Kingston University
Industry:Education
Region:Europe, UK
Products

• Smart Protection Suite Complete
• Control Manager
• Endpoint Application Control
• Endpoint Encryption
• Integrated Data Loss Protection (iDLP)
• OfficeScan
• Mobile Security
• Email Security Gateway
• Vulnerability Protection

IT Environment Mac, Microsoft Windows and Office 365 Kingston University is a thriving higher education institution spread out over four campuses in southwest London. With more than 17,000 students, 2,000 staff, 6,500 devices — including Macs, PCs, and short-loan laptops — and a sizeable cloud environment to protect, there’s plenty to keep Chief Information Officer Simon Harrison busy. Universities are increasingly in the crosshairs of online attackers who believe porous networks and underinvestment in cybersecurity by some make them an easy target. Data breaches at UK universities have doubled over the past two years, according to FOI data, as state-sponsored hackers and financially motivated gangs look to steal highly valuable research data. Additionally, phishing attempts targeting students have rocketed in recent months, while ransomware is an ever-present danger. “Many of our students use our devices to support their learning and for social activities, which exposes them to attacks. We are looking to protect endpoints and servers from ransomware, malware, spyware and so on,” says Harrison. “If we’re not well protected, people can introduce infected files onto our cloud servers and on-site storage via their own devices or flash drives.” "When we started this journey, we were primarily interested in protecting the devices we owned. But through conversations with Trend Micro, the partner relationship has grown where we are now able to provide Trend Micro Antivirus to our students and staff as well." Simon Harrison, Chief Information Officer, Kingston University Challenges Like many organisations, Kingston University is currently undergoing a digital transformation journey designed to improve learning, teaching, and research outcomes, as well as IT resilience and service delivery. As part of this ongoing, multi-year initiative, security has always been front-of-mind, according to Harrison. Apart from the risk of data loss and ransomware-based service outages — which would have a huge impact on staff and students — there’s a reputational risk if university services are seen to be sending out malware, he explains. To provide assurance to the Board and Audit and Risk Committee, Harrison devised several key requirements:

• IT security infrastructure must address the growing diversity of the threat landscape
• Proactive threat protection with a high degree of management and granular analytics
• Protection across endpoints and hybrid cloud servers
• Connected, layered defence to complement existing next-gen firewalls

“Having recognised that what we had wouldn’t be good enough for the future, it became a story of how to find a vendor to meet our requirements for endpoint, server and cloud technologies,” explains Harrison. Why Trend Micro After evaluating recommendations from Gartner and Forrester and speaking with a number of contacts in universities and other organisations, Harrison and his team began appraising several vendors. They ran proof of concept tests to see if marketing claims matched the reality of protecting the Kingston University IT environment. In the end, they settled on Trend Micro™ Smart Protection Complete to protect physical endpoints and the university cloud services, including Microsoft® Office 365® and Box, which contain around half of the university’s core process-enabling applications. "We’re offering the students and staff the ability to protect themselves. Our students and staff see this as a benefit, and from our point of view, these devices that connect to our network are more likely to be virus free. It improves the digital health of the entire ecosystem to everyone’s mutual benefit." Simon Harrison, Chief Information Officer, Kingston University Solution Procurement and implementation was straightforward, and thanks to channel partner Longwall Security, the Trend Micro solution was quickly set up and configured to maximise protection for Kingston University’s specific IT environment and needs. Powered by XGen™ for cross-generational, multi-layered security, Trend Micro™ Smart Protection Complete protects endpoints, mobile devices, email and cloud apps, and web activity from a single interface. It allowed the organisation to:

• Regain control of end-user IT by centralising threat and data protection across multiple layers
• Stop ransomware from encrypting endpoints
• Block zero-day malware with signature-less techniques
• Enable users to securely work from the platforms they find most productive
• Protect data with no increase in management or client footprint
• Minimise risks with any mix of real-time, proactive cloud-based security
• Reduce management complexity and overall costs

The Trend Micro solution blocked a staggering 82 million ransomware threats in the first half of 2017 alone. Results Trend Micro™ Smart Protection Complete has enabled the IT team at Kingston University to proactively manage any malware outbreaks and other cybersecurity and data protection challenges in a highly effective manner. That means the institution has mitigated the threat of data loss and service outages, which can cause huge disruptions for staff and students, minimised reputational and financial risk, and helped fulfil its GDPR compliance obligations. But the partnership with Trend Micro has evolved into something even more beneficial, which Harrison hopes will stretch far into the future. “When we started this journey, we were primarily interested in protecting the devices we owned. But through conversations with Trend Micro, the partner relationship has grown where we are now able to provide Trend Micro Antivirus to our students and staff as well,” he concludes. “We’re offering the students and staff the ability to protect themselves. Our students and staff see this as a benefit, and from our point of view, these devices that connect to our network are more likely to be virus free. It improves the digital health of the entire ecosystem to everyone’s mutual benefit.“

