The University of Stirling is committed to providing education with a purpose and carrying out research which has a positive impact on communities across the globe – addressing real issues, providing solutions, and helping to shape society.
The university has more than 18,500 students globally and employs 1,800 staff, with more than 140 nationalities represented at its scenic central Scotland campus. With a commitment to leveraging technology wherever it can and enabling its staff and students to do so with confidence, the university required a reliable and proactive security solution to safeguard its digital infrastructure and protect its reputation as a safe place to learn.
This case study explores the collaboration between the University of Stirling and Phoenix Software, focusing on the successful implementation of Phoenix’s Security Information and Event Management (SIEM) solution, Sentinel Essentials, all delivered by Phoenix’s highly skilled and experienced 24/7 security operations centre (SOC).
Challenge
As a large university with approximately 1,800 staff members and a diverse range of devices, across both university-owned and bring your own device (BYOD), the University of Stirling needed to enhance its security infrastructure and activity monitoring. While its IT Team consists of 30+ full-time members of staff, they are spread across a multitude of disciplines, from product development to operations and desktop management.
At the time of engaging with Phoenix, the university had only one person dedicated to security full-time, who would often be overwhelmed by the sheer volume of security alerts being generated by the existing SIEM platform. The team has now increased significantly, however they faced several other challenges at the time:
- Lack of proactive security measures: the incumbent security solution was mostly reactive, leaving the university vulnerable to potential threats
- Insufficient skillset: With the SIEM being so cutting-edge, the internal team did not have the expertise or capacity needed to maximise the effectiveness of the previous security service at that time
- Persistent security alerts: the high volume of alerts generated by the existing SIEM solution overwhelmed the university’s small Security Team. Many alerts were triggered by benign activities, such as students logging in from unusual locations or using a VPN, leading to numerous unresolved alerts. This made it challenging to distinguish genuine threats from harmless activities, posing a constant risk to the university’s security
- Longstanding issues left unresolved: specific security issues had remained unresolved for extended periods, undermining the university’s IT Teams’ confidence in their current SEIM security infrastructure
Solution
The University of Stirling needed a trusted security partner that could offer a comprehensive, proactive security monitoring service. It also needed a partner that could be authorised to undertake specific remedial action against security threats on the university’s behalf to further lighten the load of its IT Team.
The University of Stirling turned to Phoenix Software, which was already a long-standing partner of theirs for Microsoft licensing and services, and an Azure migration project. Phoenix proposed the implementation of its Phoenix Protect managed service, which consisted of the following solutions:
Conclusion
The University of Stirling’s collaboration with Phoenix has significantly enhanced its cyber security capabilities. By implementing Microsoft Sentinel SIEM and leveraging Phoenix’s managed service, the university transitioned from a reactive to a proactive security posture.
This partnership has not only resolved long-standing security issues but also provided the university with the expertise and confidence needed to protect its digital assets, staff, and students effectively.