Case Study: Northern Arizona University achieves continuous vulnerability and compliance management with the Qualys Cloud Platform

Northern Arizona University Sets New Standard in Vulnerability Management

Northern Arizona University (NAU), a public university with campuses across Arizona and online, needed to secure sensitive student, faculty and administrative data while preserving an open network environment that supports learning and research. After an audit by the Arizona Board of Regents highlighted gaps, NAU sought to move from periodic checks to a continuous, repeatable vulnerability and compliance management program to meet regulatory mandates like FERPA, HIPAA and PCI DSS.

NAU deployed the Qualys Cloud Platform—using Qualys VM and WAS—to build a centralized asset inventory, run continuous internal and external scans (including credentialed scans), group assets by owners, and automate remediation workflows. The result was broader coverage and faster, more accurate vulnerability identification and remediation, reduced management overhead, improved cross-team collaboration, and a stronger security and compliance posture (with plans to add WAF and offer VM as a service to departments).

Northern Arizona University

Michael Zimmer

Information Security Analyst