Brooks Rehabilitation
Industry: Healthcare
Employees: 2,800
Region: North America, United States
Products

• Smart Protection Complete:
• OfficeScan
• ScanMail
• Control Manager
• Vulnerability Protection
• Endpoint Encryption

IT Environment Two data centers, 150 servers, virtualized, Cisco networking, 2,500 laptops/desktop running Windows, private cloud Providing world-class rehabilitation solutions since 1970, Brooks Rehabilitation is dedicated to advancing the health and well-being of communities throughout the southeastern U.S. Brooks’ highly-trained clinicians provide the most advanced therapy and medical care, along with the compassion, motivation, and hope to help people reach their highest level of recovery. Brooks operates one of the nation’s largest inpatient rehabilitation hospitals with 160 beds, one of the region’s largest home healthcare agencies, 32 outpatient rehabilitation clinics, and much more. Within the hospital is the Cybernic Treatment Center where they are introducing robotic treatment with the Hybrid Assistive Limb (HAL) for patients paralyzed by spinal cord injuries. In addition, Brooks operates the Clinical Research Center and provides many low- or no-cost community programs to improve the quality of life for people living with physical disabilities. To meet the needs of patients and clinicians, the IT organization supports more than 2,800 employees with two data centers, and approximately 150 servers. Challenges For Brooks Rehabilitation, keeping its IT environment and patient personal health information protected across a widely distributed network is an ongoing priority—and a challenge. Like many healthcare organizations, Brooks was the target of constant cyber threats, including phishing emails that trick employees into revealing protected information, such as passwords, to gain access to business data, including credit card and patient information. Also, with approximately one-third of employees using mobile devices, Brooks needed to protect employees’ mobile devices and data. Brooks is also required to meet HIPAA, HITECH Act1, and other compliance regulations. “Without visibility across our entire network’s threat landscape, it was difficult to identify threats, pinpoint vulnerabilities, and rapidly address them to ensure our systems and data were secure and in compliance with healthcare regulations,” said Brian Barbour, System Engineer/End User Experience at Brooks Rehabilitation. Why Trend Micro Brooks Rehabilitation has been a Trend Micro customer since 2013, and Barbour had used Trend Micro security products for 10 years before joining the company in early 2017. Barbour met with Trend Micro shortly after he joined, and quickly discovered that an upgrade to Trend Micro™ Smart Protection Complete would give them the powerful security capabilities they were looking for at minimal cost. Brooks was impressed with how the entire Trend Micro team provided an amazing amount of help upfront to ensure their success. “They were always fast to respond to our inquiries and very helpful—which made our decision to work with them an easy one,” said Barbour. "As a leader in treatment with robotic IoT devices, Trend Micro’s ability to provide security for these devices helps Brooks with the safety and well-being of patients." Brian Barbour, System Engineer/End User Experience, Brooks Rehabilitation Solution To implement Trend Micro™ Smart Protection Complete, Brooks Rehabilitation started with a pilot implementation of Trend Micro™ Vulnerability Protection. Its network-level host intrusion prevention system shields against vulnerabilities in operating systems and client applications. “Trend Micro experts went above and beyond to help us simplify the implementation process,” said Barbour. Brooks next implemented Trend Micro™ ScanMail™ solution to block traditional malware and guard against targeted email attacks and spear phishing using document exploit detection, enhanced web reputation, and sandboxing. In addition, Trend Micro™ Smart Protection Network™ cloud-based security identifies and blocks threats in real time. With Smart Protection Complete, Brooks can eliminate security gaps across any user activity and any endpoint using application control, intrusion prevention endpoint encryption, data loss prevention, and more. In addition, full disk encryption supports compliance. “Encryption is very important, especially with our mobile workforce. If a laptop containing personal health information is stolen and its disk is encrypted, we know we’re still compliant with HIPAA regulations,” said Barbour. Finally, with Trend Micro™ Control Manager™ solution in place, Barbour and his team can manage multiple layers of connected threat and data protection for complete visibility. “It’s really helpful to see the entire threat landscape and know every facet of our IT infrastructure is protected,” said Barbour. "The solution detected malicious code and removed hundreds of phishing emails from our system with the click of a button." Brian Barbour, System Engineer/End User Experience, Brooks Rehabilitation Results Since deploying Smart Protection Complete, Brooks has gained several benefits, including identifying and stopping phishing exploits. “The solution detected malicious code and removed hundreds of phishing emails from our system with the click of a button,” said Barbour. “With the solution’s encryption capabilities, we reduced our encryption time by 30 percent and now have greater compliance protection at a reduced cost.” In addition to providing visibility across the threat landscape, Control Manager integrates every Trend Micro product in a single view. “Control Manager allows us to see our top 10 risky users and provides behavioral analysis, so we can see what transpired to create an issue,” said Barbour. “As a leader in treatment with robotic IoT devices, Trend Micro’s ability to provide security for these devices helps Brooks with the safety and well-being of patients. I’ve worked with Trend Micro products most of my career. Trend Micro not only keeps up with changes in technology, but I’m confident they’ll be here to take care of new threats as they arise,” said Barbour. What's Next Looking ahead, Brooks Rehabilitation plans to implement additional cloud solutions offered by Trend Micro™ Smart Protection suites. Barbour and his team are also considering Trend Micro™ Worry-Free™ Business Security, and Trend Micro™ Deep Discovery™ network defense solution to further protect their IT environment, information and users.

