University of Oulu uses Centero Carillon to implement Zero Trust model
The university’s environment follows the principles of Zero Trust cyber security model, where the end-user ID never gets admin rights, but just the necessary rights and only when needed (Just-in-Time principle). Some old faculty-specific programs are an exception and call for more permanent admin rights for workstations.
Lauri Aho from the University of Oulu says: – Previously about a quarter of the university’s users had admin rights directly on their own ID, meaning malware was able to spread on the workstations. End-users with admin rights would install anything that popped into their heads on their workstations, which led for instance to intellectual property rights being violated.
We no longer give out admin rights based on an individual user asking for the rights repeatedly, until the local admin grants them. Instead, we use a centralized form for the rights. We’ve also moved the right-related tasks off of the local support’s table, which saves their time. In a centralized process the manager of the user asking for the rights is also alerted, and this in turn cuts down unnecessary right requests, Lauri describes the new, more efficient process.
University of Oulu in Finland has been using Centero Carillon since early 2015. Thanks to Carillon, the university has been able to solve its challenges related to local admin rights management.
Carillon benefits different parties at the university
The needs of an academic institution are not that different from a corporate environment – both have rather similar use scenarios. The key benefits Carillon offers to the University of Oulu are:
- easy admin right management,
- clear reporting that shows when the rights were given and by whom,
- local admin ID protection, meaning the ID cannot be hacked, and
- Carillon can generate a device-specific local admin’s password, meaning the password doesn’t need to be the same everywhere.
The end-user benefits from the service when they need to perform a task that requires admin rights. Thanks to Carillon, the situation can be solved in a user-oriented, yet safe manner.
In addition to the end-users, the help desk also benefits, as the admin right requests are processed as service requests, and the help desk can follow a straight-forward process: either the requester is given the rights, or the help desk can suggest they perform the task that requires admin rights for the end-user. A clear process makes life more efficient.
Carillon is well-suited for educational institutions
Lauri Aho describes Centero as a reliable partner who’s easy to collaborate with. Common language and culture also make collaboration smooth.
Lauri recommends Carillon to other academic institutions: – Carillon is easy to implement and comes with all the features educational institutions need. In addition, it’s proven to be extremely reliable.