The need for visibility in a hostile threat environment

As a major higher education establishment, the University of Northampton is under constant threat from cyber attacks. It is trusted with safeguarding the personal information of thousands of students and staff, including financial data such as grants. In addition, the University operates a number of research centres and institutes, many of which generate valuable intellectual property. All of this makes the organisation a tempting target for cyber criminals.

With an extensive IT estate comprising more than 6,000 endpoint devices, as well as a large number of students and staff operating remotely, it is essential for the University to swiftly identify and mitigate any potential vulnerabilities before they can be exploited. However, the IT security team found its vulnerability management solution could be improved.

Joel Mason, IT Vulnerability & Patch Management Engineer at University of Northampton, explains: “We needed a managed solution for discovering vulnerabilities efficiently. With an IT estate this large it’s really important for us to discover, assess and prioritise vulnerabilities. A comprehensive view of the entire estate, ensures we can’t be left vulnerable or face a potential breach without our immediate knowledge.”

This became even more pressing during the COVID-19 pandemic as the University shifted into a remote working structure.

Joel explains: “People working from home can create more security vulnerabilities than a campus-based environment. We also had to accommodate an increased use of tools such as virtual desktop interfaces.”

“With an IT estate this large it’s really important for us to discover, assess and prioritise vulnerabilities. A comprehensive view of the entire estate, ensures we can’t be left vulnerable or face a potential breach without our immediate knowledge.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton

Discovering WithSecure™ Elements Vulnerability Management

As the University’s existing vulnerability management product was coming to the end of its license, the IT security team began investigating other tools that could provide enhanced visibility of threats and close existing blind spots. The team reached out to one of WithSecure’s partners and was introduced to WithSecure Elements VM, swiftly deciding that it was the right solution for them.

Joel comments: “It was a no brainer. We had a demo of WithSecure Elements VM and decided then and there to go straight into it without a trial. It could identify, assess, prioritise and report – everything we needed in a vulnerability management tool. We explored some other products with similar capabilities, but Vulnerability Managements’s competitive price made it the obvious choice.”

Vulnerability Managements’s focus on streamlined design and usability was also a key advantage, with the IT security team finding that it could be used effectively with very minimal training. The team was impressed with how quickly they were able to get the cloud-based solution up and running.

Joel explains. “Once we inputted the data for the discoveries and asset management and set up the scan nodes, it was good to go. We also had excellent support from the WithSecure team, from the service desk through to the account director.”

“It was a no brainer. We had a demo of WithSecure Elements Vulnerability Management and decided then and there to go straight into it without a trial. It could identify, assess, prioritise and report – everything we needed in a vulnerability management tool.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton

How WithSecure Elements Vulnerability Management delivered new levels of visibility

After implementing WithSecure Elements VM, the University quickly gained a strong sense of visibility and control across its extensive IT infrastructure. Vulnerability Management also enabled the team to easily identify security priorities. Most patching activity could then be easily automated using other tools, leaving the team free to concentrate on more strategic activity.

Joel comments: “Gaining visibility of vulnerabilities is the defining factor of our job role. Without that ability we would be flying blind, so it’s essential we have a reliable tool to identify and prioritise everything. Vulnerability Management makes this extremely easy thanks to its powerful capabilities and intuitive interface.”

Joel and the team also found that Vulnerability Management delivered further benefits beyond their initial needs. In particular, the asset management function helped to identify all assets across the IT estate, delivering active discovery capabilities.

With Vulnerability Management’s flexible cloud-based delivery model, the team believes the solution will be a good fit now, and for the foreseeable future, as the University grows and evolves.

“Gaining visibility of vulnerabilities is the defining factor of our job role. Without that ability we would be flying blind, so it’s essential we have a reliable tool to identify and prioritise everything. WithSecure Elements Vulnerability Management makes this extremely easy thanks to its powerful capabilities and intuitive interface.” 

– Joel Mason, IT Vulnerability & Patch Management Engineer, University of Northampton