With the recent cyber breaches at the Colorado Department of Higher Education and the National Student Clearinghouse, it is top of mind that cyber incidents are causing significant disruption to universities and related entities. According to Educause, “Education is the most affected sector for malware attacks when compared to other industries.” Although Mines has been fortunate, higher-ed institutions are especially attractive to cyber criminals because of our confidential student, faculty, and research data.

Local administration rights (username_a accounts) on Mines-issued computers increase the risk of unknowingly installing harmful applications and infecting Mines.  This security concern is highlighted by the increase of malware and ransomware attacks enabled through local admin rights – according to the 2023 Microsoft Vulnerabilities Report, from 2015 to 2020, simply removing administrative privileges could have mitigated 75 percent of all critical Microsoft vulnerabilities.

With this in mind, Mines will join business and government entities in removing most users’ local PC and Mac administration rights, bringing us in compliance with NIST standards and the recommendations from a recent data security audit. With most education and business software running in the cloud, the impact of this change will be minimal for most.

For those few who believe they need to retain full local admin rights, these additional steps are required:

• Submission of an Administrative Privilege Request form acknowledging appropriate use and liability
• Additional cyber training through KnowBe4’s Privileged User Security Series

The removal of local admin rights will be automatically applied and phased in by group:

• October 31 – IT
• November 10 – FA&O
• January 17 – Academic Faculty, Student Life, and all others

If you have software you need to install on your Mines-issued computer, please submit an IT Service Request or call 303-278-HELP (4357) for assistance.  

Previously approved software can be self-installed via one of two options:

• Over the phone by an IT Service Desk technician
• Through Mines’ “self-service” App Stores on your device
  • Mines Self Service (Mac)
    
  • Software Center (Windows)
     

Thank you for your help in maintaining the safety and security of our systems at Mines. Your input is appreciated and can be shared directly with me at andrewjmoore@mines.edu.

Thanks,
Andrew, CIO (Chief Information Officer)