The University of Derby offers further and higher education in a wide choice of subject areas across its Derby, Buxton, Chesterfield, and Leek campuses. Rated “Gold” in the Teaching Excellence Framework 2017 and named a Top 30 UK University in the Guardian University Guide 2020, the University’s academic strength is backed up by its emphasis on practical experience, ensuring its 29,000 students are fully equipped for the workforce. With more than £200 million invested in the last ten years, Derby offers some of the best university facilities in the UK.
Senior IT services engineer Luke Williams is part of a team of six engineers tasked with managing and securing 7,000+ endpoints; including 1,000 laptops, 1,000 mobile devices (mainly iOS), and 800 servers.
Unis under attack
The UK’s universities are an increasingly attractive target for both financially motivated cybercriminals and nation-state attackers. The former group typically look for personally identifiable information (PII) on staff and students, which they can monetise on the dark web by selling it on to fraudsters. According to university digital service provider, Jisc, phishing/social engineering is the number one threat facing users at UK higher education institutions, followed by ransomware/malware. Universities are also targeted by nation states looking for valuable research and IP – as seen in the attacks linked to Iran revealed last year. Troublingly, recent pen tests from Jisc found that in all of the 50+ universities targeted, ethical hackers were able to obtain “high-value” data within just two hours.
Ransomware is another persistent threat to universities. Research from 2016 revealed that over half of the UK’s higher education institutions had suffered an attack. The University of Derby was not immune to this threat, as its old endpoint security software was unable to detect some ransomware attacks, prompting the institution to a search for a new provider. “Three years ago we had four major incidents where portions of our shared drives had been encrypted, and we had to restore data from back-ups,” explains Luke Williams, senior IT services engineer, University of Derby. “We invested in Trend Micro primarily because of that – in order to find a more effective alternative.”
"Three years ago we had four major incidents where portions of our shared drives had been encrypted. We invested in Trend Micro … in order to find a more effective alternative."
Senior IT Services Engineer
University of Derby
Why Trend Micro
In order to reach their decision, Williams and his team looked at Gartner™ Magic Quadrant providers to select a shortlist of industry leaders, before putting them through a tendering process. They found that Trend Micro was a mix of reliability (a Gartner leader in endpoint security) and highly-competitive pricing.
In the end, the IT department chose Trend Micro Apex One™, and Trend Micro Apex Central™.
Delivered as a single agent across SaaS and on-premises environments, Apex One offers:
- A cross-generational blend of advanced threat detection techniques, including; pre-execution and run-time machine learning, whitelisting, behaviour analysis, app control, web reputation, DLP, and much more
- Virtual patching via a host intrusion prevention system (HIPS) to protect mission-critical systems from known and unknown threats
- Centralized visibility and control
This results in automated protection at every stage in the life cycle of an endpoint threat, against ransomware, fileless malware, crypto-jacking, and more – with minimal false positives. Apex One allows organizations to consolidate from multiple vendors onto a single endpoint security agent, backed by industry-leading threat research (via the Trend Micro™ Zero Day Initiative™) and cloud-based threat intelligence (Trend Micro™ Smart Protection Network™).
"We have a lot of confidence in the protection capabilities of our Trend Micro implementations, have greater visibility and understanding of the threats in our environment."
Senior IT Services Engineer
University of Derby
Solutions and Results
No more security breaches
The IT team at the University of Derby was immediately impressed by Trend Micro’s detection capabilities.
“There were four major security breaches via ransomware attacks with another endpoint security vendor, we’ve had none since we’ve been a partner with Trend Micro,” says Williams. “We have a lot of confidence in the protection capabilities of our Trend Micro implementations, have greater visibility and understanding of the threats in our environment, and it has been a key part of our cybersecurity journey over recent years.”
Williams also gives the account management team a glowing review, saying Trend Micro is “one of our favourite partners to work with”.
The University’s experience of working with Trend Micro was so positive that the institution has since invested in Deep Discovery Analyzer, a network-based appliance which uses advanced techniques to spot targeted attacks.
Most recently, Williams and his team further supplemented their existing solutions with Trend Micro Deep Security, giving them an industry-leading threat protection at the server layer. The University of Derby is also beginning to implement Trend Micro Hosted Email Security and Cloud App Security in order to add layers of protection to their Office 365 offerings.