SECURITY
Securing the user computing environment involves many aspects such as Operating System upgrades and patches, software patching, browser configuration and extensions, antivirus protection, data backups, ransomware protection, and configurations such as screen savers, remote access, and administrative permissions.
One strategy is to drastically lock down our computing environments to reduce the risks, similar to many other corporations. This, however, would inhibit the research and business activities that are so varied across the university. Therefore, each change we’ve made required concerted planning, analysis, and balancing of impact and value before being implemented.
To this end, this past year, we released several tools to protect computers and servers.
First, we implemented Microsoft Defender
as the antivirus and endpoint detection application. This replaced Cylance and provides a wealth of new tools to detect and stop malware attacks, including cloud-based analysis, and complete integration with the rest of our Microsoft management suite. Secondly, we implemented Make Me Admin on Windows computers. This transitioned users away from running full-time under their administrative profile, preventing malware and other attacks from acquiring admin privileges and running silently in
the background. Next, we released Halcyon,
AT SMU
which is a tiny product specifically designed to protect our data from ransomware attacks at a level not previously available. Finally, we began piloting a new application called Seraphic in OIT. While this has not been released to campus until we complete our analysis, Seraphic provides additional protection inside various web browsers from browser-based attacks, including phishing, password loggers, cookie stealers, zero-day exploits, and more.
Chris Smith, Interim Chief Information Security Officer, commented on how the
new tools have enhanced visibility and responsiveness to security events. “We are now seeing 1,300 managed security events per day that Defender is handling for us, either by taking autonomous action, or alerting and logging for our security context. Especially with Halcyon and Seraphic now in play, our computers will be far more protected against the latest attacks that have been impacting Higher Education in general and the Dallas area specifically, putting us in better shape for the years ahead.”
As we continue to enhance the security configuration and health of our computing environment, we will maintain a heightened consideration for the flexibility and requirements of the community and achieve the best balance of security that makes sense for SMU and our mission.
 ImPROvInG SEcuRITy AT Smu
19