With recent cyber breaches impacting institutions like Columbia University and Texas Tech University Health Sciences Center, cyber security is no longer just a technical issue - it's a strategic priority for higher education. These incidents have disrupted operations, exposed sensitive data, and reminded us that universities are prime targets for cybercriminals.
According to Educause, "Education is the most affected sector for malware attacks when compared to other industries." OU is no exception. Our systems house vast amounts of confidential data - from student records and faculty research to financial and health information. Protecting this data is critical to maintaining trust and continuity across our campuses.
One of the most common attack vectors is the use of Local Admin Rights (often referred to as OU/OUHSCID) on university-managed computers. These elevated privileges allow users to install software and make system changes - but they also open the door to malware, ransomware, and other threats, often without the user realizing it.
The 2025 Microsoft Vulnerability Report found that:
- Total vulnerabilities rose to a record high.
- Elevation of Privilege (EoP) accounted for 40% of the total vulnerabilities - the highest ranking category.
- From 2015 to 2020, "75% of critical Microsoft vulnerabilities could have been mitigated by removing admin rights."
In response, OU will begin removing local admin rights from most university-issued Windows and MacOS devices. This change aligns OU with NIST cybersecurity standards, recommendations from internal audits, and best practices adopted by leading institutions and government agencies.
For most faculty and staff, the impact will be minimal. Today's academic and administrative tools are largely cloud-based, and OU IT will continue to support software access and updates through managed channels. Additionally, OU IT will also provide Just-in-Time elevation access to temporarily elevate privileges when needed.
This is more than a technical adjustment - it's a step toward a more secure OU. By reducing risk and aligning with national standards, we're protecting our people, our data, and our mission.
Learn More: Endpoint Privileged Management - Removal/Controlled Use of Local Admin Rights - Implementation