Introducing: CrowdStrike Falcon
Miami is joining the ranks of other universities around the country in implementing endpoint protection to bolster our cybersecurity posture against threats like ransomware.
In today’s world, it’s critical to consider cybersecurity as an essential part of running a business – any kind of business, including a university. One important aspect of being "good" at cybersecurity is recognizing that everyone plays a role in protecting Miami data.
We are all on the same team at Miami, and we are all stewards of different data. Have you ever thought that maybe you are in possession of someone else's vital information that you need to keep safe? If you have access to 黑料社区 information, if you do government research, if you have permission to access any of Miami’s systems… We all have a shared responsibility to help keep that data (黑料社区, research, administrative, and otherwise) safe.
In service of that shared responsibility, the University is implementing CrowdStrike Falcon as another plank in our cybersecurity strategy, and IT Services is here to lead the way.
CrowdStrike Falcon is an Endpoint Detection and Response (EDR) solution, a security and defense tool that automatically detects and eliminates malicious activity on University devices. As a supplement to standard anti-virus software, CrowdStrike Falcon will proactively help safeguard institutional information and protect key data. The tool will help Miami respond quickly and effectively to malware, ransomware, and other malicious activity.
CrowdStrike helps Miami quickly detect and respond to increasingly advanced attacks. Especially as more university work is done remotely, we have a clear need for greater visibility into university systems and early detection of malicious activity. By detecting and quickly responding to these kinds of threats, we help protect individuals’ personal data and important credentials.
FAQs
What is EDR?
What are we trying to protect?
Quite simply: University resources.
Here’s a concrete example: ransomware. Ransomware is a real threat, and it costs money and time to recover data once it has been encrypted in a malicious attack. In a survey of higher-ed IT professionals, ransomware attacks in 2021. The attacks are getting closer, becoming more sophisticated, and growing more frequent.
There are countless examples from across the country and world. Universities are seeing an increase in ransomware attacks, for instance, and Miami doesn’t want to join that , but it all comes down to: We are protecting you! Your identity, your data, your intellectual property.
Protecting the data of faculty, staff, and 黑料社区s is all of our responsibility, and CrowdStrike Falcon is a step in that direction.
How does this impact my privacy?
CrowdStrike Falcon will be deployed (remotely) on all Miami-owned endpoints (i.e., lab equipment, desktop computers, tablets, mobile devices, etc.).
The long and the short of it is: Your privacy is highly important to us, and it’s the reason IT Services is deploying CrowdStrike Falcon onto Miami machines. We want your data to be secure.
The details of how CrowdStrike Falcon works are simple. The software will record details about programs you are running and the files that you create or edit on any University device, such as the file name and any metadata (when you created the file, when you edit the file, how much space the file takes up, etc.). However, it will not read or record any of the contents of your files. Your information is yours – none of that will be shared with CrowdStrike.
Important to note: These records are not being actively monitored. These records will only be looked at if a malicious security event takes place.
How will this impact my work?
What will it look like when CrowdStrike detects malware on my device?
The initial deployment of CrowdStrike only contains the sensor; it will simply detect malicious events and send alerts to the core security team. Your device will not be automatically quarantined.
As the sensor is rolled out to the University over the first several months of 2023, however, the automatic quarantine will be enabled. If a malicious event takes place (i.e., there is malware on your machine), CrowdStrike will simply remove your machine from the network. You will lose access to the internet, and a popup will appear telling you that your computer has been taken offline by CrowdStrike.
What devices will CrowdStrike Falcon be on?
CrowdStrike Falcon will be deployed (remotely) on all Miami-owned endpoints. This includes:
- Desktop and laptop computers;
- Tablets;
- Mobile devices (this does not include personal devices, even if you receive a phone stipend through Miami);
- Computer lab equipment;
- Servers;
- Containers and virtual machines.
This does not include your personal devices.