Enhanced Endpoint Protection Service (EEPS)
With the increase in remote work for many employees, the need for remote visibility and early detection of malicious activity is greater than ever. That is why the university is complementing our existing security tools by providing a new service called the Enhanced Endpoint Protection Service (EEPS). This service improves the protection of our endpoints and institutional data.
The timing of this initiative against cybercriminals is also critical for several other reasons:
- Universities are under attack as never before – Michigan State, University of California - San Francisco, and University of Utah all reported attacks in 2020. Attacks come from nation states as well as criminal organizations trying to steal or manipulate intellectual property.
- Many government regulations and granting agencies already require a higher level of security to safeguard government information included in research and university projects. In the future, many of these sponsors will not accept grant applications from institutions that do not meet these higher standards of data security.
- Enhanced endpoint security is in place at our peer universities.
The Enhanced Endpoint Protection Service (EEPS) is a service hosted by Enterprise Security. The service provides an Endpoint Detection and Response (EDR) tool that monitors connections to potentially malicious networks and potentially malicious application behaviors on university systems (e.g., desktops, laptops, and servers). It then applies enhanced protections including but not limited to quarantine infected systems from others if malicious behavior is detected.
To preserve your privacy and keep information confidential, EEPS tools monitor endpoint activity at a technical level. For example, if a PDF document attachment is downloaded from email and opened, these tools will detect the PDF reader was used and the name of the PDF document but will not access the content of the document. If after opening the PDF there were attempted unwanted changes to the system or the PDF reader behaved suspiciously the tool could help detect this threat and then defend you from an attack without accessing the content of the document.
If you have any questions or concerns, please contact the Enterprise Security EEPS Support team at firstname.lastname@example.org.
Why do we need EEPS?
With the increase in remote work for many employees and the increase in ransomware activity world-wide, the university needs more tools to offer better protection of our institutional data and systems from malicious actors. Our approach is to use a tool called Endpoint Detection and Response (EDR) to obtain visibility into system behavior. EDR tools help detect malicious activity, even in a remote work environment, and rapidly mitigate or isolate the activity to prevent further disruption to your work and university systems.
Many well-known universities throughout the United States have been targets to Ransomware attacks just in the past year. For example, Michigan State University, University of Utah, Columbia College in Chicago, and the University of California San Francisco all were infected with ransomware last year. With EEPS, we have more visibility into the activities behind ransomware attacks which allows us to mitigate those situations.
What is an EDR tool?
Endpoint Detection and Response (EDR) tools are used to detect malicious behavior of bad actors who have gained or are attempting to gain unauthorized access to university systems. EDR tools allow security teams to quickly detect malicious behavior and take swift action to mitigate and reduce the impact of security incidents.
Will this service impact my privacy?
Enterprise Security is committed to protecting institutional data and computing resources. Our dedicated security professionals follow university policies. Likewise, when you use university computing resources, your activities are monitored. Computing Resources may include: information systems, networks, and mobile devices, and the institutional data they contain.
Enterprise Security is tasked by university policies to maintain an effective security program to protect university stakeholders. Enterprise Security has security practitioners with the highest ethical standards dedicated to creating and maintaining a proactive, top-quality security program for The Ohio State University. To be successful, Enterprise Security is working within the boundaries of the current Institutional Data, Responsible Use and Information Security policies.
One of the Ohio State Privacy Principles is to investigate reports of unauthorized or inappropriate access to personal information. Here’s how to report a concern.
- Speak with your supervisor or another appropriate person in your department, school or unit,
- Report anonymously using EthicsPoint(link is external), a third-party vendor, or
- Email the Office of University Compliance and Integrity's Privacy Team at email@example.com.
Will this tool be replacing an existing security tool on my computer?
The Enhanced Endpoint Protection Service offers multiple security tool components including NGAV (Next Generation Anti-Virus), Firewall management, and USB Device Control. In an effort to manage fewer tools, to simplify use, streamline resources and leverage a cost savings, we will be implementing the new toolset as a replacement of the existing Symantec Endpoint Protection anti-virus tool over the next several months.
Will this tool cause my computer to run slower?
No, EEPS is utilizing a toolset known as Endpoint Detection and Response (EDR) which is designed to have as little impact on your system as possible.