Client Overview
eCampus.com is a premier online retailer of textbooks and digital course materials. Consistently exceeding industry standards, eCampus.com's mission is to provide the easiest, fastest, and most affordable way for K-12 and higher education students to buy, rent, or sell textbooks and digital content.
Founded on July 2, 1999, eCampus.com reshaped the textbook industry by taking the traditional college bookstore online. Remaining an edtech leader in future-proof course material solutions, eCampus.com serves over 400 schools, colleges, and universities. Their comprehensive course material solutions suite includes full-service online bookstores, inclusive access and equitable access programs, and expert campus store operations and management. Through products that simplify the adoption, management, and procurement of course materials, eCampus.com propels student success by delivering the right course materials, at the right time, and at the right price.
The Challenge
PCI Compliance and a Growing Attack Surface
As an online retailer handling payments and student data, eCampus.com must maintain strict PCI compliance and strong external security controls. But for a small team managing multiple e-commerce properties, marketplace integrations, and more than 250 internet-facing assets, keeping up with emerging vulnerabilities was becoming increasingly difficult.
The team needed a partner that could support PCI compliance, continuous monitoring, penetration testing, and broader vulnerability management—without enterprise-level pricing or complexity. Eric's team began searching for a solution that extended beyond basic scans to full EASM and PCI support.
"Since we're a smaller company, cost is a factor. We want to get the most we can for our money. Halo was the best balance of a comprehensive solution and affordable pricing," said Eric Lazur, eCampus Director of Internet Services.
The Solution
A Focused Security Partner That Does the Heavy Lifting
eCampus.com now relies on Halo for EASM, application scanning, PCI ASV scanning, penetration testing, and Dark Web monitoring. Halo stands out for its deep security expertise and product-first focus. As Eric explained, "strength of product" was the top reason behind their decision—Halo stays ahead of new vulnerabilities, so his small department doesn't have to chase every CVE.
Halo also brings meaningful value for a mid-market company. "Halo provides a comprehensive set of services for a very reasonable cost," Eric shared, allowing his team to meet PCI and security requirements without stretching their budget.
Equally important is Halo's partner-style support. When eCampus opens a case, they receive fast, personal engagement—not faceless tickets or long delays. "It's like working with a partner that cares about you and your business," Eric said. This hands-on guidance gives eCampus the confidence of having an expert extension of their team.
Halo also uncovers risks the team didn't know existed. EASM routinely identifies unknown or forgotten assets, while Dark Web monitoring adds assurance that credentials or data haven't quietly leaked into criminal marketplaces.
"We also appreciate that the Halo sales experience does not have high-pressure salespeople. They took the time to learn our business and compliance needs," Eric summarized.
The Results
With Halo Security in their corner, eCampus.com feels confident managing a large and constantly evolving attack surface. Eric's team has evaluated other security vendors over the years, but Halo continues to deliver the strongest combination of cost, capability, and expertise.
As an Approved Scanning Vendor (PCI ASV), Halo has also strengthened eCampus's PCI compliance, providing the scanning, documentation, and reporting needed for audits, while also handling external penetration testing and vulnerability scans. This gives Eric and his team confidence that their compliance and security needs are covered thoroughly and accurately.
Perhaps most importantly, Halo saves meaningful time for eCampus's small IT department. By offloading vulnerability discovery, prioritization, and ongoing scanning, the team can stay focused on the operational demands of the business. Eric's team no longer spends hours researching issues or deciphering findings—Halo brings the answers, freeing up critical time and reducing day-to-day stress.
The Halo Difference: Focused Expertise, Not a Watered-Down Platform
Eric has seen many vendors expand into sprawling platforms that try to do everything—from log management to every flavor of security service. In his experience, that can lead to siloed teams and shallow expertise that does not help mid-market organizations meet their security goals.
"Halo helps us stay ahead of attackers," Eric shared. "As a team, it's hard to stay on top of all the latest vulnerabilities. Halo's EASM scans are comprehensive and continuous, so they alert us to vulnerabilities quickly, and we can proactively review and address issues immediately. Their solution is right-sized with excellent context and guidance to help us stay secure and efficient."
"We know we're getting a very reasonable cost for services like external testing and vulnerability management," Eric said. "And we don't think we'd get the same level of service elsewhere." This balance of value and deep security knowledge has resulted in a significantly higher ROI compared to larger "do-everything" platforms.
