Sheetz

Overview

Sheetz—a large, family-owned convenience store chain in the mid-Atlantic region—needed a robust information security strategy to protect the financial information of its customers. As a retailer that sells everything from candy bars to fresh food to gasoline, Sheetz is a convenient one-stop shop for millions of consumers. The company brought in Accuvant to help secure remote management of its POS system - spread across 365 retail locations - and eliminate vulnerabilities in its corporate network. As a result, Sheetz is able to enforce a consistent and robust information security strategy that helps it protect its customers’ financial information.

Business Challenge

“The customer is king” is more than a cliché at Sheetz. It’s a company mantra. Since the opening of its first convenience store more than 50 years ago, the Sheetz family has made quality customer service its top priority. As Sheetz continues to grow—365 locations in six states and counting—the company’s leadership has taken steps to ensure this core value continues to be upheld, implementing a centralized, top-down organizational structure to ensure a consistent customer experience. From providing a safe and clean place to shop or a convenient gas stop between work and home, Sheetz employees do everything they can to make the customer experience as pleasant as possible.

“At Sheetz, our commitment to customers means everything to us,” said Robert Kemp, manager of IT security for Sheetz. “We want to make sure people are comfortable shopping in our stores, and we’ll do whatever it takes to make them feel secure.”

For Kemp and his team of information security professionals, this means securing the credit card transactions the company conducts each month and ensuring that customers’ financial information doesn’t fall into the wrong hands. Not only would a data breach break the trust the Sheetz family has built with millions of customers in hundreds of communities, it would expose the company to lawsuits, noncompliance hearings and bad PR.

“All it takes is for someone to accidently download some malicious code and the entire network becomes vulnerable,” said Kemp. “We knew how important it was that we develop a robust information security strategy that we could implement across the entire company. Our reputation as a customer-focused company depended on it.”

Selection Process

To protect customer data, Sheetz wanted a web filtering and secure remote connectivity solution. Based on a previous, positive experience with the company, Kemp reached out to Accuvant to assist with the project.

“Our account manager was someone I immediately trusted,” said Kemp. “She sat down with my team, listened to our needs and recommended appropriate solutions that fit with what we were already doing. She took the time to understand our business, something not a lot of consultants take the time to do.”

Solution and Benefits

Accuvant worked closely with Sheetz to understand their security goals before identifying a web filtering solution they believed would outperform competitors’ solutions during a product bake-off. Once the solution was confirmed, the next step was to deploy a remote access IT management solution that gives administrators the ability to maintain the company’s POS systems remotely from a central location. This allows them to proactively update and secure the systems while achieving greater visibility when resolving help desk issues. Then, Accuvant deployed Web filtering appliances that analyze Internet surfing habits of employees throughout the company, identifying and blocking any inappropriate or illegal activity that could lead to vulnerabilities in the security network.

“Given that our data and IT infrastructure are spread out and our IT staff is quite small, we needed a solution that would make an immediate impact but allow us to quickly and efficiently scale as we continue to grow,” said Kemp. “We tackled potential vulnerabilities within the network, providing additional layers of security for where the data is stored and accessed.”

A secure remote connectivity solution connects administrators with POS systems in each retail location. Basic tasks like resolving help desk issues can be done remotely, ensuring that the systems are running optimally without having to staff on-site administrators. At the same time, a Web filtering solution automatically analyzes employee access to the Internet. Administrators can block inappropriate Web sites, delete spyware and cut down on gratuitous audio and video streaming. By strictly enforcing the company’s security policies, Sheetz can prevent both malicious attacks and inadvertent security issues before they occur.

As a result of Accuvant’s complete solution, Sheetz now has greater visibility into its network, giving it the tools, resources and means to enforce its security policies and protect customer information. The risk of data breaches is greatly reduced, assuring customers that their financial data is safe and giving them the green light to spend freely when they shop at Sheetz. Sheetz has also improved its compliance with PCI requirements, further reducing the risk of lawsuits and fines. The proactive approach has also improved IT efficiency and saved valuable resources, allowing a smaller team of administrators to monitor, maintain and secure more end points. Field staff no longer needs to be fully-trained network engineers, instead relying on expertise consolidated at the company’s headquarters. In addition, resources can be redirected from rebuilding infected machines to more proactive, revenue-generating projects.

“Accuvant positioned the appropriate product solution sets and implementation services based on our experiences and environment,” said Kemp. “Their approach made sense and as a result, we now benefit from a solution that gives me confidence our customer data is secure.”

business CHALLENGE:

As Sheetz continued to grow in size and geographic scope—365 locations in six states and counting—the company needed a more robust information security strategy that would secure payment card data while making IT administration of remote systems more efficient.

solution:

Accuvant implemented a remote IT management solution, giving Sheetz administrators secure access to Point-of-Sale (POS) systems in each retail location. Accuvant also applied a Web filtering solution that automatically monitors Web surfing habits of employees, ensuring they aren’t looking at illicit content, eating up valuable bandwidth or exposing the company to vulnerabilities. Administrators can now monitor, audit and control the entire network, securing IT infrastructure while protecting sensitive customer information.

benefits:

Customer financial information is protected
Sheetz is in compliance with Payment Card Industry (PCI) requirements
IT security management is streamlined, centralized and standardized
IT resources and staffing are saved, leading to efficiency and cost savings

Services	Approach	Results	News & Events	Company	Contact Us
Accuvant Labs	Real World Solutions	Vertical Industry Solutions	Press Releases	Executive Team	RSS
Risk & Compliance Services	Focused on the customer	Videos	In the News	Advisory Board	Twitter
Solution Services	Three Pillars of Success	Awards & Recongitions	Upcoming Events	Industry Recognition	Blog
Federal Solutions			Blog	Careers	Linkedin
					Facebook
					Privacy Policy
					Site Map