Endpoint Detection and Response (EDR) is a particular kind of software that helps administrators monitor endpoints (computers, tablets, mobile devices, lab equipment, etc.). With EDR, it’s possible for IT administrators to respond quickly to malware, ransomware, and other threats.

Quite simply: University resources.

Here’s a concrete example: ransomware. Ransomware is a real threat, and it costs money and time to recover data once it has been encrypted in a malicious attack. In a survey of higher-ed IT professionals, nearly two-thirds of institutions reported ransomware attacks in 2021. The attacks are getting closer, becoming more sophisticated, and growing more frequent.

There are countless examples from across the country and world. Universities are seeing an increase in ransomware attacks, for instance, and Miami doesn’t want to join that , but it all comes down to: We are protecting you! Your identity, your data, your intellectual property.

Protecting the data of faculty, staff, and students is all of our responsibility, and CrowdStrike Falcon is a step in that direction.

CrowdStrike Falcon will be deployed (remotely) on all Miami-owned endpoints (i.e., lab equipment, desktop computers, tablets, mobile devices, etc.).

The long and the short of it is: Your privacy is highly important to us, and it’s the reason IT Services is deploying CrowdStrike Falcon onto Miami machines. We want your data to be secure.

The details of how CrowdStrike Falcon works are simple. The software will record details about programs you are running and the files that you create or edit on any University device, such as the file name and any metadata (when you created the file, when you edit the file, how much space the file takes up, etc.). However, it will not read or record any of the contents of your files. Your information is yours – none of that will be shared with CrowdStrike.

Important to note: These records are not being actively monitored. These records will only be looked at if a malicious security event takes place.

The great news is that it will not impact your work at all. The program does not require much energy to run, and we will deploy it to your devices remotely. So once you update your computer, you will have CrowdStrike installed.

The initial deployment of CrowdStrike only contains the sensor; it will simply detect malicious events and send alerts to the core security team. Your device will not be automatically quarantined.

As the sensor is rolled out to the University over the first several months of 2023, however, the automatic quarantine will be enabled. If a malicious event takes place (i.e., there is malware on your machine), CrowdStrike will simply remove your machine from the network. You will lose access to the internet, and a popup will appear telling you that your computer has been taken offline by CrowdStrike.

CrowdStrike Falcon will be deployed (remotely) on all Miami-owned endpoints. This includes:

• Desktop and laptop computers;
• Tablets;
• Mobile devices (this does not include personal devices, even if you receive a phone stipend through Miami);
• Computer lab equipment;
• Servers;
• Containers and virtual machines.

This does not include your personal devices.