6. Endpoint Detection & Response
What is the percentage of UBC-owned servers and workstations under my control on which CISO approved Endpoint Detection Response Software (EDR) is installed (or if not technically possible up-to-date anti-malware and spyware software)?
Why is this Essential?
EDR software enables UBC cybersecurity to identify and prevent known exploits as well as contain incidents promptly. Furthermore, the EDR software enables investigation to determine what happened, when and how to better mitigate further threat to UBC's Electronic Information and Systems.
Reference Links
Endpoint Detection and ResponseSecuring Computing and Mobile Storage Devices/Media
Instructions on how to deploy UBC's EDR
Instructions
On Computing Devices not required to have EDR, install up-to-date anti-malware and spyware cleaning software (except for smartphones and tablets that do not offer this feature) and configure it to update at least once per day.
Malware Protection
What is Acceptable?
EDR is installed 100% on all servers unless technically not possible.