The article says Trellix but the same could be written about any EDR from a capability standpoint. To add to the staff's point about giving root access, and while that's more on Microsoft needing to get vendors out of the kernel, it shouldn't be a compromise users have to make.
With that said, I find myself agreeing with the mandate, if you're using university resources, they have a responsibility to protect those resources and EDR is table stakes these days.. but they also need to be providing any devices required for the job, allowing BYOD for restricted data makes an already tough environment to secure harder than it needs to be.
jltsiren•10h ago
There is a complicating factor. Universities are not your average top-down hierarchies. While some aspects of the work do belong to the employer, other aspects are yours (or you PI's), and they may follow you to your next job. While administrative matters and sensitive data tend to belong to the university, everything you create as an academic is usually yours.
It's pretty common, particularly among researchers who do not handle sensitive data, to have a burner laptop for accessing university resources and personal devices for the actual work. Many people also use personal email addresses for work. Work email rarely survives changes in employment, making it too short-lived for many purposes.
mindslight•52m ago
If top-down surveillance spyware has become "table stakes", then it's time to flip the table.
pletsch•11h ago
With that said, I find myself agreeing with the mandate, if you're using university resources, they have a responsibility to protect those resources and EDR is table stakes these days.. but they also need to be providing any devices required for the job, allowing BYOD for restricted data makes an already tough environment to secure harder than it needs to be.
jltsiren•10h ago
It's pretty common, particularly among researchers who do not handle sensitive data, to have a burner laptop for accessing university resources and personal devices for the actual work. Many people also use personal email addresses for work. Work email rarely survives changes in employment, making it too short-lived for many purposes.
mindslight•52m ago