Case Studies

2020_q4_cs_texas_A_M (1)

Issue link: https://learn-umbrella.cisco.com/i/1270493

Contents of this Issue

Navigation

Page 2 of 3

Case study Cisco © 2020 Cisco and/or its affiliates. All rights reserved. The solution Secure internet access anywhere and everywhere According to Texas A&M University System CISO, Danny Miller, "Attackers were setting up new sites for just a day or two and luring our users to them to distribute malware. With Cisco Umbrella's ability to block malicious and newly seen domains, we could say, 'If that site's less than X days old, we're not going to allow connections to it." After exploring several options, the A&M System chose to deploy Cisco Umbrella, a cloud-delivered security service and Duo. "The ease of use and fast time to value with Umbrella is terrific. We rolled it out to our networks in five minutes," explains Basile. Miller added, "It was really unbelievable how easy Umbrella was to deploy and how effective it was immediately." The A&M System gained a first line of defense against threats since they can block requests from malicious domains and IPs before a connection is made. "After the first month of using Cisco Umbrella, the number of malware blocks was in the millions," says Basile. "Our information security officers said, 'We've seen an enormous drop in the amount of successful malware and we see even fewer phishing attempts for email too." Cisco Duo delivers a trusted access solution to safeguard different risk profiles, including remote users. It provides strong user authentication and better visibility to ensure access to applications and data is not compromised. With "Since we rolled out Duo, we see a lot fewer attacks coming in over our VPN or going to the HR systems." Dan Basile Executive Director for Texas A&M University System Statewide Cybersecurity Services multi-factor authentication at its core, Duo added a critical level of security by verifying the identity of all users before granting access to remote applications and resources. "Duo was really the best solution for us. It had a lot of native integrations with other tool sets, and it was quick enough where it can just be a push to your phone. Since we rolled out Duo, we see a lot fewer attacks coming in over our VPN or going to the HR systems," reports Basile. "At times, people would get a password and log in to our HR system hours before payday, change the routing number and have that paycheck routed into another location. Cisco Duo stops a significant number of those activities." Using the threat intelligence and context available through the Cisco Umbrella Investigate console offers the security team another invaluable tool. "We use Umbrella Investigate as a single stop to be able to dig deep on DNS investigations," explains Basile. "We're taking the information coming out of Cisco Investigate and using it as a resource to correlate against our other threat intelligence sources. The depth of information in Investigate makes it much easier for us to tell if we are looking at a legitimate traffic, a bad actor, or just a misconfiguration." The A&M System was also able to quickly enable protection for its remote workers. "The Umbrella roaming client is great because it protects that user and asset no matter where they are. You have the same policy set being pushed down to it and the same DNS protection no matter where it lives," says Basile.

Articles in this issue

view archives of Case Studies - 2020_q4_cs_texas_A_M (1)