Skip to main content


The UCIT Office of Information Security (UCIT OIS) provides several services to the UC community. Select one below to see further explanation or to e-mail UCIT OIS.

Awareness & Training - Awareness campaigns and associated materials such as posters, presentations and flyers; Short courses on a variety of topics targeted at various groups.

Consulting - Review of applications, systems, or processes. If you are starting a project, get us involved early! The earlier, the easier and cheaper it will be to build in security and compliance.

Creation of Security Policies – Creating policies that govern information security throughout the university and UCIT.

Cyber Security Incident Response – Oversight and guidance of an interdisciplinary team to equip them to respond appropriately in the event of a Cyber Security incident.

Governance and Oversight for 2 factor authentication - UCIT OIS oversees 2-factor authentication for UCIT administrator users.

Informal Audits - These policy and legal compliance checks must be requested by the Dean, Assistant Dean or a Director level person at the site to be assessment.

Investigations & e-Discovery - Forensic analysis of computer systems, and copyright. Requests are made through Public Safety and General Counsel.

Laptops for Travel - Providing a basic clean laptop for travel overseas to faculty and staff travelling for the university. For more information, view the checklist on travelling with mobile devices.

Mailbox Access and Mail Retrieval Process - This UCIT Mailbox Access/Retrieval process addresses how access is to be requested and granted under various circumstances.

Intel Security Endpoint Protection Services - UCIT OIS partners with Intel Security to provide the following solutions to the university community: Antivirus, Encryption, Device Control, Data Loss Prevention, and policy enforcement via the ePolicy Orchestrator Server.

Risk Management - OIS is tasked with evaluating risk and determining its likelihood and impact.

Shredding - Paper documents are important to dispose of properly. UCIT OIS sponsors 2 to 3 shred events each year. Contact us for dates, more information, or guidance with arranging your own shredding.

SSL Server and Personal Certification Identity Verification – Verify that requests are valid and requesters are valid employees with authority over the server.

Vulnerability Assessments – Network vulnerability scanning (Qualys), Web application scanning (Hailstorm), penetration testing.

Whole Disk Encryption – Encryption is managed through the Enterprise McAfee ePolicy Orchestrator server. Please contact your local IT Coordinator for encryption and/or UCIT OIS with questions.

To view PDF files, you will need Adobe Acrobat Reader, a free download.