Nov 24 2020

An Integrated Security Ecosystem Pays Off for UNC, Charlotte

Cisco solutions increase visibility, control and automation across security layers.

In January, as the University of North Carolina at Charlotte entered the home stretch of a multiyear effort to improve its cybersecurity defense, there was no way to know the coronavirus pandemic was about to strike. However, that timing turned out to be fortuitous, enabling UNCC’s IT team to leverage integrated solutions from Cisco to keep data safe amid remote operations.

“The good news for us is that we spent the last few years maturing our security posture on campus, and it has been preparing us for this very moment,” says Vice Chancellor for IT and CIO Mike Carlin.

Carlin and Jesse Beauman, assistant vice chancellor for enterprise infrastructure, discussed UNCC’s IT transition in a session at the recent EDUCAUSE annual conference titled “The Adaptive University: How UNC Charlotte Kept Students Learning” and in an interview.

Seamless Security Delivers a High-Quality User Experience

With nearly 30,000 students and 4,500 staff and faculty members, UNCC’s IT staffers prioritized the user experience when they initiated a technology evolution back in 2017. A two-year assessment led to recommendations to improve IT agility, efficiencies and security, and the team began implementing those strategies early this year.

“I always want it to be as seamless and invisible as possible to our customers,” says Carlin. “What can we do to protect our campus community — in some ways, quite silently, from behind the scenes — without them ever knowing it?”

The answer, to a large extent, was adopting a unified security portfolio that includes Cisco’s SecureX platform, which provides visibility and automation across the infrastructure; AMP (Advanced Malware Protection) for Endpoints; Umbrella, a cloud-based network security service; and Stealthwatch, an advanced threat detection tool, among other solutions.

Together, the solutions support a holistic approach that facilitates faster, better controls, says Beauman.

“We have a lot of visibility into what’s happening on the campus, and we can respond exceptionally quickly now,” he says.

That wasn’t possible in the past, when the university relied on disparate solutions that required IT staff to log into multiple products to extract and correlate data when an incident occurred — a cumbersome and time-consuming research process.

“Before, it might have taken days or weeks to respond or even figure out where a perpetrator got into campus,” says Beauman. “My team can quite literally do that in hours now, sometimes minutes.”

MORE FROM EDTECH: How Purple Teams Can Strengthen Security

Integration Improves Control and Visibility Throughout the Network

Like many institutions, one of UNCC’s biggest threats is email-borne malware attacks. Their scale necessitates an integrated, automated response, says Beauman. As an example, he points to the revelation, made possible via the Cisco deployment, that the university gets an average of 30 million known email threats in a 30-day period.

“That was an eye-opening event,” he says.

Given the increase in cyberattacks throughout higher education during the pandemic, a stronger defense has been essential. UNCC’s IT staff has used Umbrella and AMP, among other tools, to give devices and data assets the same level of protection whether they are on campus or off.

“That has been a really big win,” says Beauman. “It’s given us the flexibility to allow people to work from wherever they want to work from.”

The fact that several solutions in UNCC’s security ecosystem are cloud-based has also facilitated ease of use and scaling amid remote work, says Beauman. And, because AMP, Umbrella, Stealthwatch and other solutions all feed into the SecureX console, it’s easy to take a threat detected in one solution and push that information out across the others.

“It’s fantastic to be able to integrate that much. It has really reduced our response time and allowed us to move from a reactive posture to a proactive posture,” says Beauman. “The bad guys are now moving at the speed of a machine, so our automation principles are to try to move at the same speed.”

Carlin echoes the fact that institutions, facing an ever-increasing barrage of threats, must be able to act just as quickly as the attackers do. Yet as service providers, IT teams also strive to deliver an optimal experience for the campus community, Carlin says. The move to a security suite that emphasizes integration and automation has made both of those aims more feasible.

“How do we operate at the speed of the machine? How do we quickly identify, isolate and control whatever the exposure is?” says Carlin. “We are blocking thousands of attempts a day and users don’t even know it’s happening, for the most part.”

Getty Images/Panuwat Sikham

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT