LANDesk and McAfee Agent Deployment Advisory
Cyber-threats are constantly probing and attacking devices via the Internet. In order to maintain business operations and continuity, regulatory compliance, and to minimize security risk, it is vital for CCNY to employ robust information security measures.
Most computer software released by computer developers contains vulnerabilities. Malicious attackers strive to exploit these vulnerabilities to gain remote access to your computer, to intercept your keystrokes (especially passwords), to capture information from web pages you browse, to snoop on your social media accounts, and to search and retrieve sensitive data stored on your hard drive. Without your awareness, these methods can be used to steal your identity and seize financial resources, and also turn your computer into a repository for illicit materials and attacks.
In order to protect individuals from such threats, and facilitate compliance with CUNY’s required anti-malware and software update policies, CCNY’s Office of Information Technology (OIT) is deploying LANDesk computer management tools to augment our McAfee Endpoint Protection. These complementary security controls will help to automate the campus-wide deployment and maintenance of malware protection and software updates – two critical components in our efforts to safeguard the campus-wide computing environment.
LANDesk Desktop Management
LANDesk, a recent addition to CCNY’s software toolbox, functions as a software update aggregator, allowing our IT systems administrators to conveniently collect and apply software updates in a comprehensive manner. The LANDesk software consists of a console that campus IT Administrators use to help manage software installed on Windows, Macintosh and some Linux computers. LANDesk has already been installed on all OIT staff desktop computers. This semester we will begin the campus-wide LANDesk rollout and will prioritize the deployment on computers on the OIT Active Directory system.
Why is LANDesk so important? Individual software developers routinely release software updates (or patches) designed to remove (or patch) detected vulnerabilities. To maintain functionality and security, it is important for software patches to be applied in a timely manner. Applying patches requires that they be downloaded, installed (often by a user with administrative privileges), and then, in many cases, the computer is required to be restarted.
No doubt you’ve noticed that software products installed on your computer require a lot of updates. Microsoft Windows and Office, Apple OS X and iTunes, Adobe Acrobat and Flash generally generate monthly updates. Many programs require even more frequent updates, such as Java and WordPress software platforms and Internet browsers Firefox, Chrome, Internet Explorer, and Safari.
With dozens of software programs and packages (collections of programs) installed on most computer systems, it can be daunting to keep them all up to date. Given the high number of software vulnerabilities and security threats, the ability to proactively manage software installations campus-wide is critical to maintaining a safe and secure campus-wide computing environment. The deployment of LANDesk will:
- help mitigate risk to college data and systems
- facilitate reliable and timely patching of applications
- allow easier software installation by IT administrators
- accommodate easier inventory and management of desktop and laptop systems.
Controlled distribution of updates will allow us to be more proactive in reducing security threats while enforcing standards to make the management of our computer environment more effective. Furthermore, LANDesk’s inventory and reporting capabilities will help make allocating and maintaining computer resources more efficient.
McAfee Endpoint Protection
McAfee Endpoint Protection has been installed on over 4,000 CCNY computers, providing a layer of protection that helps detect and contain malicious software (i.e., viruses, ransomware, Trojans, etc.). CCNY’s central McAfee server allows CCNY IT administrators to manage our campus-wide McAfee installation, facilitate the college-wide deployment of McAfee software upgrades and malware definition updates, automate scheduled malware scans, and proactively remediate detected threats. We are taking measures to increase its footprint on campus, as all computers are required to have malware protection by CUNY policy.
Using McAfee to detect and suppress malware incursions helps reduce the risk of data breaches. Furthermore, McAfee includes encryption technology that allows users to selectively protect sensitive data with encryption. If your job responsibilities require you to work with sensitive information, we urge you to contact your local IT administrator to learn effective ways to secure your computer systems and data.
An IT administrator can install McAfee Endpoint Protection on any college-owned Windows and Macintosh computer. There is also a free, stand-alone version that CUNY students, faculty and staff can download from the CUNY Portal and install on their personally-owned computers.
Using LANDesk our IT systems administrators will be able to conveniently and systemically manage campus-wide software updates. McAfee Endpoint Protection counteracts malware threats by using a combination of information from previous attacks and suspicious behavioral patterns to neutralize threats and prevent them from spreading. Together McAfee and LANDesk are intended to complement each other to provide a shield to protect CCNY’s desktop infrastructure.