ZoneFox – A Case Study: WJEC (Welsh Joint Education Committee)

ZoneFox – A Case Study: WJEC (Welsh Joint Education Committee)

How WJEC uses ZoneFox to deliver data visibility, mitigate risk around sensitive data and meet the challenges of compliance head on.



Pain Points

  • The growing threat of malware and cybercrime
  • Keeping up with technological advancements and staff growth
  • The adoption of shadow IT


ZoneFox provides value in three different areas:

  • Identifying anomalous behaviour, allowing pre-emptive action to be taken to reduce risk
  • Identifying potential security breaches, reducing attacker dwell time and allowing for rapid response
  • Streamlining the triaging and investigation of security incidents, improving the ability to contain and remediate issues


As one of the UK’s largest examination boards, WJEC has been providing qualifications and exam assessments to schools and colleges in England, Wales, Northern Ireland and independent regions for over 65 years. The organisation employs over 360 people and continues to grow – and with that growth comes the inevitable challenge around data security and compliance.


As the threat landscape evolves and the amount of sensitive information held by the organisation increases exponentially, the robust protection of WJEC’s digital assets becomes not only an organisational requirement, but a social responsibility too.

As a provider of critical services to the education sector, having efficient, effective security and protected use of sensitive information resources is extremely important to the continued success of WJEC and its partners.

“Procuring a system that would deliver immediate value without the need to purchase expensive hardware or recruit additional staff (as would be the case with an enterprise SIEM system) was challenging in itself – but ZoneFox had it covered.”

  • Gareth Roberts, IT Security Manager at WJEC

How ZoneFox helps WJEC meet the challenges of robust data protection

Identifying and responding to threats from innocent and malicious sources remains a complex challenge for any organisation – and it’s not a challenge that can be ignored, particularly as regulatory requirements such as General Data Protection Regulation (GDPR) threaten large penalties for enterprises that cannot document, or do not have the capability to respond to, security events and data breaches.

Gareth Roberts, IT Security Manager at WJEC, explained, “My role is to manage security and to monitor for threats, and ZoneFox simplifies this task for me by presenting relevant alert data in a clear way – and highlighting risky events and behaviours that would otherwise be missed.

Before we introduced ZoneFox, we were aware of some potentially risky behaviours, but we didn’t really know what was going on with our data. We have a mature defensive technology stack but threat detection still remained a challenge. The move to encryption of web traffic by default limits the usefulness of traditional network IDS solutions, and highlights the need to monitor at the endpoints.”

Add to that the challenge of procuring a system that would deliver immediate value without a) the need to purchase expensive hardware, and b) require the need to recruit additional staff (as would be the case with an enterprise Security Information Event Management (SIEM) system), and ZoneFox was the obvious choice.

ZoneFox = Super-fast deployment and valuable actionable insights

In addition to the ZoneFox model that allowed a rapid deployment for WJEC, one of the key benefits ZoneFox delivers is immediate and actionable insights into potential security incidents. Gareth continues, “I’m confident that our audit data resides in a secure environment that can’t be compromised if our network were to be breached.

With the insights and level of detail that ZoneFox provides, we’re now very quickly able to identify risky user behaviours and to show clear evidence of these to our senior management team.

The bottom line? We’re able to better manage policies, streamline privileges and to be agile enough to react to risk as needed. And the simplicity of the system allows users who are not technical security specialists to gain immediate insights into potential threats. I can’t tell you how valuable that is.”

ZoneFox = Total data visibility and rapid incident response

Critical to securing the sensitive information that WJEC is trusted to hold is rapid detection and incident resolution, which is particularly relevant in an organisation the size of WJEC that doesn’t have a full SOC capability. Security breaches are becoming the norm in today’s world, and a mature organisation like WJEC needs to be equipped to detect and respond to risk.

ZoneFox provides WJEC with data security by:

  • Identifying risky behaviour allowing pre-emptive action to be taken to reduce risk;
  • Identifying potential security incidents / breaches, reducing attacker dwell time and allowing for rapid response;
  • Triaging and investigating security incidents, improving the ability to contain and remediate incidents

For WJEC, the focus now is on delivering technologies that allow secure collaboration and sharing whilst maintaining constant monitoring for new threats, and having ZoneFox on board means they have the tools to meet these goals.

ZoneFox = Smart, efficient data security

ZoneFox makes the mastery of anomaly detection and threat detection efficient and effective by empowering WJEC with fast, uncomplicated insights around what’s going on with their data. To find out more about how ZoneFox can support your organisation to meet risk head on, contact us or request a quick online demo and we’ll take care of the rest.

About ZoneFox

ZoneFox helps businesses around the globe protect their business-critical data against the insider threat. Our award-winning technology provides 360° visibility of activities around sensitive data – the who, what, where and when – by monitoring user behaviour and data movement both on and off the network, and instantly alerting to anomalous activities.

Security posture is strengthened, sensitive information is protected and regulatory compliance is supported.

Related posts

Your thoughts