MindSource provides fixed-bid and managed services for Fortune 500 and mid-sized companies. Case Studies from sample recent projects are shown. We value the confidentiality of our clients and have omitted their names in the case studies. We happily provide excellent references on request.

Information Technology Infrastructure

Managed Services Contract for a fortune 100 software company.
MindSource delivered a fixed-bid project for the management of over 400 Unix servers supporting 2,000 users world-wide. The hardware engineering group had an established IT infrastructure in which the systems and processes had become fragmented from reorganization over the previous 24 months. This project included the implementation for DNS and Mail overhaul combined with a team of eight operations support staff. During a period of more than one year, we were responsible for the upgrade and reconfiguration of all core systems and for the installation of monitoring applications.

OS upgrade for over 2,400 Mac OS X systems for a leading biotech company
Our client required OS X Unix Macintosh system upgrades. We created and tested an implementation plan and managed a team of 18 technicians to deliver the upgrades and support, meeting very high required quality standards.

Compliance remediation services for a world-wide leader in electronics
Our client had thousands of users at remote sites with mail and DNS servers which were insecure and unreliable, requiring a re-work of complex email and spam systems. We performed site evaluations and organized planning sessions between four IT groups to arrive at a consensus. Over a period of four months, new email servers were brought on-line, redundancy was introduced, and security issues resolved.

Management Network Interface Design for a world leader in high capacity disk storage systems
Our client requested design for over 200 routed devices supporting 1,000 servers worldwide. They had not been able to validate proof of concept and were up against a tight timeline for roll-out of major network modifications. We architected a solution which met security and production requirements. They installed the MindSource architected solution globally and met timing needs for data center deployments.

LDAP architecture services for a provider of cellular telephone software
Our client required integration of custom LDAP with IBM WebSphere. They had purchased a complex IBM clustered web server farm, but the servers could not be configured to operate. We conducted a site evaluation and determined that errors stemmed from a customized LDAP server and the clustering design. As with other projects, we completed the engagement ahead of schedule, in less than 90 days, turning a potential business nightmare into a success story.

Data Center audit for a world leader in computer security software
Our client had to re-focus the long-term plan for a 10,000 square foot data center with 900 high availability systems. A baseline analysis of existing status combined with a roadmap for future growth was required. We conducted a series of site evaluations to identify needs. We then delivered reports which ended up fundamentally changing the long term planning and expansion.

LDAP scoping effort for an online provider of retail information services
Our client had a dozen remote sites that were not functioning because of an overgrown active directory and DNS architecture. We created diagnostic utilities that fed benchmark tests. We provided a clear roadmap for migration and project roll-out.

Compliance remediation services for a world wide leader in plastics and adhesives
Four sites in Europe and Americas required a consolidated log monitoring process. We designed a monitoring application, specified deployment for Sarbanes-Oxley log monitoring, and then completed remediation.

Software Development

Database development efforts for a major provider of PC software
Client had requirements for rapid deployment of new SQL application, consisting of over three terabytes of data in several geographic regions. We deployed an architect to rework schema, and two full time Oracle database engineers to complete the development in six months.

Software productivity tools enhancements for a Fortune 100 networking company
Our client required integration services for third party applications to a distributed Oracle Database. We created specifications and managed an RFQ to purchase the third party licenses. We implemented this across HR and MFG modules by writing a custom web application written in Java.

Compliance: Sarbanes-Oxley (SOX)

Policy and Procedures Documentation for a provider of Metropolitan Area Network solutions
Our client needed numerous IT policies and procedures written to comply with SOX. We performed compliance audit scoping, conducted extensive interviews, and authored and revised dozens of IT policies and procedures.

SOX scoping effort for a provider of retail purchasing services
One of the top 20 visited websites required an understanding of the level of effort required for achieving SOX compliance, with particular focus on change control. We performed compliance audit scoping and created a roadmap. Our full project scope report included a high-level gap analysis and detailed resource requirements.

SOX scoping effort for a provider of retail purchasing services
Our client required an extensive general computer controls effort impacting hundreds of users. We created a program for adoption of general computer controls, delivering General Computer Control procedures documents and training.

SOX 404 IT Internal Audit for a public regional commercial bank
Our client required readiness assistance for SOX 404/IT compliance. We provided scoping, gap analysis, and controls testing. We identified numerous gaps and provided remediation strategies to achieve SOX compliance.

