The criticality of UT's Endpoint Management Platform
Ensuring strong, reliable system management of the university's endpoints (e.g., laptops, desktops, workstations) is essential on many levels.
Security of Personal Research and Intellectual Property
By managing endpoints with a trained, professional workforce the university can protect the important research and future discoveries being conducted throughout the campus. The personal work and legacies of faculty members and researchers are best protected using modern system management practices that ensure the integrity of their critical work.
Security of the Campus Ecosystem
A single system that is not well defended or secured can present a grave threat to tens of thousands of interconnected systems supporting the university. It is crucial that all systems be managed to a basic common minimum security standard that can be verified in real-time to defend and protect the campus. In an effort to protect the university's critical information resources ecosystem all university employees are required to annually acknowledge their role and responsibility in adhering to the UT Acceptable Use Policy.
Accelerated Weaponization Rates
Vulnerabilities are not a new threat, but the rapid weaponization of vulnerabilities into active exploits is a new threat that must be recognized and addressed. Attackers are able to elevate a key vulnerability into an exploit within 3-5 days (not the traditional 2-3 months). This means that automated system management practices must be leveraged to rapidly respond in defending the university fleet of networked computer systems.
Dozens of vulnerabilities are published on a weekly basis. The US Cybersecurity Infrastructure and Security Agency (CISA) maintains a list of the most dangerous vulnerabilities - the Known Exploited Vulnerabilities Catalog - which tracks over 1,000 critical vulnerabilities (averaging 20-30 new additions each month). These vulnerabilities are especially dangerous to campus as they are actively used in common exploit kits that are leveraged by organized crime syndicates, nation state actors, and other units dedicated to stealing university data and research and causing general havoc and chaos.
Impacts to Other Universities
Attacks on institutions of higher education have been on the rise for the last several years, but 2023 represented a 70% increase in targeted ransomware attacks on universities. Numerous major universities have fallen victim to targeted attacks that have successfully leveraged vulnerabilities on endpoints throughout their campuses. Once exploited, these systems can be used by attackers to "pivot" and move laterally throughout the campus until critical infrastructure is reached. All along the way, attackers either destroy critical university data, hold it hostage for ransom, or release it to underworlds of other data thieves positioned to extensively exploit and misuse the information.
Executive Mandate
In addition to required adherence to a variety of state and federal laws, the UT System's Regent Rules also require secure management of university information resources. These are clearly demonstrated in the UT Minimum Security Standards.
The university's reputation and research status are at risk if it is unable to demonstrate an effective information security management program. To further secure these essential university functions executive leadership issued a university-wide directive focused on Increasing Security by Migrating to Enterprise Endpoint Management Platforms. All university endpoints are required to comply with this campus directive or have an approved exception on file with the Information Security Office.
Professional IT Staff
University IT support staff responsible for managing campus endpoints are in a position of special trust and are required to operate with a high level of integrity to maintain trust with the campus community they support. The trust relationship between IT support staff and the campus community they support is essential. Given this position of special trust, IT support staff who do not adhere to operating expectations or who are found to violate any operating procedures will be at risk of immediate termination.
Get Started
If your system isn't yet managed by the campus Endpoint Management Platform then don't wait! Seek out your local IT support team so they can help you onboard your endpoint device. Doing so will proactively ensure that your system is effectively protected and that it isn't quarantined from the campus network or that your network access isn't otherwise impacted due to a compliance issue.
Exceptions
While these laws, policies and standards exist to protect the university's information resources, there are always practical reasons for exceptions. If a faculty member or researcher has a justified business reason for their respective endpoint not to be managed by the university's Endpoint Management Platform there is an exception process that they can make use of. This will first require approval and acceptance of the risk by their respective Dean. Once that is obtained, an exception request can be submitted to the Information Security Office for review. This request must document how the endpoint will be managed and secured to comply with campus policies and related laws.