The UCIT Office of Information Security (UCIT OIS) provides several services to the UC community. Select one below to see further explanation or to e-mail UCIT OIS.
Awareness & Training - Awareness campaigns and associated materials such as posters, presentations and flyers; Short courses on a variety of topics targeted at various groups.
Consulting - Review of applications, systems, or processes. If you are starting a project, get us involved early! The earlier, the easier and cheaper it will be to build in security and compliance.
Creation of Security Policies – Creating policies that govern information security throughout the university and UCIT.
Cyber Security Incident Response – Oversight and guidance of an interdisciplinary team to equip them to respond appropriately in the event of a Cyber Security incident.
Governance and Oversight for 2 factor authentication - UCIT OIS oversees 2-factor authentication for UCIT administrator users.
Informal Audits - These policy and legal compliance checks must be requested by the Dean, Assistant Dean or a Director level person at the site to be assessment.
Investigations & e-Discovery - Forensic analysis of computer systems, and copyright. Requests are made through Public Safety and General Counsel.
Mailbox Access and Mail Retrieval Process - This UCIT Mailbox Access/Retrieval process addresses how access is to be requested and granted under various circumstances.
Intel Security Endpoint Protection Services - UCIT OIS partners with Intel Security to provide the following solutions to the university community: Antivirus, Encryption, Device Control, Data Loss Prevention, and policy enforcement via the ePolicy Orchestrator Server.
Risk Management - OIS is tasked with evaluating risk and determining its likelihood and impact.
Shredding - Paper documents are important to dispose of properly. UCIT OIS sponsors 2 to 3 shred events each year. Contact us for dates, more information, or guidance with arranging your own shredding.
SSL Server and Personal Certification Identity Verification – Verify that requests are valid and requesters are valid employees with authority over the server.
Vulnerability Assessments – Network vulnerability scanning (Qualys), Web application scanning (Hailstorm), penetration testing.
Whole Disk Encryption – Encryption is managed through the Enterprise McAfee ePolicy Orchestrator server. Please contact your local IT Coordinator for encryption and/or UCIT OIS with questions.
To view PDF files, you will need Adobe Acrobat Reader, a free download.