Case study: University of Northampton

Control of an extensive IT estate

Visibility of vulnerabilities as the defining factor

Customer

University of Northampton

Products and services

F-Secure Elements Vulnerability Management

Industry

Educational

Country

UK

 

The University of Northampton is a public university based in Northampton, England. The University was formed in 1999 from the merger of several training colleges and gained full university status in 2005. Today the University caters to roughly 14,000 students every year, teaching a wide range of undergraduate and foundation degrees, as well as postgraduate courses up to PhD level. The University is divided across three main faculties: Business & Law; Arts, Science & Technology; Health Education & Society. It also has a strong reputation for research.

Key stats: 

  • 14,000 students 
  • 2,000 staff
  • 6,000 endpoint devices  

With constant cyber threats and an extensive IT environment to protect, University of Northampton found they needed to ramp up their vulnerability management. The need for better visibility became even more evident with the shift to remote working.

The need for visibility in a hostile threat environment

As a major higher education establishment, the University of Northampton is under constant threat from cyber attacks. It is trusted with safeguarding the personal information of thousands of students and staff, including financial data such as grants. In addition, the University operates a number of research centres and institutes, many of which generate valuable intellectual property. All of this makes the organisation a tempting target for cyber criminals.

With an extensive IT estate comprising more than 6,000 endpoint devices, as well as a large number of students and staff operating remotely, it is essential for the University to swiftly identify and mitigate any potential vulnerabilities before they can be exploited. However, the IT security team found its vulnerability management solution could be improved.

Joel Mason, IT Vulnerability & Patch Management Engineer at University of Northampton, explains: “We needed a managed solution for discovering vulnerabilities efficiently. With an IT estate this large it’s really important for us to discover, assess and prioritise vulnerabilities. A comprehensive view of the entire estate, ensures we can’t be left vulnerable or face a potential breach without our immediate knowledge.”

This became even more pressing during the COVID-19 pandemic as the University shifted into a remote working structure.

Joel explains: “People working from home can create more security vulnerabilities than a campus-based environment. We also had to accommodate an increased use of tools such as virtual desktop interfaces.”

“With an IT estate this large it’s really important for us to discover, assess and prioritise vulnerabilities. A comprehensive view of the entire estate, ensures we can’t be left vulnerable or face a potential breach without our immediate knowledge.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton

Discovering F-Secure Elements Vulnerability Management

As the University’s existing vulnerability management product was coming to the end of its license, the IT security team began investigating other tools that could provide enhanced visibility of threats and close existing blind spots. The team reached out to one of F-Secure’s partners and was introduced to F-Secure Elements VM, swiftly deciding that it was the right solution for them.

Joel comments: “It was a no brainer. We had a demo of F-Secure Elements VM and decided then and there to go straight into it without a trial. It could identify, assess, prioritise and report – everything we needed in a vulnerability management tool. We explored some other products with similar capabilities, but Vulnerability Managements’s competitive price made it the obvious choice.”

Vulnerability Managements’s focus on streamlined design and usability was also a key advantage, with the IT security team finding that it could be used effectively with very minimal training. The team was impressed with how quickly they were able to get the cloud-based solution up and running.

Joel explains. “Once we inputted the data for the discoveries and asset management and set up the scan nodes, it was good to go. We also had excellent support from the F-Secure team, from the service desk through to the account director.”

“It was a no brainer. We had a demo of F-Secure Elements Vulnerability Management and decided then and there to go straight into it without a trial. It could identify, assess, prioritise and report – everything we needed in a vulnerability management tool.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton

How F-Secure Elements Vulnerability Management delivered new levels of visibility

After implementing F-Secure Elements VM, the University quickly gained a strong sense of visibility and control across its extensive IT infrastructure. Vulnerability Management also enabled the team to easily identify security priorities. Most patching activity could then be easily automated using other tools, leaving the team free to concentrate on more strategic activity.

Joel comments: “Gaining visibility of vulnerabilities is the defining factor of our job role. Without that ability we would be flying blind, so it’s essential we have a reliable tool to identify and prioritise everything. Vulnerability Management makes this extremely easy thanks to its powerful capabilities and intuitive interface.”

Joel and the team also found that Vulnerability Management delivered further benefits beyond their initial needs. In particular, the asset management function helped to identify all assets across the IT estate, delivering active discovery capabilities.

With Vulnerability Management’s flexible cloud-based delivery model, the team believes the solution will be a good fit now, and for the foreseeable future, as the University grows and evolves.

“Gaining visibility of vulnerabilities is the defining factor of our job role. Without that ability we would be flying blind, so it’s essential we have a reliable tool to identify and prioritise everything. F-Secure Elements Vulnerability Management makes this extremely easy thanks to its powerful capabilities and intuitive interface.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton

Leave no loopholes. Know your security space inside and out.