How University of Asia and the Pacific gained stakeholders’ trust and fully met regulatory requirements
How University of Asia and the Pacific gained stakeholders’ trust and fully met regulatory requirements
Compared to other SSL/TLS providers, GlobalSign clearly has the superior reputation, meeting the strictest of global industry standards, which satisfies the most discerning of our stakeholders, many of whom are IT professionals themselves expressing their opinions openly… Apart from attaining the highest markers of competence, GlobalSign is also a cut above the rest in terms of after-sales service and technical support in lieu of its strong local presence.
Anthony Saul, Faculty Member
and former System Administrator,
Information and Communication Technologies
| CUSTOMER PROFILE | |
|---|---|
| INDUSTRY | Education |
| Name of Organization | University of Asia and the Pacific (UA&P) |
| LOCATION | Philippines |
| GLOBALSIGN SOLUTION | (OV) SSL/TLS |
At a Glance
PROBLEM
When it comes to the security of public and internal servers, the community of teachers, students, and parents at the University of Asia and the Pacific (UA&P) is more discerning than most, with staunch standards that require the full technical compliance of its technology provider.
SOLUTION
Recognizing the irreplaceability of trustworthy and efficient after-sales support, UA&P sought an SSL/TLS provider with a local presence and found one that is willing to go above and beyond, especially in terms of after-sales care and technical support.
UA&P used our SSL/TLS certificates to ensure the university’s complete adherence to the government standards for information and communications technology. With our SSL/TLS certificates, UA&P has never experienced any internal server breach.
Challenge
The University of Asia and the Pacific is a private, not-for-profit institution of higher learning that offers some of the most outstanding academic programs in Asia. The formation of UA&P students is facilitated by an environment conducive to learning comprised of well-maintained facilities, whether in the physical or digital setting. To maintain their atmosphere of academic serenity and make it conducive to disciplined, diligent, and high-level study, it matters that their internal servers are beyond reproach.
Solution Requirements
- A dependable solution ensuring UA&P's internal server security and fulfilling regulatory compliance, as strongly advocated by its stakeholders.
- Fast and precise after-sales support readily available from a technology provider with a local presence.
Solutions
GlobalSign’s SSL/TLS certificates allow online users to easily identify the university’s internal servers as credible, helping to maintain the university’s reputation and cyber security. The solution is also able to assuage the desire of more discriminating stakeholders regarding the need to be compliant with global regulations and industry standards.
On top of this, UA&P has found itself in one critical instance where the university administration needed quick and failproof confirmation regarding one serious cyberattack; that the ransomware did not penetrate through the internal server, and, instead, through a different endpoint. The after-sales support team demonstrated that it could work beyond meeting the basic needs of UA&P, which, throughout its conundrum, was also able to experience the expertise of GlobalSign’s assistance staff.
What’s Achieved?
Since the implementation of SSL/TLS certificates on UA&P’s internal servers, GlobalSign was able to satisfy the university’s need to meet the highest of standards in regulatory compliance. It has also maintained safe and secure internal server browsing for online visitors. Most importantly, UA&P team is guaranteed of GlobalSign’s committed and prompt after-sales support with its physical presence locally.
UA&P’s Experience with GlobalSign’s SSL/TLS
-
Could you give us a background on your experience with our SSL/TLS Certificates? What instances made you switch to GlobalSign?
One of our faculty members introduced us to GlobalSign in May 2016. While we also considered other brands, we learned that GlobalSign was the only SSL/TLS provider that had a solid local presence. This promptly influenced us to proceed with the bidding process in September of the same year. I said, “Let’s do it,” as after-sales support was an equally important consideration for the university.
UA&P officially started using GlobalSign’s SSL/TLS in November 2016, after evaluating that it offers a better suite of benefits over (UA&P’s) previous provider, which was sourced through a local reseller. We started with Extended Validation (EV) SSL/TLS for just a small number of change to internal servers. In 2017, we switched to Organization Validation (OV) Wildcard for the full implementation of the project.
Technically we didn’t have a lot of issues with our previous provider as it was giving us the kind of support that we needed at the time, which wasn’t much. There were only very few times when the system would be down; still, these instances made us worry about the persons and groups who are in the position to question our choice of SSL/TLS.
We can safely say that our previous provider wasn’t 100% compliant with the standard technical requirements that enable 100% efficiency for our change to internal server security.
-
Was GlobalSign able to help accomplish the encryption, authentication, and integrity goals of UA&P?
There was one time when we experienced a breach in our system. It was a ransomware attack. The most harm done to us was the downtime. Several business processes were interrupted, but overall, we were successfully able to recover.
Due to the need to be thorough, we made it a point to investigate all possibilities. We wanted to know if the point of entry is through internal server access, or something related to encryption. Hence, we sought the service of GlobalSign. Based on the provider’s technical investigation, it’s not necessarily because of the SSL/TLS; instead, it is likely that the issue stemmed from a different point of entry onsite, which confirmed the university’s in-house investigation.
In terms of after-sales care and technical support, GlobalSign was in charge only of UA&P’s SSL/TLS, but we were able to seek GlobalSign’s assistance with the investigation of this critical onsite attack, and GlobalSign was very much willing to give that assistance, lending us even the support of their legal team. Because of this, I am proud to share that I proactively promote the services of GlobalSign to my peers in other universities throughout Manila, Pampanga, and beyond.
-
What set of industry-specific governance, regulatory compliance, and other laws was UA&P aiming to comply with?
Because of GlobalSign, we've improved our compliance with the National Privacy Commission's regulations on personal data protection. Furthermore, we've enhanced our adherence to ISO certifications required for developing internationally recognized internal servers.
