ILS Self-Help logo
HomeHome Most Helpful TopicsMost Helpful Topics
RSS Feeds
DrillDown Icon Contents Back
 . . . . . . . . . . . . .
DrillDown Icon Self-Help Home
DrillDown Icon Menu
DrillDown Icon Online Resources
DrillDown Icon Library and Digital Support
DrillDown Icon IT Services
DrillDown Icon Announcements
DrillDown Icon Halls wireless printing
DrillDown Icon Student Halls - using Gaming devices,SMART TV and Amazon Echo speakers
DrillDown Icon Printing (Multi-functional devices)
DrillDown Icon Student IT Pocket Guide links
DrillDown Icon Mapping the PUPSMD 'R' drive to your computer
DrillDown Icon Re-imaging a computer or laptop
DrillDown Icon Mobile computing
DrillDown Icon Out of Hours Computing exam support
DrillDown Icon Apple Support
DrillDown Icon Staff Mac fleet
DrillDown Icon PlymMac 7
DrillDown Icon Windows 7 Service
DrillDown Icon Accounts
DrillDown Icon Applications
DrillDown Icon Email
DrillDown Icon File Space
DrillDown Icon Software
DrillDown Icon One Drive for Business (Data Missing)
DrillDown Icon Software Center
DrillDown Icon How to install Applications via Software Centre
DrillDown Icon Check your computer is protected with Kaspersky 10
DrillDown Icon Software licencing
DrillDown Icon Frequently Requested Software
DrillDown Icon In-Tend settings needed on Internet Explorer
DrillDown Icon Agresso
DrillDown Icon ArcGIS Notes
DrillDown Icon Autorun
DrillDown Icon Avecto Defendpoint
DrillDown Icon Document Management System
DrillDown Icon Electronic signatures
DrillDown Icon Employee Self Service (ESS)
DrillDown Icon EndNote
DrillDown Icon Log on problems
DrillDown Icon Office 2010
DrillDown Icon Protecting a computer
DrillDown Icon Skype
DrillDown Icon MS Word
DrillDown Icon Software available for Home use
DrillDown Icon File associations
DrillDown Icon Installing software
DrillDown Icon Viewing PDFs
DrillDown Icon Macromedia Studio MX2004
DrillDown Icon Windows Vista and Internet Explorer 8 Compatibility issue
DrillDown Icon How do I update SPSS on my university managed computer?
DrillDown Icon The University Wide Software Service
DrillDown Icon How do I change the settings on my iPhone/iPad after I have changed my University password?
DrillDown Icon iTunes backup
DrillDown Icon Student Verification for MS Office
DrillDown Icon Web Agresso Expenses - Browser Issues
DrillDown Icon Tech Services
DrillDown Icon Templates
DrillDown Icon UNIT-e
DrillDown Icon Hardware
DrillDown Icon IT Training & Documentation
DrillDown Icon Telephony
DrillDown Icon Web
DrillDown Icon PC Finder Tool
DrillDown Icon Media
DrillDown Icon Library & IT Help and Support/Contacts
DrillDown Icon TIS Feedback process
DrillDown Icon About TIS
DrillDown Icon IT Service Catalogue
  EMail This ArticlePrint PreviewPrint Preview Current Article/Category with all Sub-Articles/Sub-Categories
 
Avecto Defendpoint

Defendpoint Privilege Management - Enhancing IT Security

Background

In order to comply with IT security best practice and to prepare for GDPR compliance the PC Fleet Refresh project will further improve IT security. The aim is to protect staff laptop and desktop PCs at the University by implementing a change to ‘admin rights’, while still providing sufficient privileges to execute their job role efficiently.

Newly deployed staff computers and Windows 10 installations will come without full administrative rights. To enhance security and reduce the risks from malware etc. that would otherwise affect performance or present a risk to data the University has invested in a ‘privilege management’ system called Defendpoint. It will allow you enough admin level privilege for everyday activity e.g. to install and run software that would previously require full admin rights.

