It should come as no surprise that as technology continues to advance (and at an exponential rate), so does the advanced threats that are working to undermine your network security and compromise sensitive data or user credentials. CIOs and other IT staff are becoming overwhelmed by data. While constantly being asked to cut operational and capital expenditures, they are still required to secure the ever-growing data footprint at their institution and simultaneously maintain a nimble, effective infrastructure. To further complicate things, there are countless endpoint security solutions on the market to try and wade through. Many of whom claim to offer next-generation protection against the sophisticated threats of today’s technology age.
Today I would like to focus on a recent experience I had with Rochester College and how we developed a strategy for evaluating a few different endpoint security options to ensure that we not only found a solution that fit their budget today, but also implemented a solution that would scale into the needs of tomorrow with the ever-changing landscape of threats.
Darren Shahinian
Higher Education Account Executive
Rochester College is a four-year, liberal arts college located in Rochester Hills, Michigan. The institution offers 43 Majors and Programs of Study to 1,172 current students that represent 19 states and 10 different nations.
The Background
In the Spring of 2018, Rochester College was working through internal cyber security/prevention discussions to adjust their security posture, and wanted to explore new endpoint security options that would not only catch the “big fish” out there but also ensure that the smaller threats did not develop into time consuming (and expensive) breaches. Their Director of Information Technology, Eric Campbell, was introduced to me and asked if we could help discern what technology they should consider for future-facing endpoint protection.
ScholarBuys is partnered with a wide array of security solutions that we recommend to our customers. Our approach is built not only upon our own evaluation of the technology and its implications to EDU enterprises, but also the experiences our customers share with us. As a relationship-driven organization, we take a consultative approach to technology acquisition. Our sales team is knowledgeable about the relevant solutions in the marketplace, and we first work with our customers to discover what pain points are driving their need to act. There are plenty of excellent choices out there, and ScholarBuys helps to evaluate which of those would be the best for each institution’s initiatives.
The Need
Akin to feedback I have received countless times, Rochester College was hoping to identify an all-encompassing solution as opposed to trying to piece together a variety of point solutions that were good at one or two particular facets of endpoint security.
“We were looking for a full solution for end point protection as opposed to having an anti-virus and adding a separate malware or ransomware solution”
Rochester College was also hoping to procure a next-generation solution that, unlike many products in the marketplace today, does not rely on signature-based technology. Just about everything has a cloud-based management console that provides single-pane-of-glass visibility into the environment. However, when it comes to security reporting and real-time forensics, not all solutions are equal.
The scope of the need was to secure 250 endpoints, which included a mix of servers and workstations. Other prerequisites included single-pane management, multi-facet coverage (antivirus/antimalware, granular reporting, ransomware protection), and multi-year licensing options that provided savings compared to sequential, annual renewals.
We ended up evaluating several different solutions to compare not only the feature sets, but also the financial impact to the institution. Taking a “good/better/best” approach, we quickly identified that for the cost, SentinelOne was the front runner of the mix they chose to evaluate.
The Technology
SentinelOne brings prevention, detection and response in a single platform that is driven by sophisticated machine learning and intelligent automation. This allows organizations to not only detect malicious behavior across multiple attack vectors, but also remediate threats with fully-automated response capabilities that are natively integrated in their Endpoint Detection and Response solution.
As opposed to static prevention, SentinelOne uses behavior-based detection where machine learning is leveraged instead of signature-based or heuristic approaches. A lightweight agent performs all prevention and detection capabilities without being dependent on the cloud. This means protection whether or not you are connected to the internet.
The licensing is incredibly simplified as well, which is always a big plus because it is precisely the last thing a security administrator wants to worry about. Their Endpoint Protection Platform licensing uses the same SKU to cover any endpoint regardless of whether you are covering workstations, servers, or a mix of both. It is also the same agent for Endpoint Protection Platform (EPP) and Endpoint Detection and Response (EDR).
There is also increased flexibility from a deployment perspective. You can deploy with either a cloud-based or on-premises management server, and there is no “gotcha” when it comes to implementation resources. Onboarding assistance from SentinelOne is included in the cost of the licensing, so there is no need to purchase professional services as a separate add-on. SentinelOne wants to ensure that the solution is effectively stood up and configured, providing value to ensure that you are making the most of their solution. You also get new features at no cost as they are developed, allowing your solution to scale with technological advancements without the cost scaling in parity.
One other key differentiator that is worth noting: SentinelOne is backed by a Cyber Guarantee – Ransomware Warranty to ensure that no ransomware attack will go undetected. In the even that your institution must pay a ransom from a breach to quickly recover data, SentinelOne EPP customers will be reimbursed up to $1,000 per affected endpoint up to a maximum of $1,000,000.
Wrap-up
Once we came to the determination that SentinelOne was the preferred option at Rochester College, ScholarBuys worked closely with the manufacturer and helped to put together a 3-year licensing option that drove down the cost per endpoint and still made a purchase possible based on the institution’s security budget. Multi-year licensing options can be a great way to lower per unit costs. For organizations that cannot or would prefer not to pay for the multi-year coverage upfront, ScholarBuys can assist in options to still take advantage of the multi-year discounts while also annualizing the cost.
Overall, Rochester College’s experience with the product has been more than satisfactory.
“SentinelOne has provided that full end point protection with the added ability to reverse some effects of any threats that might occur. SentinelOne immediately identified smaller threats that were not identified by our previous solution. Over all we are very satisfied with our experience with SentinelOne’s protection, notifications, and reporting”
Whether you have already started a security project or have just begun to source information on different options, I would highly recommend reaching out to your ScholarBuys representative. As with Rochester College, we can assist in addressing your IT security concerns on campus and help to outfit you with the weapons you will need to combat the ever-changing threat landscape that targets the EDU sector. Thanks for reading, and see you next time!
