To improve the security of the workplaces managed by LISA, a new security product for the UT is introduced, namely Microsoft Defender for Endpoint. In the coming weeks, the new tool will be activated. You do not need to undertake any action.
What is Microsoft Defender for Endpoint?
Microsoft Defender for Endpoint automatically detects and repairs attacks on the managed UT workplace. This workplace is also called Endpoint. Microsoft Defender for Endpoint is not an antivirus product, but complements it. No security solution is impenetrable, but when a breach occurs, it can be quickly isolated and addressed before it has a chance to cause any damage or manifest itself within the network. Defender for Endpoint also identifies potential vulnerabilities such as software that is not up-to-date and provides remediation options to address them. It also has a preventive effect on keeping the UT workplaces safe and up to date, which is important because cyber-attacks can take place at any time.
How does Microsoft Defender for Endpoint work?
Defender for Endpoint continuously collects data and sends it to the UT's own Microsoft Defender for Endpoint cloud service. This environment is well secured by LISA. The data is automatically analysed, and the software identifies whether something could be a threat.
Microsoft has been collecting extensive knowledge and data on how to identify suspicious activity. With this data, Microsoft can determine which patterns of behaviour are considered "normal" and which patterns of behaviour may indicate malicious activity, such as a malware attack. As soon as a threat is detected, the software will usually fix it automatically, but you as a user may receive a notification from the system. In that case, you can contact the LISA Servicedesk ICT. In this way, UT-managed workplaces are maximally protected against cyber-attacks from outside.
In addition to the UT-managed workplace, it is also possible to have access to the network with a self-managed workplace, in which case you are responsible for the security of the workplace. The recommendation from LISA (supported by the Executive Board) is to use UT-managed workplaces as much as possible, because LISA will continuously keep these as safe as possible, also in the future and possibly with other tools.
The UT evaluates continuously which tools may help in keeping our systems safe. Last month, the UT’s Executive Board decided upon the use of Microsoft Defender for Endpoint. Activation of the tool will take place in the coming weeks and will not result in visible changes or disruptions in the workplace.