Case Study: Outdated, ineffective anti-virus leads to phishing attacks and more on this college campus
Industry: Education Company Type: University
The Challenge
This university was utilizing outdated, ineffective anti-virus protection deployed to endpoints. Due to a lack of insight and control over corporate network traffic there, the University was experiencing an increased amount of successful phishing attacks. This resulted in a decrease in user/student productivity, an increased volume of complaints, and created the need for increased bandwidth.
The Discovery
Boston BizTech discovered that although stateful firewalls had been deployed, these were not next generation firewalls. There were no anti-spam solutions filtering email before delivery into the campus domain. We also discovered that the university was susceptible to ransom attacks.
The Solution
Boston BizTech conducted vendor discovery, comparison and analysis to provide the best solution. We navigated the procurement process. We guided the process working with attorneys and negotiated contracts on behalf of the university. After gathering the university’s requirements, we headed the architecture team designing the new network infrastructure, and we created scenarios with the team to design around the requirements. We managed the acquisition of all hardware and software; next generation firewalls were deployed with the capacity to inspect all traffic with intrusion prevention, advanced anti-malware features and malicious website filtering. We configured and enrolled all user accounts into Multi-Factor Authentication (MFA) and disabled the ability for accounts to use non secure protocols that do not enforce MFA upon logon. An anti-phishing/anti-spam solution was deployed into the corporate email architecture and a mandatory security awareness training was rolled out to all users.
The Impact
The University gained insight and control over the internet traffic across their corporate network. Network security was increased via traffic analysis and profiling. The incidence of compromised accounts was reduced by 82%, allowing for decreased response time to issues and increased focus on high priority projects. Increased bandwidth and user/student productivity while decreasing complaints by 93%. In addition, the effects of Distributed Denial-of- Service (DDoS) attacks that caused outages were eliminated.