It's on all of us: Introducing CrowdStrike Falcon

by Elizabeth Parsons, IT Services

Over the past couple of years, the Miami University community has weathered some challenging storms together. Moving into the end of the Fall 2022 term, we have learned a lot, and perhaps one of the most important lessons we have learned (and taken to heart) is that we have a shared responsibility to keep each other safe, remain grounded, and exhibit empathy in all paths.

Wires and technical tools denoting 'cybersecurity'

Unfortunately, during the last several years of the pandemic, another group of folks thrived: malicious actors. By June 2020, four months after Miami went fully remote, cybercrime had increased by 75 percent. Even more recently, an Entrepreneur report found that in 2021, organizations had seen a 31 percent increase in cyberattacks compared to 2020. Attacks are becoming more ruthless and more sophisticated.

And so, in service to the shared responsibility of keeping our community safe, Miami is joining the ranks of other universities around the country in implementing endpoint protection to bolster our cybersecurity posture against threats like ransomware.

Cybercrime is a lucrative business

It’s unfortunately true that cybercrime statistics have steeply inclined in recent years. In today’s world, it’s critical to consider cybersecurity as an essential part of running a business—any kind of business, including a university. And the most important part of being “good” at cybersecurity: Providing a united front.

We are all on the same team at Miami, and we are all stewards of different data. Have you ever thought that maybe you are in possession of someone else's vital information that you need to keep safe? If you have access to student information, if you do government research, if you have permission to access any of Miami’s systems… That all counts. We all have a shared responsibility to help keep that data (student, research, administrative, and otherwise) safe.

So, what to do?

The University is implementing CrowdStrike Falcon as another plank in our cybersecurity strategy, and IT Services is here to lead the way.

What is CrowdStrike Falcon?

CrowdStrike Falcon is an Endpoint Detection and Response (EDR) solution, a security and defense tool that automatically detects and eliminates malicious activity on University devices. As a supplement to standard anti-virus software, CrowdStrike Falcon will proactively help safeguard institutional information and protect key data. The tool will help Miami respond quickly and effectively to malware, ransomware, and other malicious activity.

CrowdStrike helps Miami quickly detect and respond to increasingly advanced attacks. Especially as more university work is done remotely, we have a clear need for greater visibility into university systems and early detection of malicious activity. By detecting and quickly responding to these kinds of threats, we help protect individuals’ personal data and important credentials.

“Miami is very privileged to have such an open computing environment that supports students, faculty and research,” said Scott Campbell, senior director of technology for the College of Engineering and Computing. “This openness comes with a risk, and CrowdStrike is a powerful tool that helps mitigate this risk by detecting and quickly responding to threats while having a negligible impact on computer or network performance.”

Why a "remote sensor"?

Being able to detect and neutralize threats remotely is a key component of the CrowdStrike software. It helps us have an eye on malicious activity on our systems—which, unfortunately, has seen an uptick in recent years.

This remote sensor is simply a lightweight malware detection software—similar to anti-virus or anti-malware applications that can already be found on all our University-owned computers.

Protecting the data of faculty, staff, and students is all of our responsibility, and this will provide us the ammunition to get the bad guys before they steal our data.

Here’s a concrete example: ransomware. Ransomware is a real threat, and it costs money and time to recover data once it has been encrypted in a malicious attack. In a survey of higher-ed IT professionals, nearly two-thirds of institutions reported ransomware attacks in 2021. The attacks are getting closer, becoming more sophisticated, and growing more frequent.

There are countless other examples, but it all comes down to: We are protecting you! Your identity, your data, your intellectual property.

What’s the catch?

There is no catch. The sensor is just that: a sensor. Over the next several months, IT Services, in conjunction with your local desktop support folks, will push the sensor to any Miami-owned desktop or laptop device. This does NOT include your personal devices. It only applies to devices (and virtual machines) that Miami has purchased and that are managed by IT. (If you’re not sure whether your device is managed by IT, contact your local support person and they will be happy to tell you!)

“This helps balance our openness with creating a more secure environment that protects our data,” Dr. Campbell said. “From an academic and teaching perspective, I think this is a great win.”

For a rundown of everything CrowdStrike will do, including what it does and does not record, what devices it will be deployed to, and an up-to-date timeline for when this will take place, please visit our website.