Improved endpoint protection enables quick response to cyberattacks
As cyberattacks have become more prevalent and advanced, Collaborative Computing Solutions (CCS) and the Information Technology Security Office (ITSO) have taken steps to improve the protection of university-owned endpoints – computers, laptops, and other devices that connect to the internet.
They have rolled out two technology solutions, Endpoint Detection and Response (EDR) and Data Loss Prevention (DLP), to help mitigate cyber threats and maintain the security, integrity, and availability of the university’s information systems.
Endpoint Detection and Response (EDR), continuously monitors IT security aspects of endpoints to identify and mitigate cyber threats in real time. Data Loss Prevention (DLP), evaluates outgoing and stored data to ensure that any data that is subject to compliance requirements (for example, student data or personally identifiable information such as social security numbers) is not lost, misused, or accessed by unauthorized users.
Both EDR and DLP are enabled through Microsoft Defender for Endpoint, Google Workspace DLP functions, and Microsoft M365 DLP functions.
As of January 2024, Microsoft Defender for Endpoint has been deployed to 52% of the university’s endpoints identified in Isora GRC, a cloud-hosted risk management tool developed for higher education institutions, which the university is using to complete departmental IT risk assessments.
Working together, these tools give the university the ability to identify, contain, and mitigate cyberattacks far more quickly than in the past. These tools also help to protect endpoints when people are working remotely, which is a major benefit for our hybrid workplaces. Virginia Tech is not alone in employing these technologies – they are already the norm in corporate and government computing environments, and at many universities in Virginia and around the world.