Enhanced Endpoint Protection Service (EEPS)
With the increase in remote work for many employees, the need for remote visibility and early detection of malicious activity is greater than ever. That is why the university is complementing our existing security tools by providing a new service called the Enhanced Endpoint Protection Service (EEPS). This service improves the protection of our endpoints and institutional data.
The timing of this initiative against cybercriminals is also critical for several other reasons:
- Universities are under attack as never before – Michigan State, University of California - San Francisco, and University of Utah all reported attacks in 2020. Attacks come from nation states as well as criminal organizations trying to steal or manipulate intellectual property.
- Many government regulations and granting agencies already require a higher level of security to safeguard government information included in research and university projects. In the future, many of these sponsors will not accept grant applications from institutions that do not meet these higher standards of data security.
- Enhanced endpoint security is in place at our peer universities.
Our new enhanced security service uses a risk-based approach that focuses on securing the most sensitive, valuable university data that is likely to be at highest risk for attack. The service focuses on providing enhanced protections for systems accessed by our leaders, faculty and researchers.
To preserve your privacy and keep information confidential, EEPS tools monitor endpoint activity at a technical level. For example, if a PDF document attachment is downloaded from email and opened, these tools will detect the PDF reader was used and the name of the PDF document but will not access the content of the document. If after opening the PDF there were unwanted changes to the system or the PDF reader behaved suspiciously the tool could help detect this threat and then defend you from an attack without accessing the content of the document.
What is EEPS?
The Enhanced Endpoint Protection Service (EEPS) is a service hosted by Enterprise Security. The service provides an Endpoint Detection and Response (EDR) tool that monitors connections to potentially malicious networks and applications on university systems (e.g., desktops, laptops, and servers). It then applies enhanced protections including but not limited to quarantine infected systems from others if malicious behavior is detected.
Why do we need EEPS?
With the increase in remote work for many employees and the increase in ransomware activity world-wide, the university needs more tools to offer better protection of our institutional data and systems from malicious actors. Our approach is to use a tool called Endpoint Detection and Response (EDR) to obtain visibility into system behavior. EDR tools help detect malicious activity, even in a remote work environment, and rapidly mitigate or isolate the activity to prevent further disruption to your work and university systems.
Many well-known universities throughout the United States have been targets to Ransomware attacks just in the past year. For example, Michigan State University, University of Utah, Columbia College in Chicago, and the University of California San Francisco all were infected with ransomware last year. With EEPS, we have more visibility into the activities behind ransomware attacks which allows us to mitigate those situations.
Is this a surveillance tool?
No, Endpoint Detection and Response (EDR) tools are used to detect malicious behavior of bad actors who have gained or are attempting to gain unauthorized access to university systems. EDR tools allow security teams to quickly detect malicious behavior and take swift action to mitigate and reduce the impact of security incidents.
Will this service impact my privacy?
The Responsible Use Policy tasks Enterprise Security with maintaining an effective security program to protect university stakeholders. Enterprise Security has security practitioners with the highest ethical standards dedicated to creating and maintaining a proactive, top-quality security program for The Ohio State University. To be successful, Enterprise Security is working within the boundaries of the current Responsible Use and Information Security policies.
While EEPS is not a surveillance tool that monitors authorized individual users, system monitoring is necessary to protect your information and the university’s institutional data. Our objective is to make every effort to safeguard your personal privacy, but it cannot be guaranteed if we are blocking an attack that encompasses personal information you have saved on your university-managed device.
Will this tool be replacing an existing security tool on my computer?
At this time EEPS supplements the current selection of security tools we use to protect university systems. As available tools evolve, we may find it more effective to consolidate our tools into fewer platforms to simplify use, streamline resources and leverage cost savings.
Will this tool cause my computer to run slower?
No, EEPS is utilizing a toolset known as Endpoint Detection and Response (EDR) which is designed to have as little impact on your system as possible.
If you have any questions or concerns please reach out to our team at firstname.lastname@example.org.