Location: Liverpool, United Kingdom
University of Liverpool is one of the UK’s leading higher education institutions, and a member of The Russell Group of research intensive universities. It comprises three faculties organised into 35 departments and schools, and offers more than 230 first degree courses across 103 subjects. Currently the University has over 32,000 students and 4,700 staff.
With Varonis DatAnywhere, we are offering a viable alternative to sharing services while creating policy and control around the sharing of confidential documents.
Across its network, University of Liverpool had over 3,000 installations of Dropbox and similar file- sharing offerings − a clear indicator that users were moving data to the public cloud. While the university’s IT team recognised the shortcomings from this behaviour, without offering a viable alternative they felt powerless to stop them.
While University of Liverpool had guidelines stating confidential documents should not be stored on a public file storage platform because of the potential security issues, it couldn’t enforce this policy until it offered a viable file-sharing alternative.
When people leave the university, it is virtually impossible to reclaim or revoke access to data stored in uncontrolled, personal, public-cloud file services.
DatAnywhere allows the University of Liverpool’s staff, researchers and students to access its file storage, including personal (“home folders”) and shared departmental drives, from different locations and devices including mobiles, tablets, and computers.
One of the key features for the University of DatAnywhere is the ability to share files and folders with internal and external colleagues. This means users can share large files easily without worrying about file size limits for attachments to emails, or the need to use physical media such as CDs, DVDs, or USB pen drives.
A senior lecturer within the Chemistry department said:
We needed a secure solution of this type to serve the requirements of our mobile users and the ever increasing number of Mac users. Now that we have DatAnywhere, I no longer use Dropbox.
DatAnywhere is a viable alternative to file-sharing services such as Dropbox, allowing the university to introduce a policy stating confidential documents are not stored on other platforms.
As DatAnywhere uses the university’s Active Directory for authentication and file system permissions for authorization, the University still retains control over who can and can’t access files, especially those deemed confidential.
The university can easily see who shared what with whom and it’s all fully auditable. A member of staff from the Institute of Learning & Teaching stated:
BRILLIANT!!! Thank you this is fantastic news. I’ve been using a free alternative product for a while but don’t trust it so this will be really useful.
When planning the DatAnywhere implementation and defining initial KPIs, the University’s IT team estimated that the adoption of the solution by 1,500 users within 12 months would be a great result. The immediate response to the promotional campaigns it has run has been far more promising as Andy Williams, Systems Manager, of University of Liverpool confirms:
Since the full launch of DatAnywhere, we have gone from the pilot phase, which was just 58 users, to 1,366 in the first week alone. We now have we now have over 4,000 users of the system. It genuinely has been a tremendous success.
Andy believes that the reliance on outside file-sharing services will naturally decline as more and more people see and experience the value of DatAnywhere.
DatAnywhere provides the university’s users with the ability to access files securely across all devices. Andy adds:
What we appreciate most about DatAnywhere is that security is inherent to the solution; it’s searchable, and it’s auditing capabilities lets us easily see who shared what with whom − and it’s all trackable. When users want to share a file with an external party they simply send a web link, which can even be set to auto-expire or require a one-time pin code, offering an extra layer of security.
DatAnywhere uses the university’s Active Directory for authentication and file system permissions for authorization, so Andy and his team haven’t had to waste time reconfiguring or trying to replicate permissions outside of the existing file shares. Andy confirms:
Now no one now has access to shared data, unless they already had it or are provisioned access. IT still retains control over who can and can’t access files, particularly those deemed confidential. We can also revoke access centrally, and it will replicate across everything at once, saving time and reducing complexity.
As DatAnywhere means the university is offering a practical alternative to Dropbox, it has introduced a policy stating “confidential documents are not to be stored on other platforms.” At this stage in the program, it hasn’t made any demands that users cease using Dropbox for other data, but it is expected over time and through natural decline users will stop using alternative file sharing services and will all use DatAnywhere.
Prior to DatAnywhere’s introduction, when people left the university, it was virtually impossible to retain or even revoke access to data they had stored in uncontrolled repositories. Over time, this issue will increasingly be resigned to history.
In addition, as data is stored centrally in DatAnywhere, regardless of the user’s device or location each file is always the definitive copy.
A professor within the University’s Ageing and Chronic Disease Institute said:
DatAnywhere has proven to be an excellent resource for uploading and storing medical images, which are a central part of our EUFP7 funded clinical trials … it is essential for the proper functioning of our trial. Without DatAnywhere, we would have to devise some other way of receiving files from our collaborative centers.