Notes on the mandatory use of the SentinalOne antivirus software

(Excerpts from emails from Thorsten Kamp & Renke Schütte)

... As announced last autumn, the Presidential Board has now decided that Sentinel One must be used as virus protection on all university systems for which a client exists.

... The obligation to install SentinalOne also applies to all mobile computers (laptops/notebooks) and teleworking stations with university devices.

Please note that SentinalOne must also be installed for every new PC and every new installation.

SentinalOne can be downloaded here for various operating systems (bottom entry in the list): https://uol.de/en/it-services/services/software

Private computers of employees and students or visiting academics

SentinalOne is not to be installed on the private computers of students, employees or third-party devices. However, there is an obligation to ensure that these private devices also have adequate, up-to-date virus protection and an up-to-date operating system including security updates if these devices connect to the university network (e.g. via VPN/GlobalProtect). For private Windows devices, this can be achieved, for example, by using the free Windows Defender antivirus software and an active Windows firewall. Everyone involved is aware that we all have only limited possibilities to enforce this, especially for students.

Background:

Last year, our university was exposed to a massive malware attack, which could only be fended off with the massive deployment of personnel and financial resources in the six-figure range and a bit of luck. The attackers are becoming more and more professionalised and are thus making millions of euros through blackmail; the damage to companies and institutions also runs into tens of millions every year. Several universities have already been affected and were barely able to work for weeks.

This professional, organised crime also forces our university to strengthen protective measures to protect confidential data, research results and the functioning IT infrastructure (email, internet, data storage, etc.). Our IT services can only operate a part of the protection centrally; another part of the protection must be installed, updated and operated individually on each computer. Part of this individual protection on each computer is SentinalOne and an up-to-date operating system with all security updates. As the Schools are independent in their IT support and the Institutes are responsible for their own areas, this email is being sent to you (/you) for implementation.

SentinalOne should have been installed on all university computers months ago, but an analysis has shown that we have a considerable gap here. SentinalOne does not appear to be installed on many computers and no agreement/arrangement appears to have been made with the DSM for an alternative, equivalent protection measure for these computers.

Against this background, the Presidential Board has now decided to make installation mandatory, as it is a matter of protecting the university's IT infrastructure, including all our data.

Further measures such as 2-factor authentication will follow.

Information and a how-to can be found under this link.

2024-03-26

Archived news from the ICBM-IT