology Angular
Angular
Angular is a platform for building mobile and desktop web applications.
Logo for technology Amazon Web Services
Amazon Web Services
Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services.
Logo for technology Amazon Web Services S3
AWS S3
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance.
Logo for technology Amazon Web Services Lambda used by Midwest Credit Union
AWS Lambda
AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume.
Logo for the technology TypeScript used by Midwest Credit Union
TypeScript
TypeScript is an open-source programming language developed and maintained by Microsoft. It is designed for development of large applications and transcompiles to JavaScript.
Secure Software Development Lifecycle
The SSDLC is Digital Maelstrom's highly comprehensive, continuous method of developing a highly secure application. Click here to learn more!
Java logo
Java
Java is a general-purpose programming language that is class-based, object-oriented, and designed to have as few implementation dependencies as possible.
Salesforce logo
Salesforce
Salesforce.com, Inc. is an American cloud-based software company. It provides customer relationship management service and also sells a complementary suite of enterprise applications focused on customer service, marketing automation, analytics, and application development.
Amazon Web Services Simple Email Service logo
Simple Email Service
Amazon Simple Email Service (SES) is a cost-effective, flexible, and scalable email service that enables developers to send mail from within any application.

Like what you see?

Let’s find solutions