Finding a rock-solid malware prevention solution that can be scaled to epic proportions, without an epic headache.
Vanderbilt is simultaneously a large research university, undergraduate college and thriving medical center. In many ways, it operates more like a small city than a traditional university. Director of Information Security, Salvador Ortega, said one of the biggest challenges for his department is protecting Vanderbilt’s networks, users and assets against the latest Internet security threats while balancing the needs of the various constituents the university serves.
At the start of 2010, Ortega and his staff noticed a sharp increase in the number of attacks to the Vanderbilt network from websites containing malicious software (i.e. malware). Since Vanderbilt has a very open Internet policy, Vanderbilt’s students, staff and networks were prone to security infections from rogue sites, malvertising and legitimate websites that had been compromised by hackers.
Historically, Vanderbilt offered free anti-malware client software that users could install on their machines. However, the software wasn’t comprehensive and did not support all the various types of Internet devices on Vanderbilt’s network. As a result, users were still experiencing infections which resulted in time consuming support requests and increased risk of compromised assets.
Ortega knew that he and his team needed to find a solution that could help them control these attacks and limit potential damage to user’s and University’s assets, research and intellectual property.
A Flexible Solution Needed For a Diverse Computing Environment
Vanderbilt is a blend of centralized and distributed computer support. Several core computing infrastructure services are centrally managed, while desktop support is offered by both central IT and departmental IT services. Any solution that would be implemented across 35,000+ users would need to be able to be easily deployed, administered and managed by the different support groups across different departments.
An additional requirement in providing computer support and protection for the entire university is the ability to cover a wide variety of products, devices and set-ups. The number and type of devices on Vanderbilt’s networks had continued to proliferate due to the consumerization of technology. This trend has lead to a wide range of Internet enabled devices used by the Vanderbilt community including desktops, laptops, ipads, iphones, etc.
“We needed a service that we could offer that was flexible, yet non-intrusive, that didn’t involve agent installs,” explained Ortega.
Stress-free protection for all Internet-connected devices on the Vanderbilt network with no agents to install and no appliances to manage.
After researching the traditional appliance and software-based solutions, Ortega quickly realized that Umbrella was the perfect solution for Vanderbilt University because it is a cloud-based solution that offers best-in-class malware protection and does not require an agent install or hardware to be deployed. This made deploying and managing a security solution across a diverse range of devices and networks easy and quick without the need to touch every device or network.
“The allure that we didn’t have to install an agent was very important to us,” said Ortega. “Everyone uses our DNS, so that’s a common thing enabling us to enforce safer Web surfing.”
In addition, Umbrella didn’t require a new infrastructure in order to implement – a simple change to forward external DNS requests to Umbrella was all that was required. In contrast to other options considered, minimal staff time is required to maintain Umbrella. Ortega estimates that managing Umbrella for Vanderbilt in its entirety is only 20-30 percent of one full time employee’s time.
Umbrella is now deployed across the entire university, including the university medical center hospitals and clinics. From January to June of 2011, the service protected computers on Vanderbilt’s network against almost 2.6 million malware infections. Since the service proactively stops malware from reaching Vanderbilt’s networks and Internet connected devices, Ortega and his team spend less of their time disinfecting compromised machines which allows Ortega and his team to spend more of their time working on other IT related projects.
- Drastic Reduction in the malware infections
- Umbrella Enterprise prevented 2.6 million malware infections in just six months
- More time spent on proactive IT related projects
- No appliance to install and manage, no software to deploy and update