Deakin University has undertaken a series of 17 initiatives including the rollout of a new operating system and creation of a virtual private network as part of its Deakin Shield strategy.
The enterprise-wide program was designed to enhance every aspect of Deakin’s cyber security, from technology to people and processes, after several internal reviews found a significant number of risks.
Earlier tranches of the Shield project involved rolling out Windows 10 ‘Deakin Shield Edition’ to all workstations and compliance with the Australian Signals Directorate’s ‘Top 4’ cyber strategies.
While part of the recent work has consisted of deploying newer, more secure web apps and systems, the Shield strategy has also integrated cyber safety into day-to-day workflows to make sure staff and students know what to do in the event of a security incident.
One of the most successful initiatives has been the introduction of multi-factor authentication to all staff, greatly reducing the risk of inadvertently compromising their user credentials.
It operates on a bespoke setup of DUO Security, which integrates with staff accounts on managed services and can be downloaded on any device, even smartwatches.
The team also integrated a streamlined ‘Phish Alert’ button into Outlook for stakeholders to easily report suspicious messages, speeding up the university’s response to attacks.
Deakin’s efforts in cyber awareness and reducing the taboo of cyber incidents in non-technical circles has paid off - after 1330 staff failed the university’s first authorised phishing simulation test, that number has since dropped to just one percent of the 11,553 fake phishing emails being clicked on.
Aside from protecting users' privacy and the university's sensitive information, the Shield program is important in protecting the institution's reputation in the wake of a number of high-profile data breaches in the higher education sector in recent months.
This project is a finalist in the Resilience category of the iTnews Benchmark Awards 2020.