Fernando Thompson

• Trend Micro Deep Discovery Delivers Visibility and Intelligence to Stop Targeted Attacks

The Universidad de las Américas (University of the Americas) Puebla (UDLAP) was established as Mexico City College in the nation’s capital, Mexico City, in 1940. Considered one of the most prestigious universities in Latin America, UDLAP was ranked the best private and single campus university in Puebla. It is one of only seven universities accredited by the Southern Association of Colleges and Schools.

Today, UDLAP runs 53 undergraduate programs, more than a dozen master’s degree programs, and four PhD programs. UDLAP’s IT department supports approximately 10,000 users, including student and faculty.

Challenges

Maintaining security for its 10,000 students and faculty members presents a huge challenge for UDLAP. The university estimates that each user has approximately 3.8 devices that they use to connect to the UDLAP network. “Thousands of student and faculty devices are connected to the UDLAP Wi-Fi network, and each device is a potential threat to the university’s security,” said Fernando Thompson de la Rosa, Chief Information Officer (CIO), at UDLAP.

One of the biggest challenges for Thompson and his IT team is protecting the integrity of the university’s brand. For example, the university can be exposed when students use the school network to send emails to friends and family globally. “The university’s IP address carries a great deal of prestige and can be used by malware threats in ways that can damage our reputation. We do everything we can to keep our IP address protected,” said Thompson de la Rosa.

Phishing attacks also present a serious problem for Thompson de la Rosa and his team. In many cases these attacks use email, instant messaging or Skype and focus on identity theft of the students. “As a university, these services are valuable and easily accessible to teachers and students. We can’t simply close them down, but we can make them safe,” said Thompson de la Rosa.

Piracy offers a challenge that is particularly prevalent in Mexico and Latin America. “As many as 90% of users buy pirated music CDs, DVDs, and software. At the same time, cartels place malware in pirated products, and users are unaware that their devices are compromised,” said Thompson de la Rosa. “As a result of these security challenges, we received more than 200,000 attacks one summer.”

To keep its systems and users protected, UDLAP needed more visibility into all of its assets and activity on the network. They also needed the ability to categorize and secure them, independent of the operating system. “Ten years ago, I had full control of our network, and all of the computers belonged to the university,” said Thompson de la Rosa. “Today, 90% of the devices that connect to our network belong to students and faculty members. Applying security controls to all the devices can be a real headache.”

Why Trend Micro

As the CIO of a high-profile university with a very diverse student base, Thompson has many priorities, ranging from business intelligence and cloud computing to virtualization projects. “Out of all my priorities, security has always been my top priority,” said Thompson de la Rosa. When the search began for a security solution, UDLAP contacted OCM-IT Management Solutions, a hardware, software and technology services provider based in Mexico.

OCM-IT is a Trend Micro Platinum Partner specializing in security for virtualized environments, and they recommended the Trend Micro™ Deep Discovery™ solution. “When we started looking for a solution we wanted to choose the very best security provider. Along with OCM-IT, Trend Micro definitely offered the best solution,” said Thompson de la Rosa.

The results of a Trend Micro Deep Discovery proof of concept (PoC) of the UDLAP community’s security sealed the deal. The test included not only computers and devices, but how threats on these devices could impact the school’s networks. “When I saw the results of the PoC, it was like an earthquake. With Deep Discovery we found many endpoints, assets and network segments that were being compromised. I was sold,” said Thompson de la Rosa.

Solution

The Trend Micro Deep Discovery solution helped to immediately identify and categorize high risk and compromised assets. “Deep Discovery was able to rapidly find and catalog all of our network assets, which would have been very time-consuming and difficult for our team to accomplish,” said Thompson de la Rosa.

Trend Micro Deep Discovery offers unique threat detection technologies that discovers attacks on the university’s network. With 360-degree network wide detection, Deep Discovery identifies targeted attacks and advanced threats on all network traffic and ports through over 100 protocols—including devices owned by students and faculty.

Once these attacks were discovered, the solution’s dedicated protection blocked threats that cyber criminals used to initiate targeted attacks. “Trend Micro Deep Discovery provides the visibility we need to see the scope of these attacks, and, how attackers are trying to exploit our network,” said Thompson de la Rosa. “Without this visibility, it would be very difficult to keep our IT environment and intellectual property protected”.

Trend Micro Deep Discovery’s purpose built detection technologies also helped UDLAP address the music, video, and software piracy issue by identifying malware, command and control communication, and other activities signaling an attempted attack. To identify these threats, the Trend Micro™ Smart Protection Network™ infrastructure, which supports the Deep Discovery solution, collects global threat intelligence sensors to continually update email, web, and file reputation databases in the cloud. Using information from the Trend Micro Smart Protection Network, Deep Discovery identified and blocked threats in real time before they reached the school’s network.

Results
With Deep Discovery, UDLAP has realized significant benefits. “In addition to detecting previously unknown attacks, we are able to categorize the attack in terms of risk of assets throughout the network. Deep Discovery helps us regain control of our IT environment and provided the university with a foundation for a powerful security framework,” said Thompson de la Rosa.

The solution significantly reduced targeted attacks and the potential for identity theft. “I receive proactive security reports every 15 days and we’ve experienced a 60% reduction in targeted attack incidences since deploying Deep Discovery,” said Thompson de la Rosa. “If attackers can’t get into our network, they can’t steal information or identities.”

With Trend Micro Deep Discovery protecting their IT environment, UDLAP has gained full visibility into their network. “We now we have a solution that offers the visibility into our network.” Said Thompson de la Rosa.

What’s Next?
UDLAP realizes there is no shortage of security challenges for institutions of higher education, so they value Trend Micro as an ongoing partner and a member of the strategy team. “We have taken the next step in protecting our users with Deep Discovery. The threat landscape continues to change and we expect our relationship with Trend Micro to evolve with us,” said Thompson de la Rosa.

For More Information

For more information, please contact http://www.trendmicro.com.