Privilege management and application control is a very effective method to block malware-based attacks, including new and targeted attacks, malicious insider attacks and dangerous user behaviour. With limited access to admin credentials threats won’t be able to exploit devices and spread throughout the University network.

We aim to make the experience as seamless as possible. However, you may be prompted by a customised message rather than the standard Windows messages and these prompts will be clear and easy to follow. Examples are shown further down this page.

This will allow the University to greatly improve device security and protect University data.

The PC Fleet Refresh undertook an evaluation of privilege management systems available in the marketplace and choose the solution that provides the security measures required, the best user experience and value for money to the University.

 

What does the ‘privilege management’ solution provide?

Defendpoint is a security software solution that provides proactive protection to stop unknown threats on Windows PCs and includes:

  • Privilege Management allows the implementation of least privilege and remove admin rights from across the University, without restricting access to the day-to-day things you need to do in your job.
  • Application Control is a way of approving known and trusted applications, and controlling the installation of others. This is the most effective mitigation technique against cyber threats.


What permissions are replacing admin rights?

  •  Standard users (Professional Services staff) – Any user on any PC by default will login as a standard Windows user and will only have permissions to run applications that do not require elevated rights, including all software available in Software Centre.
  •  Privileged Users (Academic staff / Technician staff) – Specific users on specific PC will have elevated rights to be able to install and run software with elevated permissions, but will be prompted to provide a reason and enter their password to confirm.


 When is this change happening?

You will have the Defendpoint software automatically installed on your University Windows 10 machine from 23rd April 2018.

Any new PCs issued as part of the PC Fleet Refresh project will now come with Defendpoint pre-installed and you will be given privileged user rights to allow you to install software you need on your device.

 

 How does this affect me?

This software will run silently in the background to capture information about the applications you run on a regular basis, and specifically those that require admin rights to run. Where an application requires admin rights you will be prompted with a message asking you to confirm that you want to run the application or task with admin rights. This information is audited so that commonly run applications or processes across the fleet can be added to an approved list, preventing future prompts from occurring.

Depending on your current permissions will determine what permissions you will have from 23rd April on your Windows 10 University PC.

 

 Changes for standard users

If you are a standard user (i.e. do not currently have admin rights on your machine) you should not notice any changes other than the agent running on your machine. When you try to run software or a task/process that requires admin rights you will see a message asking you to get approval from the IT Service Desk. See screenshot Example 3 – Assistance Required. If you require elevated permissions to change additional settings or install software without contacting the Service Desk each time you can request your account to be changed to a ‘Privileged user’ by submitting a request on IT Self Service.

 All Professional services areas will have these permissions as all software required to perform business function is available via the Software Center.

 Changes to admin users

If you are currently an administrator on your computer, and you are either an academic or technician when you receive your new computer your account will be given privileged user rights. Please note that from the point of receiving your new computer, there is a 24 hour delay in the privileged user rights being configured.

 How do I know if Defendpoint is installed or running?

You may notice a new icon, with a blue letter ‘A’, in the system tray (near the clock) on your PC, which indicates that the software is installed and running:


What do the Defendpoint prompt messages look like?

You will notice a change in some of the prompt messages you see on your PC when trying to run applications or tasks requiring admin rights.

Currently, when an application needs additional privileges to run, you are show a Microsoft User Account Control (UAC) message like the ones below.

Example A – Microsoft UAC Prompt as an Administrator:

Example B - UAC Prompt as a Standard User, asking for Administrator Credentials:

 

 

 


Instead of the usual Microsoft User Account Control messages, you will instead see a customised message from Defendpoint similar to the ones below.

Example 1 – Confirm Execution

 

Example 2 – Reason Required

Example 3 – Assistance Required

I have further questions about this change. Who can I contact?

If you have any questions or concerns about this change please contact the PC Fleet Refresh project by emailing pcdeploymentteam@plymouth.ac.uk
Modified 26/09/2018
Author: Jefford, Dave