Based in the heart of London, the University of Westminster caters for more than 20,000 students and 4,500 staff.
That leaves the institution’s network security officer Ashley Pereira with a huge task in protecting networks from cyber risks such as zero day threats and spear phishing, with the likes of vulnerability management, patching, device management and security policies all coming under his regular remit.
That’s why the University of Westminster selected the QualysGuard Cloud Platform integrated solutions suite to simplify the process of keeping the network protected from cyber threats.
“There’s a lot to take on during my day-to-day, and Qualys saves a lot of time,” Pereira told Computing.
“I quickly navigate through to the portal, kick off a scan and then get back some very detailed information that I can use to inform the necessary people we’ve got vulnerabilities on our network,” he said, adding that the subsequent generated report makes it simple to determine an “action plan” for combating vulnerabilities.
“A lot of that can be derived from the Qualys report because it tells you what the vulnerability is, where the patch can be downloaded from and then it’s a case of the system admin owners making a request to upgrade that service,” Pereira explained.
Prior to adopting Qualys, the university didn’t have the capability to monitor vulnerabilities across the entirety of its IT estate, especially when more and more devices have become reliant on being connected to the internet.
“We didn’t really have a tool that could give us complete visibility of all of our IT assets across the whole of the university,” admitted Pereira.
“So while you might just take things into account from the server side, there are other endpoints that are connected as well: the student labs, the corporate machines and other things such as printers.
They can potentially be a mode from which somebody may attack, so we need to be conscious of all endpoints that connect via IP.”
While the previous solution didn’t provide full visibility of connections to the network, Qualys has made sure that is not the case and without having an effect on network users.
“Before it was a cumbersome task to get scans working while having no impact on the endpoint, while the scans we’re doing now have zero impact on service delivery,” Pereira explained.