University College Cork

Keeps Office 365 ransomware and phishing threats at bay with Cloud App Security

Overview

University College Cork (UCC) is a frequent winner of the Irish University of the Year award and is ranked one of the top universities in the world. Founded in 1845 during Queen Victoria’s reign, it now houses approximately 23,000 students from all over the globe. From an IT perspective, UCC Messaging Administrator, Patrick Nagle, and his team must manage approximately 6,000 terminals and around 5,000 mailboxes for roughly 4,000 employees.

Challenges

Like many universities, UCC is under frequent attack from opportunistic cybercriminals hoping to launch ransomware and nation-state operatives looking to steal cutting-edge research. These attacks are harder to spot because many are designed to fly under the radar of many security solutions, usually beginning with a socially engineered phishing email designed to harvest staff or students’ log-in credentials.

“When we looked at moving email to the cloud two years ago, we went to Office 365 but realized that the platform’s built-in protection wasn’t up to standard from our perspective,” said Patrick Nagle, Messaging Administrator for University College Cork. “We had a lot of people caught out by phishing emails, and even ransomware getting through.”

Why Trend Micro

In the summer of 2017, Nagle contacted tech partner Smarttech247 to see which security options were available to enhance the existing security in Microsoft® Office 365™. Over the past two years, Trend Micro™ Cloud App Security™ has stopped six million high-risk threats that weren’t spotted by Microsoft.

“We ran a couple of demos with all the different providers we looked at and we liked the idea of the API integration with Trend Micro Cloud App Security,” said Nagle. “It meant that we could use the Exchange Online Protection but have a second layer of security as well, which has worked out really well so far. The other thing that sold it to us, is that it’s not just email: it also covers SharePoint and OneDrive.”

"Since we implemented Trend Micro Cloud App Security, we haven’t been caught with anything like Petya or similar threats that encrypt the hard drives."

Patrick Nagle,
Messaging Administrator
University College Cork

Solution

Trend Micro™ Cloud App Security™ provides state-of-the-art threat and data protection for Office 365 and cloud sharing environments. It offers pre-execution machine learning, document exploit detection and behavior analysis to spot ransomware, Business Email Compromise (BEC) and other advanced threats. Office 365 protection only filters known threats even though 90 percent of today’s malware is unknown to traditional antivirus techniques.

It also provides the Smart Protection Network, a cloud intelligence tool that helps to spot and block malicious URLs and email attachments, preventing damaging phishing attacks. It scans internal as well as external emails to detect attacks already in progress. With data loss prevention (DLP) and malware protection the solution prevents data loss from Microsoft® OneDrive®, SharePoint® Online, Dropbox, Box, and Google Drive, and stops malware from spreading through cloud file-sharing services.

Cloud App Security delivers cloud-to-cloud integration, which uses APIs to ensure maximum protection with minimum hassle, installation or loss of functionality. Trend Micro™ Control Manager ensures centralized administration for cloud services, endpoints and web traffic. And shared intelligence, part of a multilayered approach to security with award-winning Trend Micro™ Deep Discovery™ platform shares intelligence with other security layers to maximize protection.

"We ran a couple of demos with all the different providers we looked at and we liked the idea of the API integration with Trend Micro Cloud App Security."

Patrick Nagle,
Messaging Administrator
University College Cork

Results

Nagle and the UCC IT team have been delighted with the results. Trend Micro™ Cloud App Security™ has helped the university minimize social engineering, spear phishing, and ransomware by blocking tens of thousands of online threats.

In just a 30-day period, Cloud App Security scanned 2.5 million emails. It detected 185 phishing emails, 23 BEC emails, one ransomware attack and 27,557 malicious links—even though Microsoft® Exchange Online Protection passes all these threats as safe. “Since we implemented Trend Micro Cloud App Security, we haven’t been caught with anything like Petya or similar threats that encrypt the hard drives,” says Nagle.

With its state-of-the-art approach to security, Cloud App Security has also helped the university better protect personally identifiable information (PII) and therefore help meet its GDPR compliance obligations, as part of a layered approach to security.

“Compromised email is a lot worse than it used to be. It’s not just about spamming inboxes anymore; the data itself has become more valuable to people,” concludes Nagle. “You can see from our results that it’s worth having this second layer of protection in place for the cloud.”

The result has been fewer calls to the help desk by users whose machines have been compromised. This is good news for the IT department because it means staff can free up their time for more important tasks, while also ensuring that fewer teachers and students are affected by ransomware-related data loss and outages.

What's Next

Nagle and his IT staff will continue to closely monitor changes in cyberthreats and work with Trend Micro to ensure that the university and its staff and students are protected.