Middlesex University

Enhancing cyber security and endpoint management

Founded in 1973, Middlesex University has grown to become a globally recognised university with a wide range of undergraduate and postgraduate courses. The university’s IT team of 56 professionals is responsible for managing the IT infrastructure across multiple offices and campuses for its 30,000+ students and 4,000+ faculty staff, of which 1,800 work part-time.

Cyber Essentials as the starting point, not the end

Middlesex University faced several challenges. Firstly, as a higher education institution in the UK, it is strongly encouraged to obtain Cyber Essentials certification, a scheme that helps organisations protect themselves against cyber security threats. Secondly, the university observed a significant number of personal devices being used by its part-time and permanent staff, posing a significant security risk, and making Cyber Essentials compliance more complex. The need to secure personal devices and enforce compliance emerged as a critical challenge, driving the demand for an efficient endpoint management solution.

To obtain Cyber Essentials certification, institutions must meet a number of requirements for various aspects of their IT configuration, including firewalls, access control measures, user authentication (including multi-factor authentication), malware protection and patch management. In 2021 the Cyber Essentials standard was strengthened to include secure configuration for mobile devices and in particular BYOD (Bring Your Own Device).

With over 1,800 of its staff working part-time on their own devices, BYOD was a significant risk for the university; something which Paula Vickers, Director of Computing & Communications Systems Service (CCSS), was particularly keen to get on top of. She was keen to ensure the university’s security posture met the standards required by Cyber Essentials.

Key facts

30,000 students

4,000 staff, of which, 1,800 are fractional/ part-time

56 IT professionals

Over 1,800 BYOD devices used by external staff (consisting of windows, Mac, iOS and Android)

Over 2,200 devices provided and managed by the IT team (1,800+ Windows, 302 Mac and 123 iOS devices)

“For us, Cyber Essentials was only the starting point of our security journey, not the end. We had seen the growing frequency and effectiveness of attacks made against other universities. This was more than a compliance exercise for us. We wanted to bolster our position to be as secure as possible to reduce the likelihood of an attack succeeding.”

Paula Vickers, Director of CCSS, Middlesex University

Solution

In 2021 Middlesex University was looking for a partner to provide third line IT support. With Phoenix having been awarded Microsoft Partner of the Year 2021 in education, it was on the university’s radar. After speaking with a number of providers, Middlesex University signed up to Phoenix’s Platinum Reactive and Bronze Proactive Support contracts in June 2021.

With support in place, the conversation soon moved onto cyber security, particularly when it came to Bring Your Own Device (BYOD) and expanding on Cyber Essentials certification. After some initial scoping calls, Phoenix Software proposed Microsoft Intune as the most effective Mobile Device Management (MDM) solution for the university. Intune offered centralised device management, ensuring compliance with Cyber Essentials requirements and enabling effective security measures across the network. The solution encompassed a proof-of-concept (PoC) phase, workshops, and the subsequent deployment of Intune.

The PoC phase, conducted in February 2022, involved a series of workshops to assess the university’s requirements and design a high-level solution. The workshops covered Modern Windows Management, Microsoft 365 Security Workshop, Information and Protection and, an overview of Microsoft Intune.

The workshops were followed by a 35-day engagement with our MDM experts to deploy and implement Intune across all devices within the university. Challenges addressed during the implementation included integrating Intune with the university’s existing tools like Jamf & Cisco ISE; and managing compliance for the personal devices used by fractional staff.

“The biggest challenge was getting these people to go through the process of registering their devices on the university’s portal when they only engage with us on occasional basis and often don’t read the emails we send them. We therefore asked university staff to help with communications. We also chose to move everyone to Intune during a single week so that we could prioritise support in a condensed timeframe.”

Paula Vickers, Director of CCSS, Middlesex University

Benefits

By implementing Microsoft Intune, we provided an effective solution to consolidate device management, enforce compliance, and enhance overall security beyond the standards expected by Cyber Essentials for the university. Middlesex University experienced numerous benefits following the implementation of the Intune solution including:

Cyber Essentials certification:

signifying their commitment to data security and compliance

Significant reduction in high-risk devices:

Intune profiled over 1,800 BYOD devices and found that the majority of BYOD devices were running out of date OSs. The number of high-risk devices was quickly reduced from 1,800 to just 35

User education and knowledge transfer:

the process of deploying MDM and enforcing MFA provided an opportunity to educate users on security best practice, while the workshops proved to be an invaluable knowledge transfer exercise for the university’s IT staff

Device management in one place:

with Microsoft Intune, the university can manage all of their devices and BYOD in one place, including Windows, Mac, iOS and Android

Demonstrating best practice to their peers:

Paula’s team were invited to present their story to approximately 500 of their peers at an educational sector webinar run by the UCISA (Universities and Colleges Information Systems Association), the membership organisation that supports IT professionals working in the higher education sector

Leverage BYOD benefits without raising security risks:

the university’s 1,800 part-time users are often self-employed and/or work with multiple clients, so they are much happier being able to use their own devices. At the same time, by not having to provide new devices to this many users the university benefits from significant operational cost savings

Catering for exceptions:

the university was able to provide a better user experience for those staff who already met Cyber Essentials requirements elsewhere by refining Conditional Access requirements for these colleagues

Through its partnership with Phoenix Software and the adoption of Microsoft Intune, Middlesex University successfully addressed their cyber security challenges and improved endpoint management, while allowing its staff to continue to enjoy using their own devices.

“When we started on this Cyber Essentials journey, we recognised that we needed to integrate our systems with a single authentication service to simplify our implementation of MFA. We therefore chose to deploy Microsoft Intune to simplify user authentication with our existing deployment of Microsoft Entra ID. Prior to deploying Entra ID we couldn’t see if a password was compromised, if software was out-of-date, OS out-of-date etc. Ultimately, we had no oversight as to which logins or devices were risky to us. Entra ID and Intune changed all that.”

Paula Vickers, Director of CCSS, Middlesex University

Talk to a specialist today

Alternatively, email us at [email protected] or call 01904 562200 and one of our specialists will be in touch to discuss your requirements.