Client Case Studies
Real problems. Real solutions. Real outcomes. Here's what it looks like when Toledo and Northwest Ohio businesses partner with Flyght to solve their most pressing technology challenges.
A Northwest Ohio Manufacturer Stopped a Ransomware Attack Before It Reached the Production Floor
A mid-size manufacturer in the Toledo area had grown their IT infrastructure organically over 15 years — a mix of aging servers, legacy PLCs on the production floor, and a flat network where everything could reach everything else. When they brought us in for an assessment, we identified that their IT and OT networks were completely unsegmented. A phishing attack on any office workstation would have had a direct path to their production controls. Six months later, our MDR service detected exactly that kind of attack — a compromised email account being used to probe their network at 11 PM on a Thursday.
We implemented proper IT/OT network segmentation using next-generation firewalls, isolating production equipment from business systems. We deployed MDR with 24/7 SOC monitoring across their entire environment. When the attack was detected, our SOC analysts isolated the affected workstation within minutes, revoked the compromised credentials, and contained the threat before it reached any production systems. The plant ran normally the next morning.
Zero production downtime. The attack was contained to a single workstation. Post-incident forensics confirmed the attacker had been in their environment for 11 days before our system detected their lateral movement attempts. Under the previous flat-network architecture, the consequences would have been catastrophic.
"We thought we were too boring for hackers. Flyght proved us wrong — and then made sure we were actually protected."
Operations Director, Northwest Ohio Manufacturing
A Toledo Dental Group Became HIPAA-Compliant and Cut IT Costs 30% Simultaneously
A growing multi-location dental practice in Toledo was operating with a patchwork of IT systems accumulated over a decade of expansion. Each location had been set up independently, patient data was stored in multiple places with inconsistent backup, staff were sharing login credentials, and nobody had conducted a HIPAA risk assessment in years. An upcoming HIPAA audit from their billing compliance team triggered a serious conversation about their technology posture.
We conducted a comprehensive HIPAA security risk assessment and documented every gap. Then we systematically addressed them: implemented individual user accounts with role-based access across all locations, deployed encrypted backup with offsite storage meeting HIPAA's required safeguards, configured email encryption for any PHI transmitted electronically, installed access control systems on rooms where patient records were stored, and established a documented incident response plan. We also standardized their IT infrastructure across locations so all sites ran on the same managed platform.
The practice passed their HIPAA compliance review. Total IT spend actually decreased by approximately 30% compared to their previous patchwork approach of multiple vendors and break-fix service — the standardization eliminated redundant costs and reactive charges. Patient data is now protected with documented, auditable controls across all locations.
"I didn't realize how exposed we were until Flyght walked us through the assessment. The fact that we reduced our IT costs while fixing all of it was a genuine surprise."
Practice Administrator, Toledo Multi-Location Dental Group
A Toledo Law Firm Moved Offices Without Losing a Single Billable Hour
A 25-attorney law firm in downtown Toledo was relocating to a new office space — a move that had paralyzed their previous IT provider, who quoted a 2-week downtime window for the transition. The firm had trials scheduled, active deals closing, and no tolerance for extended downtime. Their previous MSP had also left their network documentation in shambles, which made planning the migration more complex than it needed to be.
We took over the account and immediately began documenting their environment while planning the move in parallel. We pre-configured all network equipment at our facility before move-in day, staged new workstations with a standard image, and coordinated structured cabling and phone system cutover with the building contractor. We executed the actual move over a long weekend: Saturday morning to Sunday evening. By Monday at 7 AM, every workstation, every phone, every shared printer, and every client application was running at the new location.
Zero downtime. Staff arrived Monday morning and everything worked. Their phone numbers were ported seamlessly — no clients experienced a gap. The structured cabling installation was done cleanly, conference rooms were fully equipped with new AV systems, and the network was properly segmented and documented for the first time in years. The firm has remained a Flyght client since the move.
"Our previous IT company said two weeks of downtime was unavoidable. Flyght did it over a weekend. We didn't miss a single billable hour."
Managing Partner, Toledo Area Law Firm
A Northwest Ohio Credit Union Passed Its NCUA Exam After a Failed Prior Audit
A community credit union serving roughly 12,000 members across Northwest Ohio had received a Document of Resolution from their NCUA examiner the prior year — multiple findings across access controls, vendor management, incident response, and patch management. Their previous IT vendor handled break-fix support but had no real cybersecurity practice and no understanding of the specific controls examiners look for. The board was facing escalating regulatory pressure and the CEO needed a partner who could speak fluently to both technology and the GLBA, FFIEC, and NCUA frameworks they were measured against.
