The UCIT Office of Information Security (UCIT OIS) partners with the university community to foster a culture that supports the confidentiality, integrity, availability and accountability of the university's academic and research objectives through the application of unified information security architecture with the necessary policies and procedures to ensure its viability.
- Confidentiality - Identify confidential, proprietary, and sensitive information resources, determine appropriate uses and access of these resources, and employ measures to protect the resources from unauthorized access and/or disclosure.
- Integrity - Ensure the accuracy, validity, and completeness of information by protecting resources from unauthorized intentional and accidental modification.
- Availability – Provide assurances that University information resources are readily accessible and operational to support educational, research, service, and administrative operations.
- Accountability – Ensure the tasks for which an individual is responsible are part of the overall information security plan and are readily measurable by a person who has managerial responsibility for information assurance.
To fulfill our mission, the UCIT Office of Information Security offers six primary methods of support to UC:
- Governance & Compliance
- Education & Awareness
- Information Security Risk Management & Consulting
- Incident Management and Cyber Forensics
- Operational Management
- Disaster Recovery Program
While not all encompassing, the following examples provide a more granular listing of how the UCIT Office of Information Security supports the university.
Governance & Compliance
- Draft and establish university information security policies, standards, procedures and guidelines in accordance with best practices as well as existing laws and regulations.
- Focus on compliance and security assessments within the university community to provide assurance that controls are adequately designed and operating effectively.
- Liaison to internal and external entities on information security related matters.
- Actively participate in enterprise wide strategic technology and information security planning.
- Represent the university’s information security interests on key committees and councils.
- Annually review and update university information security policies, standards, procedures and guidelines.
Education & Awareness
- Build and maintain an information security awareness and training program for the university community and partners.
- Promote information security through collaboration with students, university academic units and strategic partners.
- Integrate with the university’s on-boarding program to educate new hires on information security essentials.
- Provide specialized training programs to meet various compliance needs such as HIPAA.
- Coordinate periodic campus wide shredding events.
- Create customized information security awareness presentations, training and education.
- Facilitate a university-wide information security discussion group.
Information Security Risk Management & Consulting
- Develop and implement ongoing risk assessments and establish a continuous risk management program.
- Identify threats, vulnerabilities, and risks through key strategic alliances, innovative information gathering, and information sharing practices. Analyze results and recommend mitigation solutions with reviews as appropriate.
- Conduct security reviews of new enterprise level systems or changes to existing systems prior to implementation.
- Vetting of vendors that provide university wide services that involve restricted data or vendors that provide university wide technology services.
- Perform annual HIPAA security risk assessments for university units that maintain or process protected health information. Consultation provided at UCIT hourly recharge rates.
- Tailored consultation services that include risk and security assessments are available to individual units at UCIT hourly recharge rates.
Incident Management and Cyber Forensics
- Respond to notification from an individual, departmental unit, outside entity, or automated monitoring system of a suspected information security incident that could impact the university’s operations. Confirm and manage the incident as well as coordinate the recovery.
- Lead and coordinate the University’s Computer Incident Response Team (CIRT). That team is typically activated when an unauthorized entity is suspected of gaining or gains access to university computing or network resources, equipment or data.
- Provide support for digital forensic analysis upon the request from the UC Office of General Counsel, Internal Audit and Public Safety.
- Coordinate and validate issuance of InCommon Server Certificates.
- Annually review and validate personal InCommon Certificates.
- Perform operating system vulnerability scanning in accordance with the Vulnerable Electronic Systems Policy.
- Continuously review inquiries from the university community and respond in accordance with internal procedures.
- Continuously monitor System Incident & Event Management (SIEM) and Data Loss Prevention (DLP) activity and triage events for further review.
- Provide enterprise wide host and server based anti-malware and encryption solutions via ePolicy.
- Approve change requests via the Change Management system.
- Periodically organize, advertise, and host document shredding events across campus.
- Recover, securely wipe all data, and re-purpose unneeded USB drives.
- Develop and implement a Honeypot to assist in discovery of potential threats.
- Develop and maintain the departmental website.
- Maintain and manage a supply of clean laptops made available for faculty and staff when traveling abroad.
- Provide access control for the following systems:
- RSA two-factor authentication.
- Chemical Inventory System.
- Mainframe (Universis and R-25).
- IP Camera Monitoring System.
Disaster Recovery Program
- Facilitate and provide leadership to the university wide disaster recovery program for critical academic, administrative and information technology systems.
- Engage and vet prospective third party vendors to support the university’s disaster recovery program.
- Coordinate and initiate periodic testing of the disaster recovery program.
- Review and modify disaster recovery program continuously to address lessons learned following test execution, recovery event or significant changes.