Upgrades endpoint security, addressing the changing needs of a mobile workforce United Way of Greater Atlanta Employees: 220 Industry: Nonprofit, Charity Region: Atlanta, Georgia Products

• User Protection
• Smart Protection Suite
• Smart Protection for Endpoints
• OfficeScan
• Endpoint Encryption
• Data Loss Prevention (DLP)
• Control Manager
• Deep Security

IT Environment

• Microsoft Office 365
• VMware 260+ endpoints
• 50-60 virtual desktops
• PC and mac
• mobile

Overview For more than 100 years, United Way of Greater Atlanta has been serving its community. Today, it works in 13 counties in and around the greater metropolitan area. As one of the largest United Way organizations in the country, it invests $100 million annually in more than 200 programs. The charitable organization focuses on helping children succeed in school, helping families become financially stable, improving health outcomes for people of all ages, and reducing chronic homelessness. A 10-member IT team supports 200 staff members at eight offices and 20 remote call center agents who take community calls for assistance from their homes. More than 50 seasonal workers join the organization on virtual desktops during the fall pledge drive. Several years ago, United Way of Greater Atlanta virtualized servers and desktops and today runs a completely virtualized environment on the VMware platform. To honor their mobile workforce, the organization supports a bring-your-own device (BYOD) program with Airwatch management and has replaced about 70% of staff desktops with laptops. IT recently deployed Microsoft Office 365 and now encourages staff to move from other cloud file sharing programs to Microsoft OneDrive. Challenges When a big retailer suffers a breach, people don’t necessarily stop shopping with that retailer. A breach at United Way of Greater Atlanta, however, could send donors looking for a safer place to put their information and contributions. That’s why protecting donor or recipient data is so important for the nonprofit. “We face the same security challenges as many large organizations, such as data leakage, data loss prevention and intrusion detection. For us, there is a higher degree of risk because we are a volunteer-led, donor-driven organization,” said Orinzal Williams, Executive Director of IT for United Way of Greater Atlanta. Not only does United Way of Greater Atlanta compete with other nonprofits, but it competes with organizations that deliver transaction services to nonprofits as a way to expedite contributions. United Way vows to return 90% of its funds back to the community, which requires keeping overhead low. “We have to remain competitive while keeping our donor information secure,” said Williams. Like many large organizations, United Way of Greater Atlanta needed to revisit its endpoint security solution to address changes in how today’s workers do their jobs. An endpoint solution that had served the organization for about seven years was inadequate in an environment of laptops, mobile phones, and security issues around public cloud file storage solutions like Dropbox or Box. With 268 endpoints to secure and an additional 50 or 60 virtual desktops during the fall fund drive, the small IT team was usually reacting to a problem rather than proactively preventing it. “We needed a more robust endpoint security solution that would help us stay on top of security without devoting a lot of time to it,” said Williams. "Smart Protection for Endpoints allows us to be more efficient and compliant. When IT is efficient, the organization is being efficient with donor dollars and more money goes to the community. That’s a huge benefit."  Orinzal Williams, Executive director of IT, United Way of Greater Atlanta  Why Trend Micro To protect sensitive information on laptops, United Way of Greater Atlanta sought a new endpoint security solution capable of on- and off-premises protection. While Williams did look at solutions from other well-known security vendors, Trend Micro was always top of mind. “I’m a huge fan of Trend Micro Deep Security,” said Williams, who uses the solution to protect the organization’s VMware environment. “I called the Trend Micro rep to ask if they had anything to help us out. We had a 15-minute conversation about Smart Protection for Endpoints, and I was sold,” he adde “The members of my team wear multiple hats. We can’t have something that is so complicated it requires a dedicated resource to manage it. We needed the best combination of robustness and ease of use, where we can set it up but not babysit it all day. For this reason, Trend Micro was the best solution for us,” said Williams. “We started using Smart Protection for Endpoints immediately without additional training, because the dashboard is just like Deep Security,” he added "We used to put everything else on hold to combat the spread of malware on files on the server. With Smart Protection for Endpoints, we get an alert that the firewall has quarantined a machine on its own. Now we have one machine to check and nothing else that has to be done – no issue on the server or on other machines." Orinzal Williams, Executive director of IT, United Way of Greater Atlanta Solution With help from a simple setup program, it took Williams about 45 minutes to deploy Smart Protection for Endpoints and install it on ten IT machines before launching a staged deployment to the rest of the organization. The suite offers protection against traditional attacks and the latest targeted attacks. “Smart Protection for