SOX External Audit for a public regional commercial bank
We collaborated with a CPA firm partner for external audit of IT controls. We tested those SOX IT controls, revised sampling procedures, and provided an Audit Report.

SOX security audit for prominent networking company
Our client needed to have a security assessment performed for SOX compliance. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts. We located several security holes and advised our client on resolution, creating policy guides and COSO references as required.

Compliance: Gramm-Leach-Bliley (GLB)

Policy and Procedures Documentation for a leading provider of online mortgages
Our client needed to develop and document a GLB-compliant information security program. We performed extensive interviews with management and subject matter experts, and then created a complete program to exceed government GLB requirements.

GLB Compliance Assessment for a private regional commercial bank
Our client needed a GLB compliance and security assessment to prepare for an OCC audit. We conducted the assessment of technical and organizational security measures, identified numerous risk issues, and created a compliant solution, including training.

GLB Compliance Assessment for a venture capital firm
Our client required a GLB compliance and security assessment to prepare for an audit. We conducted the assessment of technical and organizational security measures, identified multiple security issues, and assisted in resolving crucial compliance issues.

Product Development Consultation for a leader in electronic document solutions
We utilized our SOX compliance subject matter expertise to help define a new strategic direction for product development. Our understanding of compliance nuances and their impact on business and IT contributed to product development and marketing.

Enterprise Security

Perimeter Security Assessment for a provider of commercial laser products
The incoming CIO required an assessment of the company's baseline security posture. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts, identifying several large security holes and assisting our client in problem resolution.

Perimeter Security Assessment for a leading global provider of networking and security products
Our client had recently acquired a prominent network security company and needed to assess the company's Internet-facing security. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts, identified numerous vulnerabilities, and established a baseline for future audits.

Perimeter Security Assessment for a provider of outsourced sales and marketing services
Our client had not conducted a security assessment for several years. We performed a suite of specialized perimeter assessments, with the results to be utilized for marketing purposes. This also established a baseline for future audits. Our client required a current security assessment to be used for marketing purposes with their major enterprise customers. Our specialized perimeter assessment also established a baseline for subsequent audits.

Perimeter Security Assessment for a worldwide leader in plastics and adhesives
The incoming CIO of our client required an assessment of the baseline security posture, the company not having conducted a recent perimeter assessment. We conducted a blind audit of Internet visibility and exposure followed by intrusion efforts. We located and assisted in resolving several security holes.

Comprehensive Security Assessment for a leading apparel manufacturer
Our client needed a comprehensive security audit, including a focused assessment of the high-volume online store. We conducted an assessment of internal and external technical security measures, identified multiple security issues, and assisted our client in resolving them.

Comprehensive Security Assessment for a biopharmaceutical research firm
Our client needed a comprehensive security assessment to meet regulatory guidelines. We conducted the assessment of technical and organizational security measures, identified multiple security issues, and assisted our client in resolving the problems.

Comprehensive Security Assessment for a provider of biotechnology research and products
Our client needed a comprehensive security assessment before product roll-out. We conducted an assessment of technical and organizational security measures. We identified database security issues and assisted our client in resolving those critical vulnerabilities that needed immediate attention.

Periodic Security Monitoring for a global plastics company
Our client required a periodic third party review of network intrusion logs. We installed a network IDS and provided weekly reports of suspicious activity.

Specialized integration services for a Fortune 100 company
Our client required a number of productivity tools to provide project status reporting, real-time tracking of tasks, and IP telephony management. Our software engineering staff undertook this perl development project which consisted of over 1,000,000 lines of perl. This effort helped our client shorten its product development cycle by 30%.

External network monitoring system for a Fortune 100 networking company
Our client needed extensive application level changes to a world-wide external network monitoring system. Our engineers created robust and portable applications which interfaced with legacy databases while allowing for future extensions. MindSource was brought back for future expansion efforts, projects which lasted three years.

HIPAA compliant data migration utilities for a world leader of Oncology Systems
Legacy medical equipment was incapable of interchanging patient information to newer billing systems. We provided a top-down solution and developed internal standards for data migration. Dozens of oncology centers throughout the US are now capable of reliably exchanging patient information.

REQUEST INFORMATION