Case Study 

Proactive protection and prevention against cyber attacks

University of Winchester uses Jisc’s vulnerability assessment and information service to identify, prioritise and fix vulnerabilities across it’s entire IT infrastructure. 

The Challenge

In today’s IT security environment, institutions know that risk assessment is a vital step on the road to risk reduction. When Sean Ashford, network and systems manager at the University of Winchester, conducted a detailed assessment of the Universities IT infrastructure, it was identified that a more pro-active and automated approach was needed to assess and manage vulnerabilities across the large network.

How else would Sean’s team identify, manage and patch all 150+ servers manually, without consuming all of their time.

The Solution

In May 2016, Ashford attended a presentation given by KHIPU Networks, who provide the Jisc framework for vulnerability assessment and information services. The service automates the process of vulnerability scanning and provides reporting to help institutions prioritise and act on areas of risk.

The University of Winchester procured the service via the Jisc framework – allowing Ashford to check his institution’s IT assets against an extensive list of potential security vulnerabilities.

The Result

The benefits are broad and stretch across staff, students and of course, the Universities reputation. These include:

  • Reduced IT security risk: One of the main benefits of the service, is that it reduces the University of Winchester’s overall vulnerability to a breach” giving Sean and his team greater peace of mind”
  • Granular reporting and risk prioritisation: The system not only reports on all vulnerabilities, it classifies them by potential severity and by server (host).  And best of all, it’s of practical use: “The report doesn’t only tell you what’s wrong; it also tells you how to remedy it”.
  • Cyber Essentials: The vulnerability service and reporting helped the University gain its cyber essentials certification, something which Ashford is very pleased about.

  • Purchasing and Procurement Efficiencies: Buying the system through Jisc’s purchasing framework allowed the University to procure and implement the service quickly, without delaying the start of its risk assessment and reduction process. Hence saving the University valuable time that it would otherwise have spent procuring from potential providers.
  • Sean Ashford

    “It would take at least a year for one person to look at patching levels on each server and do a risk assessment on each one. Previously we’ve had external companies do vulnerability reports – but in nowhere near the amount of detail and without explanations on how to fix issues. The Jisc service looks at every element of your infrastructure and identifies anything that’s remotely vulnerable. We found the Jisc framework easy to use, and completely compatible with the university’s financial rules and regulations – which sped up procurement of the service”

Register your interest

  • UK: +44(0)345 272 0900
  • SA: +27 (041) 393 7608
  • Or complete the below form

UK Public Sector Purchasing Frameworks

The below Jisc frameworks are available via a direct award to KHIPU:

  • Vulnerability Assessment and Information Service – read more
  • Simulated Phishing and Associated Awareness – read more

Zero Vulnerability Infrastructure

Read more about our cyber risk assessment services that address key areas of your environment for maximum protection and prevention against cyber attacks. Free scan available!

Cyber Security Documentary

Watch the  Jisc cyber security documentary with National Cyber Security Centre (NCSC)Redacted Firm – Understand your potential weaknesses to cyber attacks!

Weekly 15-minute webinars – Free Scan!

Join our webinars to learn more about our cyber risk assessment and services, and claim your FREE vulnerability scan!

Register Your Interest

I agree to receive communication on newsletters, promotional content, offers and events.
Your information is confidential, KHIPU never sells or shares contact information.

*required field