Case Study: Cranfield University achieves faster sensitive data discovery and proactive GDPR compliance with Rubrik Sensitive Data Discovery

Cranfield University Implements Rubrik Sonar for Proactive Data Governance

Cranfield University, a UK postgraduate institution delivering courses in 50 countries and executive development to over 15,000 people, faced growing data-governance challenges after GDPR. Teams lacked visibility into where sensitive data lived across the virtual server estate, creating blind spots for PCI-DSS and PII, slowing responses to Freedom of Information/subject access requests, and increasing exposure to ransomware and compliance risk.

Cranfield deployed Rubrik Sensitive Data Discovery and related ransomware investigation to scan backup data across ~400 VMs with no production impact, using policy-driven automation to find, flag, and remediate sensitive files. The solution uncovered thousands of at-risk records (credit cards, national insurance numbers), enabled repeatable workflows (move, remove, or exclude files), and cut custom search times to one day versus days–weeks, improving compliance posture and reducing operational and reputational risk.

Cranfield University

Matthew Verrier

Systems Manager