Overview
One of the world’s top 100 Universities has grown from a single campus into an education and research powerhouse with a presence on four continents.
Their work is making an impact all over the world, from bringing clean water to villages in Africa to creating new life-saving medicines. With four campuses, they are truly making a difference on a global scale.
With its expanding database and the changing landscape, the University became concerned with its network security controls and visibility to protect its assets. Having critical data sitting on the cloud and network security controls reaching the limit of acceptable risk mitigation, coupled with increasing external threats, the University was determined to introduce more preventive and detective security controls.
The search for visibility and protection of critical assets
The University was keen in attaining the ISO27001 certification for a small subset of clinical registries, further solidifying the need to close the gap in network security. There was the need to protect web applications in multiple cloud environments and support WAF on the Microsoft Azure Platform, whilst maintaining an on-premises footprint for legacy applications.
To find the right solution for their requirements, it had to fit the following criteria: to be a cloud and on-premise, multi-cloud provider, SaaS, with timely delivery and speed of execution.
It was important to find a solution that was fuss-free and would cause minimal disruption to the business and for end users during the deployment. This prompted the Manager of IT Security and Risk to utilize the University’s Gartner subscription to search for a vendor that can provide the most comprehensive WAF protection with full visibility into threats.
Greater visibility and controls over web security
Through the deployment of Imperva WAF Gateway (formerly SecureSphere) the University was able to correlate normal usage patterns and trigger alarms with deviations, have constant application level traffic monitored and prevention against malicious external traffic. The growing concerns around lack of visibility into network layer 7 threats, outdated controls, and the continual shift of the threat landscape motivated the University to look into tighter network security solutions. The implementation of Imperva WAF Gateway, coupled with Imperva Cloud Application Security, gave visibility into application threats, identified standard patterns of access to the University’s web applications while monitoring and blocking suspicious activity. This allows the University to invest more time into pipeline delivery methods and protection of legacy applications instead of redeveloping them, where appropriate. It also reduces reputational risk by creating the ability to provide a conducive teaching, learning and research environment while minimizing the likelihood of a security incident.
With the University opting for increased web workloads in Azure, the IT Security and Risk team deployed virtual WAF appliances into the cloud environment. With changes in infrastructure, there was the need to host BYOL and on-demand licenses on the same platform. The University looked into securing more licenses across Imperva’s solutions in order to support the increase in capacity. Imperva then recommended FlexProtect as a flexible licensing option, allowing for flexible protection coverage to encompass the University’s files, applications and databases that would be cost effective, scalable, and platform agnostic. This versatile approach allows the University to expand their platforms whether on-premise or in the cloud with peace of mind and great visibility into protecting what matters most to the University.