Universities are a bustling hub of learning, attracting thousands of students, staff, and visitors each day that bring with them their own devices, data needs, and digital habits that link to a myriad of educational networks. This openness – this meeting of minds – is what helps nurture an environment for learning. It’s also a network security nightmare.
The same people pushing the boundaries of knowledge are also potential entry points for cyber threats. In a landscape where ransomware, phishing, and espionage are on the rise, keeping a university network secure is like trying to lock the doors on a building with no walls.
For many institutions, the problem isn’t a lack of technology – it’s the lack of oversight and the overwhelming number of disjointed tools that is a problem. Traditionally, IT teams have relied on a mix of vulnerability scanners, patching software, asset management systems, and manual processes to keep things safe.
However, as threats increase and attack surfaces multiply, the gaps in security become bigger. This explains why so many IT leaders are reconsidering how they manage endpoints and are seeking ways to unify visibility, automate security processes, and reduce the time spent on manual tasks.
A fractured system
“We were using credentialed scans and network scans, but the results were not particularly accurate,” explains John Couzins, head of IT security at Lancaster University. “Sometimes, the machines would shut down halfway through scans. We also had multiple different scans that we had to collate together.”
For years, university IT teams have knitted together their own security solutions using a combination of tools that weren’t always compatible. Gathering data from multiple sources was also another time-consuming headache. Without a single source of truth, university IT teams were left with gaps in their network knowledge – critical areas of their infrastructure that weren’t being properly monitored or managed.
“We expected [our system] to just give us visibility into the devices we knew about,” said Dean Smith, Head of IT at Liverpool Schools of Tropical Medicine (LTSM). “It wasn’t until we invested in a proper endpoint management solution that we found additional devices across different countries that we didn’t even realise were there.”
It’s a similar story across much of the higher education sector, with IT teams often operating without full oversight. It’s not until they’re given the tools to do the job properly that they realise the full extent of their endpoint management shortcomings.
The patching wake-up call
Visibility is only part of the problem. For many universities, patching has become one of the biggest challenges in endpoint security. What is supposed to be a routine process – keeping systems up to date with the latest security fixes – often fails the test because patches were neither being applied correctly nor in good time.
“Before, our previous tooling couldn’t provide us with the speed or accuracy needed to meet the 14-day compliance window,” said Chris Tasso, Cyber Security Specialist at Kingston University. “By the time we identified vulnerabilities, tested patches and deployed them, we were already behind.”
And he’s not alone. “We also identified an issue with our existing patching tools,” said Cousins. “Initially, we weren’t planning on using [a new system] for patching, but the reporting revealed that around 80-85% of patches were failing.”
Simply throwing more people at the problem is not an option. Instead, IT teams are looking to find ways to improve visibility and automate patching to ensure that critical vulnerabilities can be addressed as they arise.
The shift to real-time visibility
One of the most important lessons for universities has been the need for real-time data on endpoint security. Traditional vulnerability scans and compliance checks operate on a scheduled basis – often weekly or monthly. However, in an era of zero-day threats and increasingly sophisticated cyberattacks, universities cannot afford to wait days or weeks for security updates.
“The ability to see vulnerabilities, monitor device health, and generate instant, accurate reports is invaluable,” said Tasso. Thanks to a more proactive approach, Tasso and his team no longer have to wait for reports to highlight security issues.
Instead, they can see what’s happening as things unfold, enabling them to act before vulnerabilities become major risks. For IT teams, this automation has freed up time, allowing them to focus on strategic improvements rather than day-to-day firefighting.
A new approach to endpoint security
Across higher and further education, the message is clear: yesterday’s fragmented, manual approach is no longer fit for purpose. Disconnected tools, delayed scans and unreliable patching leave institutions exposed at a time when threats are more frequent and fast-moving than ever.
To protect staff, students and research, universities must embrace a new approach—one built on real-time visibility, automation and unified control. This shift isn’t just about improving efficiency; it’s about safeguarding the very foundations of modern education.
Now is the time for action. By consolidating tools, closing visibility gaps and automating key processes, universities can stay ahead of threats and create a secure environment for innovation to thrive.
