Overview
Malware Protection and Endpoint Detection and Response (EDR)
Malware protection software is an important tool to help prevent cyberattacks.
UBC’s Information Security Standard U7, Securing Computing and Mobile Storage Devices/Media requires that approved Endpoint Detection and Response (EDR) software be installed on all UBC-owned desktop and laptop computers. It also requires that personally-owned computing devices used for University Business* have up-to-date malware protection software installed at all times, configured to update at least once per day.
Not every type of cyberattack can be prevented with malware protection software, but it can be a great asset when trying to prevent intrusion into a computer.
*University Business means activities in support of the administrative, academic, and research mandates of the University.
UBC Options for Malware Protection
If you need assistance or more information, see the Support section below.
Getting Started
UBC Employees
I am using a computer that is supported by UBC
Applies to: Faculty, staff, researchers, student employees and contractors with a UBC-owned laptop or desktop computer that is:
- Supported by the central IT Department (UBC IT) in Vancouver or Okanagan
- Supported by a Faculty, Department or Research IT Department
What do I need to do? Nothing!
IT Support Staff at UBC will ensure that your computer has approved Endpoint Detection and Response (EDR) software installed. The software is updated automatically and no action is required on your part to keep your software up-to-date and compliant with UBC’s Information Security Standard U7, Securing Computing and Mobile Storage Devices/Media.
I am using a computer that I support myself
Applies to: Faculty, staff, researchers, student employees and contractors with a laptop or desktop computer that is:
- Owned by UBC, but self-supported
- Personally-owned, but used for University Business
What do I need to do? Install Cisco Secure Endpoint (formerly Cisco AMP for Endpoints), UBC’s approved Endpoint Detection and Response (EDR) software, which can be downloaded through UBC’s Software Downloads site.
For personally-owned computers, you may also choose to install alternative malware protection software. A list of some popular no-cost options is provided below.
Note: Running multiple EDR products simultaneously is strongly discouraged. These solutions are designed to have deep visibility and control over an endpoint's activity. Deploying multiple EDRs can lead to conflicts, causing unexpected behaviour, reduced system performance, and difficulty in isolating the source of alerts. Additionally, some EDR products, upon installation, will automatically disable native antivirus solutions like Windows Defender. This is because EDRs often incorporate their own antivirus functionality, ensuring no competition arises that could hinder threat detection.
Alternate EDR software is required for computers used by staff in the Office of the CIO. Please reach out to privacy.matters@ubc.ca, and a member of the UBC Cybersecurity team will contact you with further instructions.
Students and other members of the UBC community
Applies to:
- UBC students with a personally-owned computer
- Non-employee UBC affiliates and members of the UBC community with a personally-owned computer
- UBC employees with a personally-owned computer NOT used for University Business
What do I need to do? To protect your computer against malware, you must manually install your own anti-malware software. A list of some popular no-cost options is provided below.
As a reminder, UBC’s Information Security Standard U7, Securing Computing and Mobile Storage Devices/Media requires that computing devices used for University Business have up-to-date malware protection software installed and configured to update at least once per day.
Popular no-cost anti-malware programs
Below is a list of some popular no-cost anti-malware/antivirus programs. This list is by no means exhaustive as there may be other antivirus programs that will work for your system that are not listed.
This list is provided as a reference only as UBC IT at both the Vancouver and Okanagan campuses cannot provide support for these products.
Popular free programs (in alphabetical order)
- AVG Antivirus Free
- Avira Antivirus Personal
- ClamAV Antivirus
- ClamWin Free Antivirus
- Panda Cloud Antivirus
- List of paid and free antivirus programs [Wikipedia]
Note: When installing your own software, ensure it is purchased/downloaded from a reputable source, and that the following features are enabled:
- Regular updates with new signature files;
- Scanning for all files;
- Real-time protection;
- Scheduled system scans; and
- Alerting.
Note: Running multiple EDR products simultaneously is strongly discouraged. These solutions are designed to have deep visibility and control over an endpoint's activity. Deploying multiple EDRs can lead to conflicts, causing unexpected behaviour, reduced system performance, and difficulty in isolating the source of alerts. Additionally, some EDR products, upon installation, will automatically disable native antivirus solutions like Windows Defender. This is because EDRs often incorporate their own antivirus functionality, ensuring no competition arises that could hinder threat detection.
Other Valuable Security Steps
While having malware protection software is an important step in keeping your computer protected, there are still some other things that you can do to keep your computer safe.
Please visit the Privacy Matters @ UBC website for further information.
Support
- Contact the IT Service Centre (UBC-licensed software only) or your local IT support
- Instructions to install Cisco Secure Endpoints(CWL login required)
- Cisco Secure Endpoint Technical Reference Guide (For IT staff) (CWL login required)