When they needed a security assessment to meet the requirements of the Google Partner Security Program, Aspire came to Bishop Fox. Bishop Fox evaluated their application, Azure environment, and external perimeter. As a result, the Aspire team satisfied Google's requirements.
Since 2013, Aspire has been a leading end-to-end business management solution for landscaping and snow removal companies. Aspire’s software integrates all the various functions a contractor needs in one place—from estimating, scheduling, purchasing, and production, to invoicing, payroll, and finance.
Backed by private equity and recently acquired by ServiceTitan, this past decade has been one of rapid growth for Aspire. They have expanded their customer base to include more than 39,000 users in 800 different locations. Aspire is also featured on the Inc. 5000 list of the fastest-growing software companies in the United States and the 250 most successful companies in the Midwest.
Aspire came to Bishop Fox because they needed a security assessment to be officially recognized by the Google Partner Security Program. The Aspire application integrates with Gmail (as well as other email clients like Microsoft Outlook) and many users rely on this feature for scheduling and business operations. Therefore, Aspire needs to meet certain security requirements set by Google to confirm that they are securely handling Google user data. Bishop Fox is one of a handful of security vendors who have the official Google approval to participate in this program. Google first introduced this mandatory assessment in 2019, and Bishop Fox has evaluated more than 200 organizations against the established criteria since then.
To kick things off, the Bishop Fox team evaluated Aspire's self-assessment questionnaire (SAQ), which provided insight into their existing security practices. The Bishop Fox team identified key areas of focus and included those in their scoping exercise. Up next was an in-depth security assessment of the Aspire application, external perimeter, and Azure cloud environment to ensure they met the Google requirements.
During the initial engagement, Bishop Fox walked through the focus areas needed to satisfy Google’s requirements. The Bishop Fox team shared actionable suggestions for fixing security issues they identified to guarantee Aspire’s acceptance into the program. The Aspire team worked quickly to remediate all high-risk security issues discovered during the assessment, which not only helped them comply, but shored up their security profile overall. They were able to address one of their more urgent issues in a two-day period, ensuring that their organization and customers weren’t exposed to any unnecessary risk.
"The Bishop Fox assessment really helped us evolve our security processes. We grew quickly from a small organization, quadrupling over a year, and the guidance we received from Bishop Fox helped us prioritize certain areas and quickly get a phased security enhancement plan in place. This assessment was a great step forward in evolving our program to scale to our needs for the coming year."
— Dan Blake, Chief Technology Officer at Aspire Software
The Bishop Fox team worked with Aspire to meet the mostly remote conditions of their workforce.
"We are a cloud-only company. Nearly everything is in the cloud. That positions us in a unique situation – there are some Google requirements that are difficult or almost impossible to comply with in this particular environment. Bishop Fox was flexible and understanding about this situation and helped us find a way to ensure the security of our users and environment without burdening our employees."
— Dan Blake, Chief Technology Officer at Aspire Software
Regarding the overall engagement with Bishop Fox, Dan recalled that it was a “smooth and well-managed experience and the team was incredibly responsive.”
"Aspire was very eager to fix the issues we found and learn about ways that they could improve going forward. This showed us that they really care about building security into future features and updates – and not just passing the assessment."
— Matt Schafnitz, Program Manager at Bishop Fox
Aspire continues to focus on protecting customer data and building an agile security program that scales with the growing team. The team is confident that they have moved beyond passing the Google and other application assessment requirements to incorporating a more rigorous testing process into their program.
Bishop Fox helped the Aspire team discover ways to improve their internal processes and implement strong security controls across their applications and environment. By partnering with Bishop Fox, Aspire achieved the right balance of a secure environment and Google integration authorization as well as the confidence to keep moving their burgeoning security program forward.
"We’re working toward our evolutionary security goals and continuing to level up our security program. Working with Bishop Fox helped us get that vision in place."
— Dan Blake, Chief Technology Officer at Aspire Software
Aspire Software offers a business management system built specifically for companies in the landscape and snow/ice industries. Aspire makes a real difference in customers’ lives with a cloud-based platform that offers the end-to-end functionality contractors need to gain full visibility into their business, make better decisions, and increase profit margins.
Trusted by more than 39,000 users in over 800 locations to manage nearly $3 billion in landscape-industry revenue, Aspire is the #256 fastest-growing software company in America (Inc. 5000). Based in Chesterfield, MO, the company is ranked #9 on the 2020 St. Louis Business Journal Fast50 list.
Gravity-Defying Security: An Apollo.io Story
Apollo selected Bishop Fox to perform a Google Security Assessment to evaluate the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as conduct a review of its responses to Google’s required self-assessment questionnaire (SAQ).
John Deere Digital Security Journey: Securing Products Against Cyberattacks
To help ensure John Deere products are ready to withstand security threats, John Deere chooses Bishop Fox's Cosmos platform and product security reviews.
August: Built-in Security in IoT Devices
This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.