UC Davis and the University of California are strongly committed to sustaining high standards in the protection of data assets and information technology resources that support the University’s academic, enterprise, and research operations and objectives.  Below are the Operational and Business services the Information Security team currently offer to help the university reach and exceed these objectives.

File Integrity Monitoring (FIM)

File Integrity Monitoring (FIM) delivers risk visibility, business context and security business intelligence enabling enterprises to protect sensitive data and assets from breaches, vulnerabilities, and threats through a portfolio of high priority security controls.

Firewall Administration

IET provides firewall services to help secure department networks and to ensure compliance with campus cyber safety policies. 

Turnkey firewall service

IET manages the entire firewall implementation and maintenance including the acquisition, installation, configuration, and programming. When equipment reaches the end of its life cycle, replacement costs are included.

Incident Response

The Information Security team helps the campus and IET through training and consulting on security incidents. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support (such as the police) to remediate the incident, thus staying compliant with laws and regulations.

Information Security Training and Awareness

The best way to achieve a significant and lasting improvement in information security is not to throw more technical solutions at a problem--the best approach is to teach the basics of information security to everyone who interacts with computer networks, systems, and information.

Risk Assessment

Laws (HIPAA) and industry mandates (PCI) require organizations to assess their vulnerabilities and risks. Organizations must be conscious of information security, and must develop and implement proper security controls based on their internal risk and vulnerability assessments. These assessments can help the organization:

Vulnerability Scanning Service

A self-directed Nessus scan is initiated by a VLAN administrator or technology support coordinator (TSC). These self-directed scans can be configured to search for more vulnerabilities than the campus scan seeks.

The Nessus vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware and botnet discovery; and sensitive data identification, with a continuously updated library of more than 60,000 plug-ins and the support of Tenable's expert vulnerability research team.