With its digital-first strategy, the university’s IT team mapped a five-year journey to move safely and securely to the cloud. The university took an analytical approach and an evolving strategy to secure the environment by 2021. “In order to make this transition successful and secure, we need a modern solution that can support the university’s evolving business needs.” said Andrew Spenceley, the university's cyber security architect.
Finding a security solution that can support the university’s vision and would work with such a diverse user population was a challenge. The University of Sunderland needed a solution that assured users are who they say they are while still being incredibly easy to use for all members of the university community, regardless of how they work and their level of technical knowledge.
After investigating and trying various solutions, such as RSA, OKTA and Symantec, the university IT team determined it needed a security solution that is not only simpler and more straightforward for the users, but can also help the university achieve its vision of a zero-trust security model.
People and Technology
People and technology are the two main drivers for the University of Sunderland selecting Duo. First, from the technology perspective, the team required a solution that could fit within its defence-in-depth model. Second, since humans are often the weakest link in the security chain, they needed a solution that could help users securely verify who they are.
Deploying Duo at the University of Sunderland
One of Duo’s key benefits for the University of Sunderland was how it protected initial entry into the network by putting Duo in front of critical systems. The university educated its end users on the benefits of Duo and encouraged faculty, staff and students to use Duo for corporate accounts.
High Impact, Less Overhead
Duo has allowed the university to reduce the impact of cyber-attacks, such as phishing, by having an additional layer of security and control to provide assurances to the business and also to their users. Users like how easy Duo is to use. “Today, we have more than 85 percent of users using Duo Push to authenticate, and we want it to be 100 percent - the de-facto standard should be Duo Push,” said Spenceley.
For the first step towards a cloud-first strategy the university implemented Duo single sign-on (SSO) for key cloud applications. “Within the span of eight months we realized massive benefits. We observed a significant increase in productivity not only for users, but also for staff and faculty. Happy end users mean fewer help desks tickets and complaints to IT teams who already have enough on their plates when it comes to managing information security,” added Spenceley.
Integration is Key
With the cloud-first strategy, the university realized that its cloud portfolio will be quite diverse with technologies from various vendors. Duo's cloud-based solution meant the University of Sunderland only needed to add a few lines of Duo-provided code to their existing servers and web applications to integrate Duo into their login flows. Spenceley stated that using Duo’s zero-trust platform would ensure that their sensitive information and data is secure.
“Duo has demonstrated itself to be flexible and works with many of our diverse technologies,” he said. “The technical team found Duo to be one of the best companies we have worked with so far. The speed and ease with which we deployed the solution was particularly impressive. From project deployment to support calls being resolved in a few hours to helping us define our cyber security strategy – Duo’s support team has stepped up and helped us with every phase of the project. It is the professionalism of the team, attitude, commitment and desire to help and support our team through our journey makes Duo the best partner in our journey.”