Back /
Request a demo
Request a Demo
Customer Story

Armis Enables Full Asset Visibility and Policy Enforcement at Grand Canyon University

Get the Case Study
Grand Canyon University - Customer Testimonial Video thumbnail

Grand Canyon University (GCU) is a private Christian university in Phoenix, Arizona. Established in 1949 as Grand Canyon College, the university offers degrees in more than 200 areas of study across nine colleges, including multiple technology-focused certifications and degrees. Focusing on preparing students to work in cybersecurity fields, GCU prioritizes its Cyber Center of Excellence, a classroom on campus where students can learn about and practice different techniques. Additionally, its immersive Overclock cybersecurity residence program gives students the opportunity to practice ethical hacking and defense skills in a simulated “live” corporate environment. As of September 2023, GCU enrolled more than 100,000 students online and in person—a significant expansion from its 2008 enrollment of fewer than 1,000 students—making it one of the world’s largest Christian universities.

The university’s infrastructure has grown alongside its burgeoning student body, ushering in a host of technical and security challenges. After one of GCU’s vendors was involved in a supply chain attack, CISO Michael Manrod researched that category of assets in the university’s technology stack. He discovered these devices were in a corporate network zone, instead of being walled off in an isolated segment, in line with policy. Although the university’s environment was not compromised, this triggered an initiative to get its asset management house in order.

Manrod and his team of 25 technology professionals led the university’s effort to better assess and safeguard a complex IT and IoT environment that includes security cameras and badge readers as well as more traditional assets such as servers and user endpoints.

The Challenge

Grand Canyon University lacked unambiguous, comprehensive insight into its assets—what assets were connected to the environment, where they were located, which ones were communicating with what and how, and what kinds of risks were associated with each type of asset. This created multiple blind spots in its approach to vulnerability management, leading to uncertainty about the extent to which its environment was protected.

The university’s IT team also had no simple, centralized way to enforce rules and policies, such as those pertaining to which IoT devices should be cordoned off in designated server zones.

This exposed the university to zero-day threats and other attacks that could disrupt essential services. It also hampered the IT team’s ability to effectively uncover and prioritize risks.

GCU knew it was time to find a solution that was easy for everyone, including IT interns, to learn and use.

Continue reading to learn Armis enables GCU’s IT team to gain a holistic view into its entire ecosystem, root out rogue assets, apply protocols uniformly and comprehensively, and prioritize its remediation roadmap according to the risks associated with each type of asset.

Continue Reading

Challenges
  • challenges iconCreating an accurate, up-to-date, and comprehensive asset inventory across a large sprawling campus, along with many satellite locations
  • challenges iconIdentifying critical assets and connectivity in a systematic way
  • challenges iconDiscovering and prioritizing vulnerabilities
  • challenges iconStreamlining and enhancing the purple team test process
Results
  • result iconProvided complete and continuous visibility and asset management across the entire environment
  • result iconDiscovered 100+ assets that lacked endpoint detection and response (EDR) security agents
  • result iconEnforced security agent compliance across all assets
  • result iconUpdated remediation roadmap to align with risk priorities
  • result iconSaved time when conducting purple team exercises
  • result iconImproved overall cybersecurity hygiene