ABOUT THIS SERVICE
Managed devices refers to desktops and laptops that are managed by IT Services. Staff and faculty can enroll their devices purchased through SFU's Procurement Services into managed devices, to benefit from standards that ensure the device is secure, license compliant, connected to enterprise resources, and regularly updated and maintained. Managed devices can also be found in offices, lecture rooms, labs, and libraries on campuses.
why use managed devices?
- Reliability - Your device will quickly receive software updates and patches with little to no interaction on your part.
- Time efficiency - You will stay more productive as most deployment and updating processes run in the background, freeing up more time for teaching, research and management.
- Flexibility - You can choose when and where to install new software or run maintenance on your device through Self-service portals.
- Security - IT Technicians will manage the security of your machine so you don't have to. You can rest assured that software patches, antivirus protection, and firewalls are well maintained.
- Confidentiality - Your data and files will remain confidential; no personal data is scanned, indexed, or transmitted off your device. ITs servers also keep full audit logs of any actions performed by technicians.
- Compliance - Your device will always be in compliance with legislation governing requirements for research or student data on University computers. Your device will quickly receive software updates and patches with little to no interaction on your part.
How do I obtain a managed device?
Faculty and staff can contact your departmental IT staff to obtain or enroll in managed devices. Please contact your departmental IT staff first for any question and issue related to managed devices.
ENDPOINT DETECTION & RESPONSE (EDR): MANAGED DEVICE SECURITY FEATURE
SFU is committed to protecting the digital information and systems that are critical to teaching, research and university operations.
Cyber-attacks and phishing attempts are on the rise and continue to get more sophisticated. IT Services strives to protect and mitigate cybersecurity risks for SFU.
EDR FREQUENTLY ASKED QUESTIONS
What is endpoint detection & response?
Endpoint Detection and Response (EDR) is a proactive security solution that protects against malicious activity before it can create a problem to the end user. To recognize and respond to potential threats and to protect the SFU community’s information and data, IT Services is creating a more secure digital space and will continue to execute projects like EDR from its latest security plan.
Why is EDR being implemented?
EDR, along with other information security initiatives such as Multi-Factor Authentication (MFA) and regularly resetting our passwords, are proactive ways we can enhance our ability to counter cyber-attacks and better protect the SFU community.
IS EDR Monitoring my files or webpages I visit?
No. EDR software monitors malicious application activity and doesn’t monitor individual use or their files. It is NOT monitoring and reporting individuals’ activities on the web nor processing or indexing their files or other information on their computers. The new EDR program monitors what applications are doing on your computer – not you.
How does it Impact Managed Devices?
 |
Users don’t need to do anything and won’t notice any differences on their managed devices unless there’s a malicious attack on their computer. EDR software runs in the background of your managed device and if/when malicious activity is identified, you will receive a pop-up notice. Users with EDR installed may also notice a new green circle icon in the menu on your device.
|
How edr can help mitigate effects of a ransomware attack?
EDR works at the kernel level, to evaluate and prevent activity that the operating system simply shouldn’t be doing. As compared to anti-virus software which uses canned heuristics or file-based signatures to block activity.
Example: Ransomware is trying to encrypt a file system. If standard Windows tools are used to start the encryption, anti-virus won't stop it because it's not malware per se. It's a Windows process doing its job. However, EDR would stop it because the process that kicks off the encryption isn't started by Windows security policy or other standard deployment methods. Endpoint detection and response works by observing endpoint and system events and recording the data in a focal database to facilitate examination, location, detailing, and alerting occurrences.
What if I don't have an sfu managed devices?
SFU faculty and staff without managed devices are encouraged to opt-in to being managed, which allows for continual software updates and enhanced security via the Endpoint Detection and Response (EDR). This provides greater cyber security measures for SFU IT systems. Contact your local IT support to opt-in to having your device managed. The IT Service Desk can be contacted at its-help@sfu.ca for general assistance.
For unmanaged devices, IT Services has secured some licenses for Trend Micro Apex One, an enterprise class endpoint security software. It is available to faculty and staff through March 7, 2023.
What do I do if my application is blocked by edr?
If you would like more information on EDR please contact IT Services at its-help@sfu.ca.
Technical Documentation
Access our technical documentation. Technical documentation is only accessible to IT administrators.
Log in to Confluence