Case Study

Brown University Uses Virtru to Increase Visibility and Control

“We had experience with a traditional, portal-based email encryption product, but our users found this mechanism far too cumbersome for our users and their recipients. With Virtru, we found a solution that met our security and compliance requirements, was easy enough to ensure widespread adoption, and gave us the audit and control features we wanted.”

Mark Dieterich, Director of Information Technology and Security, Brown University

Brown University is located in Providence, Rhode Island and founded in 1764, Brown University is the seventh-oldest college in the United States. Brown is an independent Ivy League university with both undergraduate and graduate programs. With more than 4,600 employees and nearly 10,000 students, Brown creates, stores, and shares large amounts of sensitive information, including data governed by regulations like HIPAA and FERPA.

We spoke with Mark Dieterich, Director of Information Technology and Security at Brown University.

How Has Virtru Helped the University?

“Virtru has improved our email security posture pretty dramatically. With security products, you always have to worry about user adoption, but Virtru is so easy to use that this hasn’t been an issue. After all, security and compliance aren’t about the technologies you buy, they’re about that products that are actually used.

We have a high level of certainty that Protected Health Information (PHI) and other sensitive data is secure, even when it’s shared outside the university. Virtru has become an important piece of our overall security and compliance strategy.”

How do you use Virtru today?

“Virtru is our HIPAA-compliant email platform. Our health services department uses Virtru to share PHI both inside the university and with outside service providers like our local hospital system and community clinicians.

Our medical school staff, faculty, clinicians, and other key members of senior staff rely on Virtru today. This year, we plan to ramp up the messaging to our student population about Virtru and expect to see our campus usage continue to climb.”

How did you share sensitive information before Virtru? 

“Prior to deploying Virtru, we didn’t have a unified, consistent way to share PHI and other sensitive information. Faculty and staff used snail mail, faxes, courier services, and password-protected file servers. We were compliant, but we lacked standardization, audit, and control.

When I took over IT and Security at Brown, I made it a priority to find a consolidated consistent system of sharing sensitive information. We prioritized compliance, data security, audit, and control.

We had experience with a traditional, portalbased email encryption product, but our users found this mechanism far too cumbersome for our users and their recipients. With Virtru, we found a solution that met our security and compliance requirements, was easy enough to ensure widespread adoption, and gave us the audit and control features we wanted.”

What Virtru capabilities really stand out?

“Two capabilities that really make a difference to us:

First, Virtru is extremely easy to install and use. It’s intuitive for both our users and for recipients outside the university. And it works seamlessly with our G Suite email. Compared with legacy email encryption products, it’s a breeze.

In addition, Virtru gives us much better audit and control of our email. Only authorized parties can decrypt our messages, and Virtru logs every access attempt. This gives us a confidence that our message was read exclusively by the intended recipients. And if we need to restrict forwarding or revoke access, we can do that at any time.”

 


Dive Deeper