We started with a full FFIEC Cybersecurity Assessment Tool review and mapped every gap to the prior exam findings. From there we rebuilt their access control model around least-privilege and quarterly access reviews, deployed MDR with logging retention that met examiner expectations, formalized a written information security program with board-approved policies, implemented a documented vendor management process with annual SOC 2 reviews of critical providers, and stood up a tested incident response plan with tabletop exercises. We also took over patch management with documented monthly reporting the examiner could review on demand.
Twelve months later the credit union passed their follow-up NCUA exam with no new findings and full closure of the prior Document of Resolution. The examiner specifically noted the quality of the documentation and the maturity of the incident response program. Cyber insurance premiums also dropped at renewal because the carrier could verify the controls in place.
"The last exam felt like an interrogation. This one felt like a conversation. Flyght gave us answers — and the documentation to back them up."
CEO, Northwest Ohio Community Credit Union
A Toledo Nonprofit Cut IT Costs in Half by Moving to Microsoft 365 Nonprofit Licensing
A Toledo-based nonprofit serving families across Lucas County was running a five-year-old on-premise Exchange server, an aging file server, and a per-seat Office license model that nobody had reviewed in years. They were paying for full-price Microsoft licensing despite qualifying for substantial nonprofit discounts, their email server was out of warranty and increasingly unreliable, and their 35-person staff — split between an office and several program sites — had no real way to collaborate on documents remotely. Every dollar spent on IT was a dollar not going to programs, and the executive director needed a path that lowered cost without sacrificing reliability.
We enrolled the organization in Microsoft 365 Business Premium through the nonprofit grant and discount program, which dramatically reduced their per-seat licensing cost while actually upgrading their security tooling. We migrated their Exchange mailboxes and on-prem file shares into Exchange Online and SharePoint with a folder structure designed around how their program teams actually worked. We decommissioned the aging on-prem servers, deployed Intune for device management across both office and remote staff, and enforced MFA across all accounts. We also set up a donor-data handling policy and trained staff on safe handling of constituent information.
Total annual IT spend dropped by roughly 50% once licensing, server maintenance contracts, and reactive support charges were combined and compared. Staff at program sites can now work from any device with the same access they have in the office. The nonprofit redirected the savings into expanding their direct services, and leadership finally has a clear, predictable IT budget line they can plan around.
"Every dollar we save on IT is a dollar that goes back to the families we serve. Flyght treated that like it mattered — because it does."
Executive Director, Toledo Area Nonprofit
Case Study FAQs
Are these case studies based on real Flyght clients?
Yes. Each case study describes a real engagement with a Flyght client in Toledo or the surrounding Northwest Ohio, Southeast Michigan, or Northeast Indiana region. Specific identifying details — company names, exact locations, and individual identities — have been generalized to protect client confidentiality. The challenges, the work performed, and the outcomes are accurate representations of what we delivered.
Why don't you name the clients in your case studies?
Confidentiality matters — especially when the case study touches on cybersecurity incidents, compliance findings, or financial details. Most of our clients prefer that we describe their situation without naming them publicly. If you'd like to talk to a current Flyght client in your industry as a reference, we're happy to arrange that directly once we're further along in conversation.
Can Flyght deliver similar outcomes for my Toledo business?
It depends on your specific situation, but the patterns in these case studies — network segmentation preventing ransomware spread, HIPAA compliance with cost reduction, zero-downtime office moves, regulatory exam preparation, nonprofit licensing optimization — are problems we solve regularly. The right answer for your business starts with a free IT assessment so we can understand your environment before recommending anything.
What industries does Flyght have the most experience with?
Manufacturing, healthcare (including dental and multi-location practices), professional services (legal, accounting, engineering), financial services (banks and credit unions), and nonprofits are all well-represented in our client base. We also support construction, education, and other verticals across our tri-state service area. Industry experience matters because compliance requirements, workflow patterns, and risk profiles differ significantly between sectors.
How long does it typically take to see results like these?
It varies by engagement. Cybersecurity improvements like MDR deployment and network segmentation are often in place within the first 30–60 days. Compliance work — HIPAA, FFIEC, PCI — typically runs 90–180 days depending on the gaps identified. Cloud migrations and major infrastructure projects are scoped individually. Your vCIO will lay out a realistic timeline during initial planning so you know exactly what to expect.
What does it cost to get an outcome like the ones in these case studies?
There's no one-size-fits-all answer because the work is scoped to your specific environment and goals. What we can promise is transparent pricing with no surprise invoices. The first step is a free IT assessment — no obligation, no sales pressure — and from there we'd build a proposal that fits what your business actually needs. Many clients find the total cost is lower than what they were already spending on a patchwork of vendors and reactive support.
Ready to write your own success story?
Schedule a free IT assessment with our Toledo-based team. No obligation — just an honest look at where your technology stands and where it could go.
Get Your Free IT Assessment