knowIT

CrowdStrike Falcon Sensor Malware Protection for Users at Higher Risk

Cisco Advanced Malware Protection (AMP) is now the recommended malware protection solution for the majority of UBC computers, however, some users have been identified as being at higher risk of attack by the UBC Cybersecurity Team. These users will have CrowdStrike Falcon Sensor installed on their UBC managed devices instead (those with a UBC asset tag).

The deployment of CrowdStrike to these units will happen in phases over the coming weeks starting the week of June 1, 2020. 

Who is affected?

Individuals on both Vancouver and Okanagan campuses, who have been identified by the UBC Cybersecurity Team as accessing, processing or storing significant amounts of Medium, High or Very High Risk Information will have CrowdStrike installed as the required malware protection on their UBC IT supported devices. 

The initial prioritization for the deployment of CrowdStrike is based on current global threat levels. For information on which units have been identified or other queries about the deployment please email privacy.matters@ubc.ca.

All other staff and faculty will have CISCO AMP automatically installed as replacement for Sophos.

Why Crowdstrike?

CrowdStrike Falcon Sensor is a Next-Generation Antivirus (NGAV) product that protects computers from malicious activity by analyzing what the computer is doing, and comparing it against known malicious behaviour patterns and systems, rather than relying on on-demand scanning of files accessed and in-use of regular antivirus products. 

How will this change affect the end user?

Users will notice very little change, if any. The deployment will uninstall the existing anti-malware software, Sophos or AMP, and install CrowdStrike in its place. Some users may notice pop-up windows in the lower right side of the screen while this happens. 

Once installed, CrowdStrike is invisible to the user with no icons or messages to indicate it is installed and operating. 

Does the user need to do anything for the installation?

No. Users are not required to do anything. 

Users that are on campus or connect to UBC’s myVPN (myvpn.ubc.ca or myvpn.ok.ubc.ca) will receive the update automatically. Once CrowdStrike is installed there will be no indication either on the screen or in the system tray that the change has taken place.

Questions?

For further questions on Crowdstrike please visit the Privacy Matters website (cwl login required) or email privacy.matters@ubc.ca.  

Attached Files
There are no attachments for this article.
Related Articles RSS Feed
Campus Wide Software Landing Page
Viewed 706 times since Wed, May 6, 2020
Faculty Service Centre Troubleshooting
Viewed 3382 times since Thu, Sep 4, 2014
Connect
Viewed 7242 times since Thu, Sep 4, 2014
How can students and faculty access Camtasia Studio or Snagit licensing?
Viewed 4695 times since Tue, Sep 9, 2014
Campus Wide Software Licenses
Viewed 10118 times since Thu, Apr 30, 2015
How do I obtain access to the Microsoft Home Use Program (HUP) software?
Viewed 23611 times since Mon, Jun 8, 2015
How do I install campus-licensed software on a computer running OSX?
Viewed 3079 times since Tue, Jun 21, 2016