The University of Salford has used the Tanium Platform to strengthen its defence against a surge of cyberattacks targeting the education sector.
Tanium worked with the university to help it overcome several challenges that have emerged over the last year. It faced a rise in the number of cybercrime threats, such as ransomware as well as nation state attacks launched in an attempt to steal COVID-19 research data.
These threats applied pressure to the University of Salford’s IT infrastructure which consists of a complex blend of on-premise and cloud systems - all supporting the operations of four different schools. The environment was based on a legacy IT architecture which was not prepared for the complications caused by COVID-19. The pandemic forced the university to provide mass remote learning, but it needed to find a better way of gaining visibility and control over the devices connecting remotely to its network (endpoints). This is important, because vulnerable endpoints offer attackers a much easier route into the IT environment and increase the chance of a damaging breach occurring.
Tanium provided the required visibility and control, minimising the university’s fundamental risk and strengthening its incident response capabilities. The Tanium Platform was used to discover previously undetected endpoints hidden in the network, many of which were missing critical patches and software updates. This reduced the number of missing critical patches by more than 99%, from 38,000 to 238. Tanium also helped the university reduce the time it takes to carry out software patches by 66%, with near-perfect coverage.
“During a particularly testing period, we had to deal with two zero day attacks within a two month spell,” says Mark Wantling, Chief Information Officer for the University of Salford. “Each time we utilised Tanium to quickly identify vulnerable assets across our distributed network, patched them and reported the incident to the board in less than a few minutes. The speed at which we can now respond to these types of threats has helped level the playing field between us and the attackers.”
The university used to have five fragmented endpoint tools that couldn’t comprehensively manage or secure its endpoints. Prior to using Tanium, it would usually deploy critical patches between three and ﬁve weeks after they were released. With Tanium, it now deploys critical patches within 24 hours. What’s more, the IT team has confidence that its entire digital estate is being patched rather than just a part of it, due to the visibility that Tanium provides.
“The increase in threats facing the education sector over the last 12 months has been alarming,” said Steve Hamilton, Area Vice President, Northern Europe, at Tanium. “When you combine this with a sudden need to support over 25,000 students and staff with remote access to the university network, a huge challenge is created. It’s been really satisfying to help the university overcome this with the Tanium Platform at the same time as saving it thousands of pounds in licensing fees by replacing five endpoint management tools that were previously in place.”