The Challenge
- Secure email for students, faculty and staff across a variety of platforms
- Stay ahead of increasingly sophisticated email threats
- Reduce time spent tracking false positives
The Solution
- Proofpoint Advanced Threat Protection
- Proofpoint Enterprise Protection
- Proofpoint Targeted Attack Protection
- Proofpoint Threat Response Auto-Pull
- Proofpoint SaaS Defense
- Proofpoint Data Protection
- Proofpoint Encryption
- Proofpoint Email DLP
- Proofpoint Security Awareness Training
- Proofpoint CLEAR (Closed-Loop Email Analysis & Response)
- Proofpoint PhishAlarm and PhishAlarm Analyzer
The Results
- Reduced false positives to help keep critical academic communications flowing securely
- Enabled IT to support rapid change as needed with a flexible solution
- Enhanced security to protect campus environment from advanced threats
The Challenge
Protect students and faculty at a world-class university from evolving threats
Like all higher education institutions, this university depends on open communication and collaboration to support its instruction and research. Its cyber defence team is responsible for protecting 70,000 students and 10,000 faculty and staff. This is no small task. What’s more, the university’s network infrastructure is challenged by an evolving security landscape, and constantly changing user needs and work styles. Some of its older systems were not fully compliant with its latest policies and they were vulnerable to zero-day threats from malicious emails, phishing, and other threats.
“There are countless potential attackers around the world who might send us malicious emails,” said the director of the cyber defence team at the university. “My team makes sure that as few of those as possible get through. And then we detect and respond to what sneaks by.”
The university’s original email gateways had worked fine for years. But as the volume and intelligence of attacks grew, its ageing platforms could no longer keep up with these increasingly sophisticated threats. At the same time, its email environment was becoming more complex. Students, faculty and staff were using a mix of platforms, including Microsoft Exchange and Google Workspace for Education. The various departments were using hundreds of vanity domains, and people often forwarded emails or portions of them between these platforms. The situation got even more complicated when the university began migrating its on-premises Microsoft Exchange environment to a Microsoft 365 service.
When its email gateway began to struggle with the complexity, the cyber defence director and his team knew it was time to migrate to a comprehensive security solution from Proofpoint.
Chief Information Security Officer
The Solution
Proofpoint protects sensitive campus communications
To proactively safeguard its academic community, the university deployed Proofpoint Advanced Threat Protection. This solution protects students, faculty and other users against advanced threats. It provides the industry’s most robust email security platform and the most accurate view of the email threat landscape. This allows the cyber defence team to keep pace with its increasingly complex environment, and helps to minimise the workload on its staff.
“We’re impressed with the flexibility of the Proofpoint solution. It not only supports a complicated environment where we have multiple mail stores of truth, but it secures all of that email. It also secures the email flying from direction A to direction B or C in different ways, based upon a sender’s identity, email content, and whether it was previously seen,” said the director.
The faculty requirements are constantly changing for the university. With Proofpoint, the director and his team get a versatile solution that can be easily modified. It also minimises excess work for the administrators.
“Flexibility of configuration is key to our ability to respond to our constituents’ needs when a department needs a rapid change, a rapid brand, or another modification that needs to be done quickly,” said the director. “We don’t have to kludge anything like we had to do on some other platforms. With Proofpoint, we can get things done in a sustainable way without the need to go back and review what we did, and apply a band aid later on.”
The Results
Effective email security with fewer false positives
The new Proofpoint solution has enabled the director and his team to keep the university’s email users safe from external threats, without burdening staff with excess false positives that can sap productivity. Over a 90-day period, 345 million inbound emails were scanned by Proofpoint. The solution successfully discovered and blocked 53% of known threats based on reputation, and 9% of known threats based on content. Among targeted threats, Proofpoint also blocked 12% of incoming emails with malicious attachments, and 67% based on URLs.
“We have a complicated environment with lots of research. So it’s essential that we can determine whether a PDF or another document contains something malicious,” said the director. “We value the efficacy of our solution, together with incredibly low rates of false positives. That’s super important to any organisation, but especially to university students. If a student’s classwork is detected as being malicious and doesn’t get to their instructor on time, that could affect somebody’s ability to graduate—or even the rest of their lives.”
The university team regularly examines and analyses email from internal and external users and university affiliates for false positives. And then they report them to the Proofpoint Threat Operations Center. This helps with continuous learning and behavioural detection. “We typically see about five to ten false positives per day, out of about six million total email deliveries internally,” said the director. “In other words, the number of false positives is very, very low.”
The university is also pleased with the high availability of its cloud-based Proofpoint solution.
“Since we migrated to the latest Proofpoint platform, we’ve had no outages in nearly two years,” said the director. “The difference between having something like that and running an on-prem server in our data centre—with the risk of a hardware, power, or cable failure—is significant. We’ve been super impressed and excited about having that availability.”
With their Proofpoint solution in place, the university team is confident that it can continue to maintain the integrity of its campus communications and collaboration well into the future.