Microsoft Defender for Endpoint is a security system deployed by the Canada School of Public Service to protect government employee devices, identities, and cloud applications from cyber threats. The system uses behavioral analytics to identify suspicious device activity, compromised user identities, and risky cloud application usage patterns that may indicate security breaches or unauthorized access attempts.
The system collects and analyzes telemetry data from endpoints (government computers and devices), Active Directory signals, and client certificate information to detect potential threats. This system processes personal information about Government of Canada employees and their device usage patterns. Employees should be aware that their device activity is monitored for security purposes, and the system may flag suspicious behavior for investigation by IT security teams.
This system is currently in production and is a vendor-provided solution developed by Microsoft. Employees should understand how this monitoring affects their privacy and what rights they have regarding access to information about their flagged activities.
