EDR – Microsoft Defender for Endpoint - Windows

OIT recommends Microsoft Defender for Endpoint for Windows antivirus and antispyware software for all university owned computers running Windows OS.

Features

OIT's EDR recommendation for Windows computers, Windows Defender for Endpoint, provides antivirus, antispyware, ransomware protection and intrusion detection and response capabilities for CU Boulder owned devices. 

Microsoft Defender for Endpoint is a comprehensive, cloud-native endpoint security solution that delivers visibility and AI-powered cyberthreat protection to help stop cyberattacks at CU Boulder. Defender for Endpoint provides central reporting to the Office of Information Security in order to mitigate and investigate the scope and depth of cyber-attacks, ransomware and malware.

*Note: This is only required for devices that are not already enrolled in Secure Computing.

Who can get it

Faculty, Staff, and student staff conducting official university business. 

How to get it

If your device is enrolled in Secure Computing, Microsoft Defender is configured for you and no other action is required. Not sure if you're enrolled in Secure Computing? Check your device for Self Service Software, and if you are able to open Self Service Software, Defender is configured on your device.

If you're not enrolled in Secure Computing and need to configure Microsoft Defender, follow these steps:

  1. Remove any third-party antivirus software including CA eTrust and SCEP. 
  2. Download and install the Defender for Endpoint Onboarding Package
  3. Enable Microsoft Defender for Endpoint for Windows
  4. If you don't know how to uninstall antivirus or install EDR, or are uncomfortable doing so, please contact your departmental IT professional or the IT Service Center.

*Please Note: Make sure Windows Updates are enabled so you get the most up-to-date definitions on a regular basis.