Overview
Spalding University is a private, liberal arts college based in downtown Louisville, Kentucky. Founded in 1814, Spalding’s mission is to provide relevant, quality education with an emphasis on service to its diverse student body.
Download Case Study Booklet
Challenge
Spalding’s small IT team oversees all facets of the university’s network that supports the school’s administration, faculty, and student body. Recognizing the importance of security, the team had a managed firewall service in place, but when privacy and compliance requirements in the industry became more complex, the team realized they would need to make some changes.
The Departments of Education and Commerce had recently updated regulations to require colleges and universities to comply with the Gramm-Leach-Bliley Act (GLBA), which was originally enacted to require financial institutions to protect customer privacy and safeguard sensitive data. Compliance to GLBA was required by July 1, 2023.
After vetting multiple managed services and solutions companies, Spalding selected Ntirety to help them strengthen its security posture and achieve regulatory compliance.
Solution
Spalding University needed enhanced security services beyond managed firewalls. Next-generation firewalls, endpoint protection, and log ingestion with 24x7x365 monitoring provide a stronger and more proactive posture than firewalls alone. Log ingestion from firewalls and devices coupled with monitoring gives a more granular level of visibility to network activity. Managed Detection and Response (MDR) alerts inform the team of network anomalies within minutes enabling staff to respond to potential threats efficiently.
Another part of Spalding’s security solution was an employee cybersecurity education program, which is a requirement of GLBA. Spalding implemented monthly training for employees that includes Ntirety’s Email Security and Phishing Awareness training.
“Employees are trained to report suspicious emails, and we also have a library of cybersecurity training across a whole range of topics for our employees to view. This is a piece of the puzzle that we were looking for that other providers didn’t have,” says Ezra Krumhansl, CIO at Spalding University.
Tyler Hunter, Network Administrator at Spalding University, worked on the firewall installation. “We had a weekly call going through the whole implementation, so it was very easy to get in touch with the team we were working with.”
The new system provided more detailed and actionable alerts, improving the university’s ability to monitor and respond to potential threats efficiently. “We get more granular types of alerts. Sometimes there are false positives, but they’re good to help us know what behavior’s going on. For example, if we see a bunch of files get copied from a server to another server, we’ll get an alert on that. We can see who is exporting data and to where. The actions have been legitimate, but we would know quickly if it were a breach. We know the system’s monitoring those kinds of things.
Another is failed login attempts on devices, which we weren’t getting before. And with the endpoint protection, if there’s something suspicious on a device, we’re getting more detail. Previously we would get really technical signature descriptions and just IP addresses. So, we still needed to do some detective work with our old intrusion detection system. Now, we get a better alert that describes what the threat might be, and we know which device by its name, not just the IP address,” states Hunter.
Results
The transition to Ntirety has been a positive experience for the Spalding team in many ways. The monitoring technologies enable better visibility and time savings, while the bundled components of the security solution enable Spalding to meet compliance, reduce risk, and realize a costs savings.
Better visibility of network activity
Alerts that are personalized with device names rather than IP address has enabled faster determinations of the alerts.
Time savings with more granular alerts
With more granular reporting on the alerts, the extra “detective work” the team was doing to know which device the alert was referring to, went away, letting them reclaim time for more mission critical activities.
Meeting compliance regulations
Krumhansl values the specialized services the Ntirety offers, especially when it comes to meeting GLBA compliance requirements.
“We’re generalists. We each do a lot of different tasks and don’t have somebody who’s primary or only responsibility is security. So that’s why it’s good to have a solution like this where it’s basically like a virtual SOC [Security Operations Center]. That’s what we were looking for instead of trying to build our own with the limited resources that we have. Also, there is the reduction of risk in having a third party that has best practices and more experience. We would recommend Ntirety to other universities who are trying to deal with this new complex regulatory environment.”
Top-Notch support
Ntirety offers a user-friendly portal for submitting and managing tickets and requests. This is a significant improvement over Spalding’s previous provider.
Ntirety is a leader in comprehensive managed services, partnering with organizations to modernize and secure today’s complex IT environment. Ntirety’s solutions span cloud infrastructure, cybersecurity, data, and compliance, connecting mission-critical data across highly secure, available, and resilient environments. For over 25 years, Ntirety has empowered organizations to reduce risk, increase agility, and optimize IT spend by combining full-stack technical expertise with practical, strategic guidance and a commitment to achieving desired business outcomes. Learn how Ntirety sets the standard for IT modernization at Ntirety.com.
Schedule a consultation to see how Ntirety can reduce risk, improve business agility, and optimize IT for your business by visiting ntirety.com/get-started today.
