Deakin hardens its shield with Ivanti

Established in 1974, Australia’s Deakin University has five campuses—one in Melbourne, two in Geelong, and one in Warrnambool. The fifth and fastest-growing campus is in the cloud (online). Each campus has a distinctive character, rich culture, and strong presence in its local community.

Industry: Education

Employees: 4200

Website: https://www.deakin.edu.au/

Solutions

User Workspace Manager
Application Control
Patch for MEM
[product summary]
Xtraction
[product summary]

Tightening defences

Protecting Deakin University’s 4000 employees and 50,000 students in an increasingly virtual environment from of cyber threats is a significant and persistent challenge for its IT team. Rising to that challenge, Deakin implemented a new security programme called “Deakin Shield” in 2017 to increase the university’s security posture and address several security gaps.

According to Craig Warren, Executive Director of ICT Infrastructure Services at Deakin, “We determined the Australian Signals Directorate’s [ASD’s] recommended cybersecurity controls would help us implement the strongest defence against a cyber-attack. After looking at various market solutions, we selected Ivanti’s due to our positive experience with previous products and its best-in-class solutions for addressing the Top 4 of the ASD Essential 8 strategies.” The Top 4 strategies—deploying application whitelisting, patching operating systems and applications, and minimising administrative privileges—help mitigate at least 85 percent of targeted cyber intrusions.1

Upgrading their licence from Ivanti Environment Manager to the full Ivanti User Workspace Manager suite meant Deakin now had access to Ivanti Application Control and its dynamic whitelisting and granular privilege management features. They also chose to deploy Ivanti Patch for SCCM to patch not only the Windows OS but an extensive catalogue of third-party applications—automatically—from within the Microsoft System Centre Configuration Manager (SCCM) console.

Ivanti is up to the challenge

Without Ivanti’s native plug-in, SCCM provides only basic, manual tools to update third-party software. The labour-intensive process meant countless hours of research, creation, testing, deployment, and troubleshooting for Deakin IT’s team. Deploying Ivanti Patch for SCCM has enabled the team to automate the deployment of patches to applications not natively patched by SCCM whilst simultaneously proving realtime insight in the patch status of applications in their environment.

For its part, Ivanti Application Control automatically prevents the execution of any code, even unknown, that a non-trusted owner (a typical user account, for example) introduces. This means Deakin’s IT team is spared the pain of maintaining and updating application whitelists.

To round out the Top 4 controls, Application Control also makes it simple for Deakin to give users just the privileges they need to fulfil their roles—no more, no less. IT can take someone with full admin privileges back down to a regular user and still provide automatic escalation of privileges where and when needed, based on policy—from allowing them to access to instal applications, instal a printer, use PowerShell, or whatever the user may need, but providing no more control than what he/she should have.

“Ivanti Application Control has also greatly reduced reimage requests, because the quality of apps installed is
a lot higher,” Warren said. “Prior to installation, we would receive an average of 12 reimaging requests per week— all of which involved a time-staking physical visit. The time we’re saving allows us to focus on other aspects of system security instead.”

Finally, Ivanti Xtraction, integrated into both Ivanti products, helps Deakin monitor its security posture in near real time. Having up-to-the-minute reporting on the patch status of the entire network provides actionable insights to protect the environment as well as peace of mind. Deakin IT knows the patches have deployed successfully. And given its integration with Application Control, Xtraction also provides visibility into the attempted execution of malicious code as well as elevation requests from users.

A customer-centric approach

When you’re one of the world’s top-rated universities, selecting an IT security vendor to partner with is no easy choice. Committed to delivering world-class education, start-of-the-art facilities, and round-the-clock support, Deakin looked for an organisation that shared its commitment to excellence. It selected Ivanti not only for the capabilities of its solutions, but for its service excellence as well.

We found other vendors to be very sale focused. They would only interact with us when there was an issue or a contract was about to end, Ivanti is constantly in touch with new and proactive ways their solutions can support our organisation.

1 Top 4 Strategies to Mitigate Targeted Cyber Intrusions: Mandatory Requirements Explained, Australian Signals Directorate, July 2013 https://www.asd.gov.au/infosec/top-mitigations/top-4-strategiesexplained.htm