Expanding University attack surface
Data protection as critical as it is challenging
Canterbury Christ Church University is a leading British HE institution. Founded in 1962, the University offers undergraduate, postgraduate, full-time, part-time, and short courses – and apprenticeships – to 26,000 students at locations across Kent and the UK. Last year, Canterbury Christ Church was ranked third in the UK for graduates in employment.
The University is a diverse, decentralised organisation comprising thousands of students and faculty members – which makes data protection as critical as it is challenging, particularly in an era of digitisation and virtual delivery.
For example, Canterbury Christ Church students connect their personal devices to the network, and lecturers are increasingly adopting digital learning technologies. Meanwhile, the University is generating growing volumes of data that are valuable to hackers – data which is often siloed, reducing the ability to effectively detect and respond to threats.
The University also houses a wide range of sensitive data, including student identities, research data, financial details, and healthcare information. From students’ cell phone and account numbers to academic research findings, it’s vital that the University safeguards information with the highest level of security.
There is good reason for this caution. According to the UK Government’s 2022 Cyber Security Breaches Survey, 92% of HE institutions experienced breaches or attacks in the past 12 months – and IBM research reveals that the average cost to recover from an incident is £3.2 million.
Improve security without adding headcount
The University’s cybersecurity requirements include:
- Staying in front of the most complex threats with proven, innovative security.
- Ensuring students and staff can connect to data and applications anywhere.
- Improving their security posture without adding headcount.
- Reducing complexity and providing complete infrastructure visibility.
Complete peace of mind with a Palo Alto Networks portfolio
Canterbury Christ Church has standardised on a trusted Palo Alto Networks network security strategy, comprising a connected suite of PA-Series and VM-Series ML-Powered NGFWs. Deployed in the two data centres and a hybrid Azure cloud, the NGFWs provide predictable performance and coverage of the most evasive threats – protecting up to 9,000 endpoints and 400 servers.
"Palo Alto Networks is core to our network security strategy – protecting every attack vector. I couldn’t sleep at night without Palo Alto Networks. It was one of the shrewdest procurements the University ever made."
– Andy Powell
Chief Technology Officer,
Canterbury Christ Church University
The NGFWs are complemented by a unified suite of security services, including DNS Security, Advanced Threat Prevention, Advanced URL Filtering, and WildFire. For example, Advanced URL Filtering protects the University’s guest web access, enabling the team to configure policies for different users, restrict access to sites and filter website content quickly and easily.
The WildFire service is used on both the physical (PA-Series) and virtual (VM-Series) NGFWs to detect previously unseen, targeted malware and advanced persistent threats.
"Palo Alto Networks are constantly evolving their technology, so it consistently outperforms other security vendors. They have also been incredibly supportive of our journey, working alongside our small team to ensure we continually innovate and make the most of our security investment."
– Jim Manuel
Network and Data Centre Manager,
Canterbury Christ Church University
The University network security strategy also utilises KHIPU Networks Cloud-Native Managed Detection and Response SOC (CMDR) service. Powered by Palo Alto Networks XSOAR AI and automation tools, plus Google Chronicle Security Operations, it provides immediate incident response, remediation, and prevention.
"KHIPU are part of the family – always proactive and always adding value."
– Jim Manuel
Network and Data Centre Manager,
Canterbury Christ Church University
Protecting the data crown jewels
This innovative, next-generation network security architecture is transforming the University’s threat prevention strategy. The benefits include:
- Protected data, applications, and devices: Andy says, “Palo Alto Networks protects our data crown jewels. We have complete visibility and control to stop known and zero-day attacks hiding in network traffic, including encrypted traffic.”
- Increased operational efficiency: The lean University team uses Palo Alto Networks automation, AI, and ML to streamline and accelerate security administration. “We save weeks of time because we can understand the traffic so easily,” says Andy.
- Reduced risk: The highly resilient network security framework, features such as roll-back configurations, and the KHIPU CMDR service are helping the University to reduce risk and meet operational compliance regulations.
- Optimised performance and user experience: A previous NGFW refresh from 40Gb to 100Gb throughput ensures users benefit from a high performance, always-on bandwidth connectivity. The GlobalProtect virtual private network (VPN) also delivers flexible secure remote access for all users everywhere.
- Supporting the Prevent Agenda: Complete, connected security command and control supports the UK Government’s Prevent Agenda and reduces threats from terrorism, radicalisation, and extremism.
The University is about to embark on the next phase in its cybersecurity transformation. An imminent refresh of the Palo Alto Networks platform will see the deployment of the latest NGFWs and Prisma Access to create an even safer campus experience.
"There’s a very good reason why Palo Alto Networks are the market leader. Their portfolio is always evolving: it integrates seamlessly and leverages the latest security techniques."
– Andy Powell
Chief Technology Officer,
Canterbury Christ Church University
Learn more about Palo Alto Networks on the website where you can also read many more customer stories.
Share this story
