How University of Asia and the Pacific gained stakeholders’ trust and fully met regulatory requirements
How University of Asia and the Pacific gained stakeholders’ trust and fully met regulatory requirements
Compared to other SSL/TLS providers, GlobalSign clearly has the superior reputation, meeting the strictest of global industry standards, which satisfies the most discerning of our stakeholders, many of whom are IT professionals themselves expressing their opinions openly… Apart from attaining the highest markers of competence, GlobalSign is also a cut above the rest in terms of after-sales service and technical support in lieu of its strong local presence.
Anthony Saul, Faculty Member
and former System Administrator,
Information and Communication Technologies
| CUSTOMER PROFILE | |
|---|---|
| INDUSTRY | Education |
| Name of Organization | University of Asia and the Pacific (UA&P) |
| LOCATION | Philippines |
| GLOBALSIGN SOLUTION | (OV) SSL/TLS |
At a Glance
PROBLEM
When it comes to the security of public and internal servers, the community of teachers, students, and parents at the University of Asia and the Pacific (UA&P) is more discerning than most, with staunch standards that require the full technical compliance of its technology provider.
SOLUTION
Recognizing the irreplaceability of trustworthy and efficient after-sales support, UA&P sought an SSL/TLS provider with a local presence and found one that is willing to go above and beyond, especially in terms of after-sales care and technical support.
UA&P used our SSL/TLS certificates to ensure the university’s complete adherence to the government standards for information and communications technology. With our SSL/TLS certificates, UA&P has never experienced any website breach.
Challenge
The University of Asia and the Pacific is a private, not-for-profit institution of higher learning that offers some of the most outstanding academic programs in Asia. The formation of UA&P students is facilitated by an environment conducive to learning comprised of well-maintained facilities, whether in the physical or digital setting. To maintain their atmosphere of academic serenity and make it conducive to disciplined, diligent, and high-level study, it matters that their websites, including their internal servers, are beyond reproach.
That small padlock next to UA&P’s website URL only means that cyberattacks are thwarted, that business is not disrupted due to outages, and that compliance violations are prevented, all with the use of a topnotch SSL/TLS certificate. That simple symbolization puts UA&P’s knowing stakeholders at ease while inspiring the kind of trust that builds partnerships. The university does have a long-standing reputation across previous generations, but for the young students who are encouraged to seek their own venue for higher education, a public facing website with a compelling digital introduction certainly increases the chances of enrollment.
Solution Requirements
- A dependable solution ensuring UA&P's website security and fulfilling regulatory compliance, as strongly advocated by its stakeholders.
- Fast and precise after-sales support readily available from a technology provider with a local presence.
Solutions
GlobalSign’s SSL/TLS certificates allow online users to easily identify the university’s website as credible, helping to maintain the university’s reputation and cyber security. The solution is also able to assuage the desire of more discriminating stakeholders regarding the need to be compliant with global regulations and industry standards.
On top of this, UA&P has found itself in one critical instance where the university administration needed quick and failproof confirmation regarding one serious cyberattack; that the ransomware did not penetrate through the website, and, instead, through a different endpoint. The after-sales support team demonstrated that it could work beyond meeting the basic needs of UA&P, which, throughout its conundrum, was also able to experience the expertise of GlobalSign’s assistance staff.
What’s Achieved?
Since the implementation of SSL/TLS certificates on UA&P’s websites, GlobalSign was able to satisfy the university’s need to meet the highest of standards in regulatory compliance. It has also maintained safe and secure website browsing for online visitors. Most importantly, UA&P team is guaranteed of GlobalSign’s committed and prompt after-sales support with its physical presence locally.
UA&P’s Experience with GlobalSign’s SSL/TLS
-
Could you give us a background on your experience with our SSL/TLS Certificates? What instances made you switch to GlobalSign?
One of our faculty members introduced us to GlobalSign in May 2016. While we also considered other brands, we learned that GlobalSign was the only SSL/TLS provider that had a solid local presence. This promptly influenced us to proceed with the bidding process in September of the same year. I said, “Let’s do it,” as after-sales support was an equally important consideration for the university.
UA&P officially started using GlobalSign’s SSL/TLS in November 2016, after evaluating that it offers a better suite of benefits over (UA&P’s) previous provider, which was sourced through a local reseller. We started with Extended Validation (EV) SSL/TLS for just a small number of websites. In 2017, we switched to Organization Validation (OV) Wildcard for the full implementation of the project.
Technically we didn’t have a lot of issues with our previous provider as it was giving us the kind of support that we needed at the time, which wasn’t much. There were only very few times when the system would be down; still, these instances made us worry about the persons and groups who are in the position to question our choice of SSL/TLS.
We can safely say that our previous provider wasn’t 100% compliant with the standard technical requirements that enable 100% efficiency for our website security.
-
Was GlobalSign able to help accomplish the encryption, authentication, and integrity goals of UA&P?
The UA&P website has never been spoofed, hacked, or even edited without our knowledge. Although, in general, there was one time when we experienced a breach in our system. It was a ransomware attack. The most harm done to us was the downtime. Several business processes were interrupted, but overall, we were successfully able to recover.
Due to the need to be thorough, we made it a point to investigate all possibilities. We wanted to know if the point of entry is through website access, or something related to encryption. Hence, we sought the service of GlobalSign. Based on the provider’s technical investigation, it’s not necessarily because of the SSL/TLS; instead, it is likely that the issue stemmed from a different point of entry onsite, which confirmed the university’s in-house investigation.
In terms of after-sales care and technical support, GlobalSign was in charge only of UA&P’s SSL/TLS, but we were able to seek GlobalSign’s assistance with the investigation of this critical onsite attack, and GlobalSign was very much willing to give that assistance, lending us even the support of their legal team. Because of this, I am proud to share that I proactively promote the services of GlobalSign to my peers in other universities throughout Manila, Pampanga, and beyond.
-
What set of industry-specific governance, regulatory compliance, and other laws was UA&P aiming to comply with?
Because of GlobalSign, we've improved our compliance with the National Privacy Commission's regulations on personal data protection. Furthermore, we've enhanced our adherence to ISO certifications required for developing internationally recognized websites.
