When Keiser University had to temporarily close 21 campuses because of COVID-19, it didn’t have the luxury of time. What it did have was an innovative, forward-thinking IT team that had already looked into Azure Virtual Desktop for classroom use. With less than five business days to create the infrastructure that would support 3,800 people working from home, the Keiser IT team needed a highly secure, easily deployed technology. They rolled out Azure Virtual Desktop without incident, saving the day for students, faculty, and staff. Using Microsoft security solutions, they’ve provided the environment the university needs to safeguard sensitive information remotely and help reimagine academia in the cloud.
“We didn’t have to worry about Azure Virtual Desktop. It just did what we asked it to do. It’s been rock solid from the beginning.”
Andrew Lee, Vice Chancellor, Information Technology (CIO), Keiser University
Keiser University’s rapid growth is testament to the value-added career education it provides to nearly 20,000 students. Founded in 1977, the private university is headquartered in Fort Lauderdale, Florida, offering classes at 21 campuses throughout the state. Thanks to its IT team’s fast rollout of Azure Virtual Desktop, everyone—from students to faculty to administrators—is carrying on as they would from campus.
Responding to a crisis that won’t wait
“You need to get 3,800 people to work remotely by Friday.”
Andrew Lee received this directive from his boss on a Monday. As Vice Chancellor of Information Technology at Keiser University, Lee is accustomed to challenges. But this was in a different universe.
Fortunately, when he’d met with his Microsoft reps only days before to discuss upcoming initiatives, he’d been intrigued by Azure Virtual Desktop—then mentioned as an interesting possibility for classroom use. Now, faced with imminent lockdown, Lee considered the solution in a more urgent context. He assessed the need: 3,800 faculty and staff were suddenly working from home. Of these, several admins routinely deal with students’ personally identifiable information (PII) as they deliver recommendations and decisions on admissions, scholarships, grants, and student aid.
Keiser staunchly protects student information. In fact, the university maintains its own internal portals on a private network. One simple solution, on the face of it, would be to send everyone home with laptops, setting up 3,800 VPN tunnels to bring Keiser systems into each user’s home. But that would mean instantly setting up a new security model to extend data protection for faculty, staff, and students into a new realm, and potentially creating a formidable security burden for Lee’s team. And the balancing act familiar to IT executives everywhere—that fine line between ease of use and security—was stretched even thinner in a situation that didn’t allow for onsite help.
Deploying without delay
Lee and his staff worked with their local Microsoft team to deploy Azure Virtual Desktop. “Our aim was more than simply getting people to work remotely,” says Lee. “The question was how to get everyone working from home without jeopardizing all the security measures we’ve built up. We were able to spin up desktops for everyone with Azure Virtual Desktop with minimal effort and without a lot of person hours.”
The Keiser IT team used OneDrive for Business to sync the users’ Desktop, Photos, and My Documents drives online. “When they sign in from home, all their content syncs back down to their desktop,” says Lee. “Although a lot of people worried about how they would function, they signed in, immediately found what they needed, and were relieved—and productive. It was quite seamless.”
Keiser’s year-round, four-week class cycles allowed little respite for the IT team. They had from the last Friday of classes on campus until the following Monday to get everything in place for distance learning. The university used an online learning system for its distance learning students, typically about a fifth of the student body. Now navigating that same system was mandatory for all 19,300 students, with little time to adapt. Lee’s team used Microsoft Teams and Teams live events to host sessions that familiarize the students with the online learning system. Using those same Microsoft solutions, they also brought faculty and staff up to par. “We used a lot of Microsoft technology to progress from a traditional brick-and-mortar school to a 100 percent online school in less than two weeks,” says Lee.
Protecting identities and data, end to end
Lee’s biggest concerns stemmed from the possibilities for data being inadvertently exposed by staff and faculty at home. He needed to be sure that all sensitive information, like rosters and financial aid applications, was protected as stringently off campus as it was when everyone worked onsite. That meant continuing to run the business in accordance with strict compliance regulations like the Health Insurance Portability and Accountability Act and the Family Educational Rights and Privacy Act. By using Azure Virtual Desktop functionality and Microsoft Azure Active Directory (Azure AD), his team could disallow printing and downloads to local drives. “Knowing we could control how Keiser University data is used on faculty and staff devices, and disconnect inactive sessions, helps us sleep better at night,” says Lee.
The university had also created an extensive safety net earlier with Microsoft Cloud App Security, deployed during its 2017 cloud migration. It uses the solution to stay on top of suspicious activity—large deletes, confidential emails being forwarded, any indication of a potential data breach. By accessing Azure Advanced Threat Protection (ATP) alerts and identity scoring through the Cloud App Security portal, Keiser can detect and issue alerts according to the data policies it sets for sensitive information.
Azure Sentinel provides the IT team with single-pane-of-glass visibility into threats, simplifying the threat detection task to the point where a single person on Lee’s team can fulfill that function. “We use Azure and Cloud App Security with the other Microsoft security solutions to get past the noise and focus on what’s important,” says Lee. “With Azure Sentinel, it’s very easy for us to use automatic alerts and identify false positives. And we do all this with one person rather than four.”
Everyone logging in from outside campus must use two-factor authentication—one of Keiser University’s most effective tools against phishing scams. The team relies on Microsoft Information Protection to designate varying levels of security for PII, credit card numbers, and other sensitive information. It uses rules and labels to automatically encrypt the information so that it can only be viewed by internal Keiser account holders.
The few staff members who don’t have devices at home are borrowing university devices connected to Keiser’s joined desktop environment with Microsoft Intune. Those devices are protected by BitLocker Device Encryption. “I know that if anything untoward should happen to any of those devices, we can wipe the data with the click of a mouse,” says Lee. On the other hand, his team is occasionally called upon to retrieve mistakenly deleted data. His team uses Microsoft data retention policies based on job function to keep files for the optimal period.
Accelerating performance, lowering cost
When Keiser shifted its infrastructure to the cloud, it eliminated some substantial on-premises hardware costs from its budget. Instead, the university manages costs for Azure Virtual Desktop by raising or lowering the number of virtual machines it uses per their requirements. “By rolling back systems access during periods of low demand, we saved about USD25,000 per month compared to when we initially implemented and maintained the same availability,” explains Lee.
Looking back, the attention the university paid to uncompromising security paid off handsomely when the unexpected happened. “We’d stayed on top of security, using the full range of Microsoft security solutions,” says Lee. “That helped us to migrate all of our users to a virtual way of working, because we already had the tools in place that we’d need to keep everyone safe.”
The results speak for themselves. “During campus debrief sessions since our Azure Virtual Desktop deployment, our executive team has heard repeatedly that this is one of the smoothest changes we’ve ever gone through,” says Lee. “Throughout this pandemic, we spent most of our time helping users with the new things they wanted to do with their Microsoft 365 apps. We didn’t have to worry about Azure Virtual Desktop. It just did what we asked it to do. It’s been rock solid from the beginning.”
Find out more about Keiser University on Twitter, Facebook, and LinkedIn.
“We used a lot of Microsoft technology to progress from a traditional brick-and-mortar school to a 100 percent online school in less than two weeks.”
Andrew Lee, Vice Chancellor, Information Technology (CIO), Keiser University
Follow Microsoft