knowIT

CrowdStrike Falcon Sensor Malware Protection for Users at Higher Risk

Cisco Advanced Malware Protection (AMP) is now the recommended malware protection solution for the majority of UBC computers, however, some users have been identified as being at higher risk of attack by the UBC Cybersecurity Team. These users will have CrowdStrike Falcon Sensor installed on their UBC managed devices instead (those with a UBC asset tag).

The deployment of CrowdStrike to these units will happen in phases over the coming weeks starting the week of June 1, 2020. 

Who is affected?

Individuals on both Vancouver and Okanagan campuses, who have been identified by the UBC Cybersecurity Team as accessing, processing or storing significant amounts of Medium, High or Very High Risk Information will have CrowdStrike installed as the required malware protection on their UBC IT supported devices. 

The initial prioritization for the deployment of CrowdStrike is based on current global threat levels. For information on which units have been identified or other queries about the deployment please email privacy.matters@ubc.ca.

All other staff and faculty will have CISCO AMP automatically installed as replacement for Sophos.

Why Crowdstrike?

CrowdStrike Falcon Sensor is a Next-Generation Antivirus (NGAV) product that protects computers from malicious activity by analyzing what the computer is doing, and comparing it against known malicious behaviour patterns and systems, rather than relying on on-demand scanning of files accessed and in-use of regular antivirus products. 

How will this change affect the end user?

Users will notice very little change, if any. The deployment will uninstall the existing anti-malware software, Sophos or AMP, and install CrowdStrike in its place. Some users may notice pop-up windows in the lower right side of the screen while this happens. 

Once installed, CrowdStrike is invisible to the user with no icons or messages to indicate it is installed and operating. 

Does the user need to do anything for the installation?

No. Users are not required to do anything. 

Users that are on campus or connect to UBC’s myVPN (myvpn.ubc.ca or myvpn.ok.ubc.ca) will receive the update automatically. Once CrowdStrike is installed there will be no indication either on the screen or in the system tray that the change has taken place.

Questions?

For further questions on Crowdstrike please visit the Privacy Matters website (cwl login required) or email privacy.matters@ubc.ca.  

Attached Files
There are no attachments for this article.
Related Articles RSS Feed
How do I install campus-licensed software on a computer running OSX?
Viewed 3072 times since Tue, Jun 21, 2016
How do I increase the maximum duration of my SPSS offline license?
Viewed 3347 times since Tue, Jun 13, 2017
How do I get access to free student credits with Microsoft Azure?
Viewed 13261 times since Tue, Mar 20, 2018
Genetec Security Center Software Installation Instructions - For Security Camera Software
Viewed 15135 times since Wed, Jun 6, 2018
Campus Wide Software Landing Page
Viewed 699 times since Wed, May 6, 2020
Faculty Service Centre Troubleshooting
Viewed 3376 times since Thu, Sep 4, 2014
Connect
Viewed 7229 times since Thu, Sep 4, 2014