About Pepperdine Device Management

The latest developments in device management at Pepperdine, along with relevant informational links and our patch log.

Friday, July 25, 2014

Endpoint Protection Installation Process Continues

Dear Pepperdine Faculty and Staff,
Pepperdine’s Information Technology division is continuing the installation of Endpoint Protection.
Many people who have Pepperdine-owned computers running the Windows operating system already have received the Sophos antivirus client. Others may expect the installation in the coming weeks. Please note the following:
What will happen:
In order to prevent conflicts with other antivirus programs, the Sophos installation process may remove existing antivirus solutions installed on your computer.
What you might see:
You may see messages indicating that various antivirus programs were removed and/or encouraging you to obtain antivirus protection.

Please ignore or minimize these messages should they appear.
(They will disappear on their own.)

A blank black window:

Find an antivirus message:

Trend Notification:
Successful installation:
Upon installation, Sophos, your new antivirus program, will appear as a shield in your system tray.

We appreciate your cooperation during the installation process. We know the Endpoint Protection Service will help keep the University data and community safe.

Monday, July 21, 2014

Frozen but Not Vulnerable

Prior to implementing Device Management to secure our network, many of our campus computer labs and public computers relied on a product known as Deep Freeze to help mitigate malware infections. Deep Freeze works by taking a snapshot of the computer after it's setup and no matter what changes happen to it after that, automatically reverts to that snapshot when the computer is rebooted. So no matter what kind of nasty virus may have found its way onto the computer or whatever infected file inadvertently gets transferred to the computer, a simple reboot would get rid of it and the computer would be clean and happy again.

An unfortunate side-effect however, was that any security updates or system patches that were applied without going through a special process to update the snapshot would also get wiped clean on reboot. Previously these updates had to be manually applied by the lab manager or other IT staff to each computer protected with Deep Freeze, but we are now happy to report that we have successfully developed an automatic process that takes care of it utilizing Device Management. This will save countless hours of employee time and allows greater efficiency in network management and increased security.

We ran a pilot test of the process in late June on selected computers in Cafe Fresca and have recently expanded it to include some of the computers in Payson Library. Full implementation across all Pepperdine computers protected with Deep Freeze will be rolled out by the end of the year.

Thursday, July 3, 2014

Endpoint Protection Installation

Information Technology soon will deploy the new Endpoint Protection Service for all Pepperdine-owned computers. This new service will monitor malware activity and take corrective measures to minimize malware action and data loss.

On July 14, 2014, the Device Management Service will begin installing the Sophos antivirus client on Pepperdine-owned Windows computers and removing the old antivirus, Trend Officescan.  Installation on Macintosh computers will follow thereafter.

You may be prompted to reboot your computer to complete the installation process.

Tuesday, July 1, 2014

Server and Flash Upgrades

The Device Management Server was recently upgraded to add new administrative features and enhancements that will make the job of keeping our computers updated and secure more efficient. The most noticeable change on the client side is that the Windows and Mac alert messages are now standardized (see image below) so there is a uniform experience on both platforms. This makes it much easier for users to recognize when a security patch has been applied to their computer and helps reassure them it is a legitimate Device Management alert.
Before: Windows and Mac users received different alert windows leading to confusion
After, both Windows and Mac users receive an alert window displaying the official Device Management logo
Adobe also released a new version of Adobe Flash (version 14) for Windows and Macintosh which addresses vulnerabilities that could potentially allow an attacker to take control of an affected system. Adobe recommended all users update to the latest version as soon as possible. Following our standard period of compatibility testing on campus for use with our systems such as WaveNet and Kronos, we are now actively upgrading computers with older versions to the more secure current version.