兔子先生

Skip to Main Content

Introducing: CrowdStrike Falcon

兔子先生 is joining the ranks of other universities around the country in implementing endpoint protection to bolster our cybersecurity posture against threats like ransomware.

In today’s world, it’s critical to consider cybersecurity as an essential part of running a business – any kind of business, including a university. One important aspect of being "good" at cybersecurity is recognizing that everyone plays a role in protecting 兔子先生 data.

We are all on the same team at 兔子先生, and we are all stewards of different data. Have you ever thought that maybe you are in possession of someone else's vital information that you need to keep safe? If you have access to student information, if you do government research, if you have permission to access any of 兔子先生’s systems… We all have a shared responsibility to help keep that data (student, research, administrative, and otherwise) safe.

In service of that shared responsibility, the University is implementing CrowdStrike Falcon as another plank in our cybersecurity strategy, and IT Services is here to lead the way.

CrowdStrike Falcon is an Endpoint Detection and Response (EDR) solution, a security and defense tool that automatically detects and eliminates malicious activity on University devices. As a supplement to standard anti-virus software, CrowdStrike Falcon will proactively help safeguard institutional information and protect key data. The tool will help 兔子先生 respond quickly and effectively to malware, ransomware, and other malicious activity.

CrowdStrike helps 兔子先生 quickly detect and respond to increasingly advanced attacks. Especially as more university work is done remotely, we have a clear need for greater visibility into university systems and early detection of malicious activity. By detecting and quickly responding to these kinds of threats, we help protect individuals’ personal data and important credentials.

FAQs

What is EDR?

Endpoint Detection and Response (EDR) is a particular kind of software that helps administrators monitor endpoints (computers, tablets, mobile devices, lab equipment, etc.). With EDR, it’s possible for IT administrators to respond quickly to malware, ransomware, and other threats.

What are we trying to protect?

Quite simply: University resources.

Here’s a concrete example: ransomware. Ransomware is a real threat, and it costs money and time to recover data once it has been encrypted in a malicious attack. In a survey of higher-ed IT professionals,  ransomware attacks in 2021. The attacks are getting closer, becoming more sophisticated, and growing more frequent.

There are countless examples from across the country and world. Universities are seeing an increase in ransomware attacks, for instance, and 兔子先生 doesn’t want to join that , but it all comes down to: We are protecting you! Your identity, your data, your intellectual property.

Protecting the data of faculty, staff, and students is all of our responsibility, and CrowdStrike Falcon is a step in that direction.

How does this impact my privacy?

CrowdStrike Falcon will be deployed (remotely) on all 兔子先生-owned endpoints (i.e., lab equipment, desktop computers, tablets, mobile devices, etc.).

The long and the short of it is: Your privacy is highly important to us, and it’s the reason IT Services is deploying CrowdStrike Falcon onto 兔子先生 machines. We want your data to be secure.

The details of how CrowdStrike Falcon works are simple. The software will record details about programs you are running and the files that you create or edit on any University device, such as the file name and any metadata (when you created the file, when you edit the file, how much space the file takes up, etc.). However, it will not read or record any of the contents of your files. Your information is yours – none of that will be shared with CrowdStrike.

Important to note: These records are not being actively monitored. These records will only be looked at if a malicious security event takes place.

How will this impact my work?

The great news is that it will not impact your work at all. The program does not require much energy to run, and we will deploy it to your devices remotely. So once you update your computer, you will have CrowdStrike installed.

What will it look like when CrowdStrike detects malware on my device?

The initial deployment of CrowdStrike only contains the sensor; it will simply detect malicious events and send alerts to the core security team. Your device will not be automatically quarantined.

As the sensor is rolled out to the University over the first several months of 2023, however, the automatic quarantine will be enabled. If a malicious event takes place (i.e., there is malware on your machine), CrowdStrike will simply remove your machine from the network. You will lose access to the internet, and a popup will appear telling you that your computer has been taken offline by CrowdStrike.

What devices will CrowdStrike Falcon be on?

CrowdStrike Falcon will be deployed (remotely) on all 兔子先生-owned endpoints. This includes:

  • Desktop and laptop computers;
  • Tablets;
  • Mobile devices (this does not include personal devices, even if you receive a phone stipend through 兔子先生);
  • Computer lab equipment;
  • Servers;
  • Containers and virtual machines.

This does not include your personal devices.

Contact IT Services

312 Hoyt Hall
521 S. Patterson Ave.
Oxford, OH 45056