Malware detection and endpoint detection and response

SA10: All servers must run malware detection and endpoint detection and response software with up-to-date signature files, whether the system is managed directly by Harvard or via contract with a third-party service provider for Harvard's use (e.g. IaaS, SaaS).

How to Comply

Run malware detection and endpoint detection and response software

  • Servers owned and managed directly by Havard must run CrowdStrike endpoint detection and response software. 
  • Servers managed via contract with a third-party service for Harvard's use must run applicable malware detection and endpoint detection and response software with up-to-date signature files.