Overview

On the beautiful Niagara Peninsula in St. Catharines, Ontario, Brock University is the only Canadian university that is part of a UNESCO Biosphere Reserve. With a student population of over 17,000, Brock turns out smart, successful graduates that enjoy one of the highest employment rates in the country—96.5 percent. Brock U offers a wide array of undergraduate, graduate and interdisciplinary degree programs.

Brock found that its mainframe, proprietary database was no longer capable of supporting the University’s online programs and corresponding web based applications. To ensure that IT systems kept pace with its stellar academic reputation and could adapt more easily to future requirements, Brock moved to a SQL Server database environment and .Net-based web application development.

Brock was determined to protect itself from the major data breaches that have been reported by so many educational institutions in recent memory. Let the hackers get smarter, Brock would pre-empt their plans. After testing competing security products, Brock concluded that the best way to prevent a hijack of its applications and data was to implement Imperva’s SecureSphere Gateway. SecureSphere was the only solution that could protect Brock’s front end web applications and also secure data all the way through to their backend databases—while handling custom developed applications with no impact on performance or requiring special scripting.

“Essentially, we can test the applications on a span port and drop them live without great effort, “said Roger Herman, DBA at Brock University. “The dynamic Profiling capabilities of SecureSphere automatically detect who is doing what and makes sure that what they are doing is not unauthorized. Suspicious activities flagged and my team alerted. Best of all, SecureSphere ensures that we aren’t bothered by false positives.”

Business Problem

Brock wanted to update its IT infrastructure in order to accommodate the growing number of online applications necessary to maintain its academic leadership, better handle administration, registrations, and to provide an improved online collaboration environment for students, faculty, and staff. To do this, the University planned to move from its proprietary mainframe database to a Microsoft SQL Server environment that would support a wide array of homegrown, web based front end applications. These applications included student self-service application (registration, course selection, etc.), administration, finance, and business applications. Nearly all of the applications are custom developed by the University. Since many of the applications undergo routine revisions, Brock was concerned not only about the protection of the initial applications, but also about protecting its database against new vulnerabilities that could be introduced over time. Brock also wanted to shorten application development cycles while implementing safe coding practices. In addition, the University understood that the combination of its custom web applications, thousands of users, and database conversion project was going to present a significant number of opportunities for insider threats and external attacks.

Given the magnitude of the conversion project and its limited IT resources, Brock wanted a solution that was easy to implement and didn’t require a lot of manual tuning. Security and automation were both key factors in the selection criteria.

Technology Requirements

SecureSphere provided database security throughout the University’s transition period from its proprietary database to Microsoft SQL Server. It was placed in sniffing mode for two months, and when Brock went live with the new Windows environment, SecureSphere was put into production in blocking mode. A redundant, fail over SecureSphere unit is on a span port in the lab to monitor database activity for security violations and identify web application vulnerabilities prior to production. “The SecureSphere lab unit helps us assess how an application will perform in production, and continually proves its value above and beyond our expectations by pointing out coding vulnerabilities before we place applications into production,” said Roger Herman.

The implementation of SecureSphere was straightforward. Brock’s IT department was especiaelly impressed with the dynamic profiling capabilities which were esay to se- up and worked exactly as promised without any human intervention and monitoring. Although SecureSphere provides comprehensive application and database protection, it does not require constant tuning and management. As a result, SecureSphere has not created additional work for Brock’s IT staff or impacted the IT infrastructure.

“SecureSphere was easy to set up and has been a tremendous help to us as we prepare and launch web based applications,” said Roger Herman. “Whenever we needed assistance, Imperva’s support team was excellent.”

The Intelligent Choice for Brock University

Using SecureSphere, Brock was able to maintain a safe and smooth conversion from its proprietary mainframe database to Microsoft SQL Server. By relying on SecureSphere’s combination of Web Application Firewall protection and database activity monitoring, Brock is able to continually modify existing and deploy new web applications without being concerned about introducing security vulnerabilities. In addition, SecureSphere helps Brock test applications in the lab prior to placing them in production. SecureSphere performs a valuable step in the Quality Assurance process by locating coding errors that violate security best practices and could introduce vulnerabilities.

SecureSphere’s Dynamic Profiling ensures that the thousands of of university users are only allowed to perform authorized actions, and that sensitive data is protected from inside and outside attacks. Meanwhile, SecureSphere’s ability to monitor and block suspicious database activity protects against data leakage. Since being deployed, SecureSphere has detected and alerted Brock’s IT staff to the fact that a significant flow of outbound traffic was leaving its network. This allowed the University to take preventive measures against a situation they were unaware of and which could have led to a damaging and public security breach. For Brock, SecureSphere receives an “A” for its ability to monitor application and database activity and block suspicious events without manual intervention. “Since our applications are all developed in-house we know the risk of undiscovered vulnerabilities is higher”, said Roger Herman. “SecureSphere gives us peace of mind and confidence.”