IT colleagues:
CrowdStrike, IU’s Endpoint Detection & Response (EDR) solution for servers, will have prevention policies provisioned in production environments on May 7, 2024. These prevention policies have already been enabled in the test environments since January 31, 2024.
Enabling prevention policies for CrowdStrike is essential for providing servers with real-time protection from malware and other threats.
If a prevention policy blocks a process or service, the server owner will be notified by UISO. An official notification will be sent in the form of an email from it-incident@iu.edu. Depending on the severity of the detection, UISO may also reach out via Teams message and/or phone call. EDR notifications sent to server admins may include instructions to not interfere with servers that have an active detection or prevention until UISO completes their investigation.
If you have any questions or concerns, please contact the UISO via uiso@iu.edu.
–IT Community Partnerships on behalf of the University Information Security Office