Case #1: Turning an $8M PCI project into $2M

Business Problem: When it came time for this Texas electric utility to take PCI compliance seriously, the initial quotes from some of the top vendors in the IT Industry provided quotes exceeding $8M.  The Board of Directors rejected the dollar amount for the PCI compliance effort and told the business units to find a more reasonable price tag and better solution. 

Timeframe: 9 months on-site
 

Budget: $2M
 

Biggest Project Shortcomings: Another project took down the SAP system and lost all resources for over a week.  Experienced one hurricane warning and experienced hurricane Ike on the last day of the project.  In addition, the vendors that pitched their PCI solutions did not work for SAP tokenization after a technical analysis and proof of concepts were tested.
 

Biggest Project Risk: No SAP tokenization solution worked, and the team had to invent PCI tokenization for SAP.  Had over six significant purchases that had no budget, because of internal communication challenges.
 

Business Solution: Performed a business/technical analysis comparing encryption to tokenization as the technology platform that needed to integrate with SAP.  Determined tokenization would be the better solution since it could reduce scope, cost, and timelines, but no solution existed.  One company we found had credit card encryption for SAP, but no tokenization solution.  We entered into a joint development agreement to invent SAP tokenization.  While the tokenization product was being invented, we had to remediation in 50+ areas of PCI findings.  We took all the findings and broke them down into "mini-projects" and started every project on day one to "fast-track" the project.  Every "mini-project" had a schedule and budget whereby if we were over budget in one area, we could compensate with another "mini-project" not using all the budget to balance the project schedule and budget.
Turned focus inward to company realizing some of the best talent was in-house and worked with management to remove traditional barriers that needed to follow a political hierarchy.  Worked hard to increase isolation from daily company problems and let the team design an SAP solution with minimal interference.  Other managers wanted to micro-manage aspects of the project, but politically influenced those managers to leave the team alone.  This resulted in incredible progress that let the team members be creative and the project took a life of its own with immense innovation and  did not interfere with the enterprise.  Every step of the project had layers of redundancies to ensure each "mini-project" and project task executed with precision.  The project did not experience any mishaps for over 9 months during the course of the project.
 

Business Results: Saved company $7M, produced a new SAP product that resulted in free licensing of tokenization product that resulted in on-going software license savings, came under our $2M budget by $225K, finished on the last day as planned, went live the day before Hurricane Ike, labeled by the executive management team as the best project the company has seen in its 20+ year history.  Checked with client a year later and the PCI tokenization for SAP has not had any failures.

 

     

 

      2012 ConnectTech, LLC All rights reserved

      Privacy Statement

Read our Business Cases with how we have helped customers

Case #1: Turning an $8M PCI project into $2M

Case #2: Past Mergers & Acquisitions prevented PCI compliance

Case #3: Email link installed malware to hijack bank account credentials

Case #4: Global ecommerce company cannot upgrade credit card database

Case #5: Re-architecting an enterprise to avoid a $30M PCI project

Case #6: 3,000 source code vulnerabilities and PCI compliance in 30 days

Case #7: Entertainment company loses credit cards over wireless

Case #8: Critical business opportunity with MasterCard and gift cards

Case #9: $55M Airline data center migration with PCI

Case #10: Making money with PCI packaged solutions