Learn how Segura® helped one of Brazil's most respected higher education institutions rebuild its cybersecurity after a devastating ransomware attack by implementing stronger privileged access management (PAM) controls.
Higher Education
Brazil
Privileged Access Management, Endpoint Privilege Management, Audit and Compliance
Segura® PAM, EPM
In 2020, one of Brazil’s most respected universities suffered a ransomware attack that encrypted more than 140 machines and disrupted critical academic and administrative systems.
The incident caused R$4–5 million in losses and operational disruption lasting up to six months. The institution needed to rebuild its cybersecurity strategy and regain control of privileged access.
The attack exposed major security gaps, including unprotected RDP and SSH access, a lack of traceability for privileged sessions, and limited oversight of third-party access.
Security teams had little visibility into administrative activity, making investigations and compliance difficult. The university needed stronger privileged access controls to prevent future incidents.
Segura® rebuilt the university’s security architecture with a unified privileged access strategy:
✔️ Segura® PAM eliminated direct and unprotected RDP and SSH access
✔️ Session monitoring and auditing provided full traceability for administrators, third parties, and suppliers
✔️ Password vaulting with automatic credential rotation secured privileged credentials
✔️ Endpoint Privilege Management (EPM) enforced granular privilege elevation by application
The university rebuilt its privileged access security and regained full visibility across its infrastructure.
privileged users secured, with fully monitored and auditable sessions
visibility into privileged access across critical systems, closing the gaps that allowed the ransomware attack to spread
In 2020, one of Brazil’s most respected universities faced a crisis that brought its academic operations to a standstill.
A ransomware attack encrypted more than 140 machines, disrupting registration systems, financial processes, and remote classes during the pandemic. The attack caused R$4–5 million in losses and operational disruption that lasted up to six months.
Beyond the technical damage, the incident took a serious toll on the IT team responsible for recovery.
"It was a very difficult time. In addition to the technical and financial impact, we experienced mental burnout within the team. Many professionals left due to exhaustion," recalls the Infrastructure and Security Supervisor.
The university recognized that recovering from the attack meant rebuilding its security strategy, starting with privileged access.
The investigation revealed structural weaknesses that had allowed the ransomware attack to spread across the environment.
Administrative access through RDP and SSH was exposed and unmonitored, allowing attackers to move laterally once initial access was gained. The university also lacked detailed session logs, making it difficult to trace how the attack progressed or identify compromised accounts.
Third-party vendors were accessing critical systems without consistent monitoring, creating additional attack vectors. At the same time, high turnover within the IT team after the incident made it even harder to implement stronger controls.
The university needed a way to regain visibility and control over administrative access across its infrastructure.
To rebuild its security architecture, the university partnered with Segura® to implement stronger governance over privileged access.
Segura® PAM eliminated direct administrative connections and introduced a controlled gateway for all privileged sessions. Every access request became monitored, logged, and auditable.
A centralized credential vault enforced stronger password policies and automated credential rotation, reducing the risk of credential misuse.
To further strengthen security, the university implemented Endpoint Privilege Management (EPM) to manage privilege elevation by application across university systems.
The changes immediately addressed the vulnerabilities exposed during the ransomware attack.
"Previously, any RDP or SSH attempt was exposed. PAM came to cover these vulnerabilities," highlights the Infrastructure Supervisor.
Throughout the implementation, Segura® also worked closely with the university’s IT team to provide training and operational support, helping rebuild internal confidence after the incident.
"We restructured the team, received support from Segura®, and then the updates flowed. We see the maturity to grow," celebrates the Supervisor.
Today, privileged access across the university’s infrastructure is fully monitored and auditable.
Every administrative session is logged, allowing investigations that once took days to be completed in hours. The security team now operates with significantly greater visibility and control over critical systems.
The environment continues to evolve with expanded use of Segura® Privileged Access Management and Endpoint Privilege Management solutions, and broader protection of research environments through the Database Gateway.
For the university’s security leadership, the transformation restored both operational confidence and long-term security maturity.
"I would definitely recommend Segura®. It's a Brazilian company with a global solution!" says the Infrastructure and Security Supervisor.
What began as a devastating ransomware attack became a turning point for the university’s cybersecurity program.
By implementing Segura® PAM and strengthening privileged access governance, the institution rebuilt its security foundation and restored confidence across its IT environment.
Today, the university operates with stronger visibility, tighter control over administrative access, and a more resilient security posture—protecting the systems that support its academic mission and thousands of students.
Ransomware attacks often expose gaps in privileged access control. Segura® helps organizations regain visibility, secure administrative access, and rebuild resilient security programs after an incident.
Request a demo to see how Segura® protects privileged access across complex environments.
Segura® is the only PAM solution on the market that covers the entire privileged access lifecycle. Explore our suite of advanced security solutions:
A secure and efficient way for tools and applications to request confidential information such as secrets, credentials, and other sensitive data used throughout the DevOps lifecycle.
Product Tour ›
Manage and monitor privileged sessions on workstations, ensuring secure access control, auditing, and compliance with IT security policies and regulations.
Product Tour ›
Centralize, manage, and automate the lifecycle of digital certificates, ensuring compliance and reducing operational risks.
Product Tour ›Discover the power of Identity Security and see how it can enhance your organization's security and cyber resilience.
Schedule a demo or a meeting with our experts today.
70% lower Total Cost of Ownership (TCO) compared to competitors.
90% faster Time to Value (TTV) with a quick 7-minute deployment.
The Only PAM solution available on the market that covers the entire privileged access lifecycle.
