Making the Impossible Possible in Cyber Security

How Ascendle Solved a Customer Satisfaction Roadblock

When a Revolutionary New System Fell Short

The Cyber Security division of a Fortune 100 company launched a new product and initially, customers were thrilled. The product addressed a common vulnerability in secure industrial plants: safely transferring files in areas of the plant without internet access. These “air-gapped” areas lacked connectivity for security reasons, but faced additional threats since insecure thumb drives were often used for file transfers.

“The absence of a customer-facing cloud-based portal was threatening sales of an otherwise successful product.”

The company aimed to solve this vulnerability by developing a system consisting of two parts. First, a hardened device outside the air-gapped secure area would scan every thumb drive for malware, then stamp it with a security signature. Next, they installed specialized software on every computer inside the air-gapped secure area to disable the thumb drive unless it carried the security stamp. This process made thumb drives readable at the plant, but non-readable outside the plant, unless the thumb drive was “checked out” at the device after use.

While this system initially surpassed all client expectations, there was one significant roadblock to success.

An Inefficient and Inconsistent Customer Experience

The device had a cloud-based back end to process and record information, but a very minimal user interface. In fact, the only user interface the device had was to show how to plug in the USB drive. This left no option for customers to see what thumb drives had been scanned or the status of scanned drives.

Without this option, customers had no way of knowing if there was a suspected threat or even if the device was working properly. In order to receive a report on activity, customers had to contact the company to open the database directly to manipulate data and download records. Not only was this tedious and time consuming, but it led to inconsistent reporting and data entry errors.

The company envisioned an innovative solution: building a cloud portal for customers to be able to see records of the data and manage it on their own. However, since their developers were already consumed with the core product, they didn’t have enough bandwidth to tackle such a significant new project. Plus, they needed to call on additional expertise to write the commercial-grade web application their customers were requesting.

That’s where Ascendle came in.

A Vision For Solution

In December of 2017, a partnership between the company and Ascendle officially began with a strategy engagement. After talking through a vision for the solution, we created user stories to manage the software requirements. Using a prototyping tool called InVision, we developed a user interface visual mockup that utilized the company’s corporate standards and style guidelines.

Six weeks later, we concluded the strategy engagement phase with a clear software development plan and a clickable prototype for the application. Now that we knew exactly what we were going to build and what aspects were most important to the client, we were able to clearly prioritize as we entered the software development phase.

A Shippable Product Within Weeks

In March of 2018, development on Version 1.0 began. Since this was the client’s first experience with utilizing a software development partner to build a customer-facing application, we wanted to make sure they were comfortable with the process and results. The initial engagement was set for 16 weeks with the goal of creating a minimum viable product (MVP).

At Ascendle, we utilize two-week Scrum sprints. During the very first sprint, we produced the basics of the application, including key portions of the homepage. Not only was the application real and functional, but we tied it into the client’s cloud database to include demonstration data. Each following sprint, we added more and more functionality.

After the first three sprints, the client was shocked to discover they had a shippable product. Rather than showing them an approximation of what the application would look like when complete, we showed them the fully coded, tested and reviewed, bug-free version.

“A high-quality solution, implemented quickly and efficiently.”

Not only did we demonstrate the completed features, we provided them their own private demo environment, where we deployed the product at the end of each sprint. They had the ability to take the shippable product for a test drive themselves, every two weeks. This was immensely powerful, as it allowed them to show off the product to internal stakeholders and even demonstrate it to prospective customers. This both let them solicit feedback as well as drive more sales.

Before the initial engagement was even halfway complete, the client renewed our contract and we continued development of the product. We completed version 1.0 in July of 2018 and, as of July 2019, have started development on a fourth version.

Making the Impossible Possible

“We built a portal that not only worked within weeks, but was ready to be shipped.”

From the very start, the client thought they were envisioning a solution that couldn’t possibly be completed in the established timeframe — but Ascendle made it possible. Not only that, we delivered on time and on budget. Thanks to the transparency of the Scrum process, the client always knew what was completed, what was in process and what remained.

Most importantly, the solution answered a key customer complaint and led to greater satisfaction of the client’s existing customers, as well as aided in new sales. The client shared with Ascendle that more than once, the availability of the cloud portal has seemingly been the difference maker in customer purchasing decisions.

A Continuous, Innovative Partnership

Beyond the tangible results of the successful cloud portal, this engagement has also led to a long-term, collaborative partnership. Since we understand the client’s business so well, we’ve been able to provide more than outsourced software development. For example, we saw an opportunity to use artificial intelligence in the product for advanced threat monitoring. On our own time, we created a proof of concept to present to the client. They loved the idea and were impressed we were able to fully realize an innovation they had been discussing internally. One of the client stakeholders remarked, “We’ve been talking about this for a year, and Ascendle just went ahead and did it.”

Further, the client has adopted many of our processes and requested that we share our knowledge and approach for world-class software development with additional teams within their company.

Primary Technologies Used

Development

  • Microsoft ASP .NET Core 2
  • Microsoft Identity Core
  • Microsoft Entity Framework
  • Angular 5
  • Prime NG

Testing

  • NUnit
  • NSubstitute
  • Jasmine/Karma
  • Postman
  • BrowserStack

Cloud

  • Azure App Service
  • Azure SQL Database
  • SendGrid

DevOps

  • Git Hosted on Bitbucket
  • Git Flow
  • Bitbucket Pipelines
  • Azure Continuous Deployment

General Tools

  • Jira
  • Confluence
  • InVision