Dear faculty and staff,

Most of you have received a security alert from main campus Information Security Office (signed by Mary Ann Blair, Director of Information Security) urging the campus to stop using Symantec Endpoint Protection (SEP) and transition to other alternatives. This email updates you with respect to our plans for a similar more for the Qatar campus.

In the coming weeks, we plan to also transition away from using Symantec to alternatives. The systems that we manage (Clusters, your IT provided laptop) will automatically be reconfigured to the new replacement software. We will share details of our plans soon. We urge you to take similar steps for systems that you manage (including your personal systems). The recommendations from main campus Information Security Office appear below in this regard.

In the meanwhile, Symantec has already released the security updates to fix the recent vulnerabilities before the findings were published by Google Project Zero. The installed version of Symantec Endpoint Protection on Clusters, and your IT provided laptop updates itself automatically and now all our campus’ machines are running with the latest security updates from Symantec for the recent vulnerabilities.

Please contact us at helpcenter@qatar.cmu.edu if you have any questions or feedback.

Thank you.

Nasser Alaeddine, Ph.D. | Director of Educational and Media Technologies

Portion of Mary Ann’s email:

WHAT YOU NEED TO DO

  1. If your computer is managed by your departmental IT administrator or DSP, follow their virus protection software recommendations.
  2. Follow instructions in the Secure Your Computer Get Started guides at https://www.cmu.edu/computing/security/start/ to uninstall Symantec Endpoint Protection and install and configure the appropriate virus protection software for your operating system.
  3. Review the Safe Computing Tips at https://www.cmu.edu/iso/aware/secure/ and continue to be vigilant about common scams, patching, and managing your passwords.

MORE INFORMATION

Full technical details regarding the Symantec Endpoint Protection security flaw are available on the Information Security Office web site at https://www.cmu.edu/iso/news/symantec-phaseout.html.

Update- Symantec Endpoint Protection