Endpoints works with our Mac hardware, has BYOD functionality, and is lightweight and easy to deploy to our remote workforce,” said Williams. To ensure protection now and in the future, IT decided to purchase a full suite of complementary endpoint solutions that deliver multiple layers of interconnected threat and data protection. “We may not use everything, but it’s there if we need it or auditors request it,” said Williams. The Security for Mac module adds a layer of protection for a growing number of Apple Mac clients in the network. The organization also uses the solution’s firewall, built-in compliance rules, endpoint encryption, and data loss prevention (DLP) module. They are currently testing virtual patching. The DLP module ensures compliance with IT policy by blocking any attempts to send out sensitive information or inadvertently store it on the local hard drive. “When I know certain people are working with sensitive information, I can target their machines for DLP. Once we install the agent on the desktop, I can activate it from the console, and DLP is automatically put in place,” Williams added. “With DLP and other plug-ins, we are confident we are not leaking information out.” Setting policies is an important part of controlling user behavior, such as ensuring users can’t execute dangerous applications on endpoints. “We manage our remote agents by setting up a profile for on-network use and strengthening it for off-network,” said Williams. The IT team makes extensive use of Trend Micro Control Manager, which provides a central view and reporting across connected Trend Micro security. “I really love the visibility into the machines and the control we have. We can do a little or a whole lot with it – we can have a basic level of protection or go deep and block certain applications at the firewall process. This really fits how we work,” said Williams, who jumps to many different tasks in the course of a day. Alerts and reports help Williams and his team respond quickly to issues in the environment. Williams can target machines that don’t have the current version of security software, so the IT team can find out why they didn’t update. He can also follow an alert on a quarantined machine with a scan, if necessary. "Smart Protection for Endpoints allows us to be more efficient and compliant. When IT is efficient, the organization is being efficient with donor dollars and more money goes to the community. That’s a huge benefit." Orinzal Williams, Executive director of IT, United Way of Greater Atlanta  Results Multitasking got easier for the IT team following implementation of Smart Protection for Endpoints. Before deploying the security suite, IT faced from eight to 20 security issues a week, any one of which could spread malware or a Trojan like CryptoLocker to files on the server. It took all hands on deck to run solutions to combat a serious security issue. With Smart Protection for Endpoints, IT receives an alert that the firewall has automatically quarantined a machine. “Now we have one isolated issue to check and nothing else that has to be done – no issue on the server or on other machines. The threat probably didn’t even take hold on the original machine,” said Williams. “Smart Protection for Endpoints does a great job of blocking unwanted traffic. It flags bad websites and stops malware entering from spam emails. It also flags personal email, which covers a huge hole and is a big win for us,” said Williams. He estimates that 50 threats – mostly malware from web traffic – have been blocked by Smart Protection for Endpoints since its implementation four months ago. The software is so efficient that the server never gets above 10% utilization. “The system remains efficient even when we have scheduled scans,” said Williams. Smart Protection for Endpoints alerts, reports, and preprogrammed compliance features ensure a small IT team can operate efficiently to protect donor information at United Way of Greater Atlanta. “I don’t want to see us spending a lot of money on internal operations. I want the money to help the community. Since deploying Smart Protection for Endpoints, we know we are delivering the best service without increasing our workload,” said Williams. “I can say with confidence to our board that the combination of Deep Security and Smart Protection for Endpoints ensures we are taking all the necessary steps to make our environment secure,” he added Williams has not had to call in a support ticket for Smart Protection for Endpoints. However, he’s confident that if an issue developed he would receive exemplary service. In all the time he’s used Deep Security, he’s only called in five tickets, and only one of those required an escalation. He received a call back on the escalation within the hour. “Trend Micro worked with us on the problem after hours until we got it resolved,” said Williams. “The fact that I’ve only had five tickets is a testament to the quality of Trend Micro software,” he added What's next? “We are still trying to figure out what actions we need to take for the cloud,” said Williams. The organization migrated to Office 365 almost a year ago, so most file sharing now takes place through OneDrive. Currently, they rely on the Smart Protection for Endpoints DLP module and built-in Microsoft protection on Office 365 to protect data in cloud applications. As Williams investigates a more layered defense for cloud apps, he will certainly look into Trend Micro solutions and consider their applicability for United Way of Greater Atlanta