Long gone are the days when institutional data sits within a single, secure perimeter. Sensitive information now resides on multiple mobile endpoints handled by users who are constantly making changes to them. As more and more higher education institutions adopt 1:1 device programs, the challenge of securing that data only amplifies.
Wichita State University (WSU), a public university in Wichita, Kansas that serves about 15,000 students, has experienced a mounting challenge managing their IT infrastructure and keeping the university’s device population secure. The growing number of staff, professors and students who travel with school-owned laptops off campus only increases the risk.
WSU’s IT team manages thousands of university-owned laptops, on top of numerous desktops and servers across campus. For those laptops being taken off campus, IT had been lacking visibility into where those devices would go after they left the network perimeter. At times, these devices had even gone missing and the team lacked the appropriate tools to find them or wipe the proprietary data that was stored on their endpoints.
The catalyst for change came when a state security audit revealed that WSU was not meeting certain security and compliance requirements. The IT team realized that they would need to implement additional data security measures, including the ability to track school-owned devices. In addition, they would have to be able to demonstrate that the university was meeting and maintaining compliance standards with the Office of Civil Rights, Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA) and Payment Card Industry Data Security Standard (PCI DSS) standards.
On top of finding a solution to meet their data security, compliance and asset management requirements, WSU’s IT team needed a tool that would create additional efficiencies for their own team, considering the size of their network, device population and security program.
Continuous Visibility and Control
After a short search for a solution, the WSU IT team brought in Absolute. By activating Absolute on thousands of its devices that were off-campus, WSU’s IT team now has visibility into their endpoints traveling outside of the boundaries of the network. Absolute’s patented Persistence technology also ensures the ability to self-heal should a user tamper with the security on the device.
The WSU IT staff is also using Absolute to deploy and confirm full disk encryption, and now has the ability to track and lock devices, or freeze and wipe the data. The ability to manage and secure the endpoint population has also helped WSU gain and maintain ongoing compliance with HIPAA, PCI-DSS, FERPA and other state requirements.
Using Absolute, WSU can now:
- Track and manage assets. The IT team has visibility and control into devices that are both on and off the network.
- Secure endpoints and enhance data security. WSU can remotely confirm active encryption and endpoint security controls.
- Meet and maintain compliance. They can now discover sensitive data (PHI and PCI) on their endpoints, and automate the response to delete the data at risk or freeze or contain the device.
“We’ve had success with detecting laptops that have ‘walked off’ of campus, and using Absolute to detect those cases, we were then able to remediate [those potential security threats],” said Matt Seiwert, Information Security Analyst at Wichita State University.