it.ucsf.edu

Server and Workstation Security Controls Project

Traci Farrell's picture

Overview

Our server and workstation security control improvement project aims to accomplish three primary tasks:

  1. Implement an endpoint security tool on UCSF servers and workstations
  2. Remove local administrative rights from servers and workstations managed by UCSF IT
  3. Develop UCSF-wide security control standards

What to expect

The Security Endpoint Detection and Response (EDR) agent will run in the background while you work and gather security analytics at a host level. It’s a powerful tool that will look at machine-language patterns and integrates with network security controls that are already in place to more effectively identify malicious activity.

Nearly all malware (over 90 percent) fails to run if the logged-in user is not a local administrator. Removing local administrative rights from UCSF IT-managed machines prevents most malware from running and better protects you from the increasing number of security threats and phishing attempts against the university.

Timeline

Spring 2018: Project planning is still underway, and the project is expected to take many months through 2018 and 2019.

More information

Please read the Security 2.0 FAQ for more information (MyAccess login required).