Case Study - American Financial Corporation

SSP Suites Helps Support Large American Financial Corporation’s Security Education Needs

Our client is a national member-owned financial services and payments processing company. Since the company’s founding, they have focused on one mission: strengthening community financial institutions. Their mission is to help their clients succeed by offering the following services: debit card, core, fraud, ATM, merchant, marketing, training, risk, and automated clearing house (ACH).

Building secure software is essential for our client as they build trust and empower their own customers. To enhance the knowledge and skills of their application development teams, they turned to Security Compass for help supporting their organization’s security education needs.

CHALLENGE: Keep developers up-to-date on security standards, knowledge, and skills.

Our client strives to keep their developers up-to-date and informed about the best security practices. As pioneers themselves, our client knows how rapidly technology, standards, and vulnerabilities change. They know they have to enhance their security skills and knowledge just as rapidly. "We wanted to explore a new avenue for delivering training; maybe there is a better way to get deeper knowledge. We have a lot of respect for Security Compass and have used SD Elements for the last eight years," noted the Senior VP of Enterprise Risk and Security. "We knew that partnership was strong and that SSP could provide a new avenue for our teams to develop, gain knowledge, and explore new skills."

The Senior VP of Enterprise Risk and Security also gave some sound advice for other companies who want to build up their developers’ security skills and knowledge. They explained the impact of information security training: "I was a developer and then I was an architect. When I was exposed to more security training, it ignited more interest in me. Now, I am a security guy. The more our developers know, the more likely they are to make good security choices."

SOLUTION: In-depth, up-to-date eLearning suite.

Security Compass’ eLearning helped our client keep their developers up-to-date, so they had the skills and knowledge to make good security choices in their coding. The Senior VP said, "It was beneficial to have folks go through the training to improve their knowledge," and they further explained that developers found the learning challenging but not overwhelming: "they were comfortable with the knowledge they gained and the experience." The Senior Applications Development Manager agreed, "There was a great deal of positive information in the training. It was easy to get through the content from a user’s standpoint." The Applications Development Manager added, "It fit right in with people on my team. Some of the learning was a refresher, and it was more of an overall learning experience for folks who have not worked on front-end applications or do not have a lot of experience with web programming."

BENEFITS: Increased knowledge enables developers to protect clients and partners, building customer trust.

Our client’s developers were very responsive to Security Compass’ eLearning suites, and, with full plates, they found it challenging to take time away to complete training. This is a common issue, and with the interaction of Security Compass’s staff, our client successfully implemented the security training. As they explained, "We had weekly touch points between leadership, and then our managers spoke with our teams. We appreciated the suggestion to include an aspect of benefits and rewards."

Our client invests time, effort, and budget, and in return, they profit; their clients trust the security they build into their offerings. Their leadership proactively invests in Application Security training, and their developers gain knowledge and skills that enable them to protect clients and partners. "Delivering secure applications is an absolute necessity. To achieve this, we need our developers to not only understand the principles of secure application development; we need them to apply those principles consistently. Finding the right avenues to drive deeper knowledge and strengthen those skills is key," said our client, who expressed appreciation for Security Compass’ eLearning suites. Security Compass continues to support our client and provide solutions to achieve their information security goals and build secure applications.

CLIENT: American Financial Corporation SECTOR: Financial Services and Payment Processing TOOL USED: Security Compass icon for ssp Ssp

"Delivering secure applications is an absolute necessity. To achieve this, we need our developers to not only understand the principles of secure application development; we need them to apply those principles consistently. Finding the right avenues to drive deeper knowledge and strengthen those skills is key" Senior VP of Enterprise Risk and Security

"There was a great deal of positive information in the training. It was easy to get through the content from a user’s standpoint" Applications Development Manager

How can we help?