Cybersecurity, Compliance & Managed IT — Built for Industry

TRNSFRM is a US-based cybersecurity, governance, and managed IT firm headquartered in Cleveland and Columbus, Ohio, serving manufacturers, construction firms, automotive dealerships, and healthcare organizations nationwide. Founded in 2008 by Jeff Dennis, we hold 176+ five-star Google reviews from clients who rely on us for compliance, uptime, and protection.

What we do

Industries we serve

Manufacturing (CMMC, ITAR, NIST), Construction (jobsite connectivity, bid protection), Automotive Dealers (FTC Safeguards, DMS security), and Healthcare (HIPAA, PHI protection).

The IT Resilience Framework™

Our proprietary 3-step process — Assess, Build, Transform — moves clients from reactive IT to a measurable, audit-ready security posture.

Locations

Offices in Cleveland, Ohio and Columbus, Ohio; clients across the United States.

Get started

Book a 30-minute discovery call, take our 47-point cyber assessment, or contact us at info@trnsfrm.tech.

    All case studies
    Automotive FTC Safeguards Rule

    How a 6-Location Auto Dealership Group Rebuilt Its Infrastructure, Stood Up a Redundant Hub-and-Spoke WAN, and Hit FTC Safeguards Compliance

    Multi-Location Auto Dealership Group(anonymized)
    Ohio

    A 6-rooftop auto dealership group needed a ground-up infrastructure rebuild to support cross-site DMS access and meet the FTC Safeguards Rule. TRNSFRM designed a redundant hub-and-spoke WAN with failover routing, hardened Microsoft 365, and rolled out MDR and Duo MFA to protect customer financial data across every location.

    How a 6-Location Auto Dealership Group Rebuilt Its Infrastructure, Stood Up a Redundant Hub-and-Spoke WAN, and Hit FTC Safeguards Compliance
    6
    Rooftops on one redundant WAN
    2x
    Circuits per site with failover
    100%
    Endpoints on MDR + Duo MFA
    FTC
    Safeguards program documented

    The Challenge

    Our client, a 6-rooftop auto dealership group, was running a patchwork of site-by-site infrastructure that no longer matched how the business actually worked. • DMS data needed to move cleanly between rooftops, but the network was a mix of consumer-grade circuits, flat LANs, and inconsistent firewalls • Any single circuit outage at a store stalled deals, F&I, and service writeups • Microsoft 365 was deployed with default settings — no conditional access, no MFA, drifted policies, no DLP on customer financial data • Endpoints relied on legacy AV with no managed detection or response • The FTC Safeguards Rule applied to every rooftop, and they had no documented program, no risk assessment, and no qualified individual designated They needed one partner to redesign the network, secure the Microsoft stack, and stand up a real FTC Safeguards program — without slowing down sales, service, or the F&I office.

    Our Approach

    TRNSFRM ran the engagement using our IT Resilience Framework: Assess, Build, Transform. Assess • FTC Safeguards Rule gap assessment across all 6 rooftops, mapped to the dealership's actual data flows (DMS, F&I, credit apps, customer PII) • Inventoried every circuit, firewall, switch, AP, and endpoint at each store • Documented DMS dependencies and cross-site traffic patterns • Designated a Qualified Individual and built the written information security program Build — Redundant Hub-and-Spoke WAN • Designed a hub-and-spoke WAN with the corporate hub as the aggregation point and each rooftop as a spoke • Dual-circuit (primary + LTE/secondary) at every site with automatic failover routing so DMS and core apps stay online during a circuit outage • Standardized next-gen firewalls, switches, and Wi-Fi across all locations with consistent VLAN segmentation (corporate, F&I, service, guest, IoT) • Centralized monitoring and configuration management so policy is identical at every rooftop Microsoft 365 Hardening + Policy Drift Remediation • Re-baselined Microsoft 365 with custom conditional access, MFA, and security policies aligned to FTC Safeguards • Deployed continuous policy drift monitoring and automated remediation so settings stay where we set them • Rolled out DLP and data labeling to protect customer financial information in email, SharePoint, OneDrive, and Teams Endpoint and Identity Security • Replaced legacy AV with managed detection and response (MDR) and 24x7 monitoring • Deployed Duo MFA across VPN, RDP, DMS access, and admin workflows • Hardened privileged access and centralized logging tied to documented incident response procedures • Delivered Safeguards-aligned security awareness training for every employee at every rooftop

    "TRNSFRM treated all six stores like one network. Our DMS stays up through outages, our customer data is actually protected, and we have a real FTC Safeguards program — not a binder we hope no one asks for."

    — Operations Leader, Multi-Location Auto Dealership Group

    The Outcome

    In one coordinated program, the dealership group went from a fragile, store-by-store IT footprint to a unified, redundant, FTC Safeguards-aligned environment. • 6 rooftops connected on a redundant hub-and-spoke WAN with automatic failover routing • Dual-circuit resilience at every store — DMS access stays up through circuit outages • Microsoft 365 hardened with conditional access, MFA, DLP, and continuous policy drift remediation • MDR and 24x7 monitoring deployed across all endpoints; legacy AV retired • Duo MFA enforced on VPN, remote access, and privileged workflows • FTC Safeguards Rule program documented end-to-end: risk assessment, written program, Qualified Individual, training, and incident response • Sales, service, and F&I keep moving even when an ISP doesn't

    Services Delivered

    • Cybersecurity Operations
    • Governance & Compliance
    • Managed IT
    • vCIO

    Book Your Strategy Call Today

    No pressure. No sales pitch. Just a conversation with an expert to map out your risks, gaps, and next steps toward compliance and security.

    30 minutes. No NDA. No sales pitch. Walk away with a written risk snapshot — or we'll send you a $50 Amazon gift card.

    Not ready to book? — free, 2 minutes.

    Call Now