Protecting a university’s network against both hackers and a student workforce.

Posted in: Resources » Case Study


A university approached Assura with a need to meet all the necessary regulatory requirements, including Commonwealth of Virginia cybersecurity standards, PCI DSS, FERPA, and HIPAA. 

In addition, they had a unique challenge that most other organizations don’t have. Because they employ students to help run various aspects of the school, they also needed a way to ensure these work-study employees didn’t accidentally put the university’s data at risk. 


With Assura’s expertise in the education industry, we’ve helped many colleges and universities meet the necessary regulatory requirements over the years. For this situation, we started with a top-to-bottom security technical architecture review. Then we developed a multilayered security solution to meet their needs.

When addressing the vulnerabilities that came along with a student workforce, they needed a real-world solution. Having a separate network for students and another for college employees didn’t make any sense. Delivering one secure network for them was our goal. 

We first examined the unified design of the university’s security architecture. Their mesh network, which included both students and employees, needed to be monitored and secured. We integrated firewalls and a Network Intrusion Detection System (NIDS) into their infrastructure. Once that framework was in place and capable of delivering the level of protection needed, we implemented the following services: 

Managed Detection and Response (MDR)

Assura assisted the university in determining its specific needs for endpoint protection. Over two thousand workstations equipped with various operating systems and versions needed protection. In addition to those endpoints, hundreds of Windows and Linux servers also needed to be secured. Assura then developed a roll-out plan to test the integration of our MDR with their existing software stack and operating systems versions. 

The university did have an existing endpoint protection software program in place, so we performed an in-place replacement to avoid any gaps in security. Once we made the switch, our MDR immediately discovered the presence of over 200 threats of varying severity in their environment. These were missed or not mitigated by their previous endpoint security program. So the new higher level of protection was apparent instantly. 

With Assura’s MDR now in place, we now monitor for all known and novel threats 24/7, using both AI and static detection capabilities. We’re able to respond quickly to kill or quarantine any threats detected. The ability to disconnect systems remotely and remove threats from the network is a powerful tool. In addition, we’re able to take remediation steps such as deleting affected files and reversing system changes caused by malware. We can also take attack restoration measures by recovering deleted, encrypted, or altered files if necessary.

Security Monitoring and Response

We added Security Monitoring and Response to their network through our Security Information and Event Management (SIEM) service. This powerful safeguard allowed Assura to be both watchdog and first responder against cyber threats 24/7/365. Our SIEM has sensors at all university campuses and can correlate events from multiple data sources. In addition to monitoring their network devices and servers, we assist in monitoring their Office 365 environment and MDR events. Our SIEM also aids with audits through vulnerability scanning and other necessary information to comply with applicable regulatory requirements.


With Assura’s solution in place, the university now meets all regulatory requirements. It can continue operations with the confidence that all endpoints are secure and watched closely by our Security Operations (SOC). Students can continue their work-study without the risk that any threats would go undetected.  

Big picture: 

Educational institutions, in general, tend to be low on resources, especially when it comes to cybersecurity. It’s essential to partner with a security expert who knows the industry inside and out so that every investment made delivers the value it needs many times over.