Dallas-based Media Defined spent more than a decade building a Learning Management System (LMS) that companies like McAfee and Honeywell now rely upon to efficiently and thoroughly train their extended enterprises. The NetExam LMS is delivered according to the software-as-a-service (SaaS) business model, whereby customers can access and integrate it across their extended enterprise.
NetExam users access the system from more than 100 countries around the world; therefore, speed and reliability are business critical for Media Defined. In addition, customers often redistribute the company’s training modules to their own customers—a process that can involve payment transactions.
With customers’ trust and sensitive data on the line, Media Defined looked to ControlScan as an expert provider of unified security and compliance solutions. The ControlScan team worked with Media Defined to secure its processes and validate its PCI compliance. At the same time, Media Defined implemented the ControlScan Web Application Firewall service to streamline its content delivery for more efficient operations and an optimal customer experience.
The old adage “the customer is always right” couldn’t be truer when it comes to the software industry. The primary benefactors of any software’s features and functionality are its end users, and it’s those end users who determine the software’s success as well as the direction it takes in terms of development.
Founded in 2004, Media Defined has become the go-to provider of Learning Management for the extended enterprise. The company’s proprietary solution, NetExam, undergoes a major version update four times per year as the technology marketplace rapidly advances and customers’ needs correspondingly expand.
“NetExam is designed and delivered according to the evolution of our customers’ business needs,” said Himansu Karunadasa, chief technology officer, Media Defined. “Because of this, the software’s functionality involves much more than training course delivery.”
Delivering NetExam to a global marketplace requires the highest degree of speed, efficiency and connectivity. But security can’t be an afterthought; it has to be “baked into” the NetExam product as well as the network of information technology and processes supporting it. What’s more, in-application payment functionality means Media Defined is further obligated to comply with the Payment Card Industry Data Security Standard (PCI DSS).
“We did not want to go through this exercise by ourselves,” said Karunadasa. “Our expertise is in LMS, not PCI; it just made sense to partner with PCI experts for that process.”
The security and compliance experts at ControlScan worked side-by-side with Karunadasa and his team to thoroughly evaluate Media Defined’s IT security posture against the requirements of the PCI DSS. During that time, Karunadasa was surprised to learn that ControlScan offers a web application firewall (WAF) service powered by Incapsula.
“ControlScan’s ability to conduct the PCI assessment and simultaneously install and configure the WAF was a big accomplishment,” Karunadasa said. “Plus, ControlScan can now serve as a single resource for ongoing PCI and WAF management, which makes a lot of sense for our business.”
ControlScan first validated Media Defined as PCI Compliant in March, 2012. Since that time, ControlScan has continued to validate compliance as well as manage the company’s web application firewall. Along with providing an additional layer of security for NetExam, the ControlScan WAF service includes a Content Distribution Network (CDN) that has significantly improved the speed at which NetExam content is distributed among the myriad countries served.
“We’ve noted a dramatic increase in content delivery speed since implementing the ControlScan WAF service,” Karunadasa said. “The CDN allows us to quickly distribute content to places like Australia, Asia and Europe, while also blocking out traffic from areas we don’t serve.
“Working with ControlScan allows us to focus solely on our core business knowing that we and our customers are protected by a PCI-certified solution and supported by a dedicated team of security and compliance experts,” Karunadasa concluded.