Hackers try to find new ways past the online walls information technology services (ITS) puts up to keep Iowa State employees and information safe. The latest addition to Iowa State's wall is Microsoft Defender for Endpoint, and the best part is employees don't need to do anything to reap its benefits.
Reminders
Tener encouraged employees to:
- Use the "Report" button in Outlook to notify ITS of possible phishing emails.
- Install software updates to computers as quickly as possible when prompted.
And remember, ITS staff will never contact an employee and ask for their password or multifactor authentication code.
Rich Tener, ITS director of information security, said the university upgraded its Microsoft license to include Defender, a security platform that monitors a computer's activity. If Defender detects unusual activity, it alerts ITS staff that a hacker may be present in the system.
"Every Windows and Mac OS computer has antivirus built in," Tener said, "but the new way hackers are compromising computers isn't just using a known bad app. They are finding ways into a computer that evade antivirus detection, and often just use apps and tools that are already installed to do their work."
Tener compared this to driving your car with someone in the passenger seat without the driver knowing. They can view all the information and try to cause harm while operating in the background. This is how hackers typically find information, steal it and threaten the victim they will destroy or release it unless they are paid.
Tener said a hacker running several commands in the background to gain information would trigger an alert if an employee rarely, if ever, does this in their day-to-day job. Defender uses past data to "learn" the user's patterns
"It really is just looking for patterns of activity that match a hacker," Tener said.
He stressed Defender is strictly a security measure and not designed to identify employees visiting non-work websites.
Deploying Defender
IT professionals -- not individual employees -- are responsible for turning on the added security in every computer across campus. Defender is built into Microsoft software and an app added to Macs runs transparently in the background to provide security.
ITS is working with department IT units to turn on Defender on all computers. The process began last year and should be completed by the end of 2024, Tener said. Using ISU’s computer management tools, Defender can be rolled out to large groups of computers quickly. Currently, 25% of the computers on campus have Defender activated. One of the big advantages is that Defender monitors for hackers even when employees use university computers at home.
"In the past, we couldn't detect when you got hacked at home," Tener said. "Now, we can."
