UC Davis and the University of California are strongly committed to sustaining high standards in the protection of data assets and information technology resources that support the University’s academic, enterprise, and research operations and objectives.  Below are the Operational and Business services the Information Security team currently offer to help the university reach and exceed these objectives.

Application Security Consulting

IBM AppScan is a dynamic web application security tool that identifies flaws and vulnerabilities in web applications. The Information Security team offers this tool at no charge for campus use.

Bastion Hosts (Multi-Factor Authentication)

Bastion hosts are gateways between internal and external networks. They help defend the internal network against attacks. The campus Bastion Host Service works by restricting access, among individuals outside the Data Center network, to Unix and Windows systems housed in the Data Center. 

File Integrity Monitoring (FIM)

File Integrity Monitoring (FIM) delivers risk visibility, business context and security business intelligence enabling enterprises to protect sensitive data and assets from breaches, vulnerabilities, and threats through a portfolio of high priority security controls.

Firewall Administration

IET provides firewall services to help secure department networks and to ensure compliance with campus cyber safety policies. 

Turnkey firewall service

IET manages the entire firewall implementation and maintenance including the acquisition, installation, configuration, and programming. When equipment reaches the end of its life cycle, replacement costs are included.

Incident Response

The Information Security team helps the campus and IET through training and consulting on security incidents. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support (such as the police) to remediate the incident, thus staying compliant with laws and regulations.

Information Security Training and Awareness

The best way to achieve a significant and lasting improvement in information security is not to throw more technical solutions at a problem--the best approach is to teach the basics of information security to everyone who interacts with computer networks, systems, and information.

Law Enforcement Support

Our responses to cyber-security threats sometimes require UC Davis to work with outside law enforcement agencies, such as the FBI. IET's Information Security team is ideally situated to help those agencies, because it works closely with both central IET and campus IT leads, and has access to information that can help offer a university-wide perspective. 

Litigation Support

This service is primarily for Campus Counsel, so it can leverage the UC Davis Information Security Team’s expertise to perform e-discovery and collect information in a sound manner. However, campus IT support and administrative units can use this service for the same reasons. The Information Security team can also assist communications between departments and other groups such as Campus Counsel, FBI, and local law enforcement.

PII (Personally Identifiable Information) Scanning

This service uses Identity Finder software to scan computers for digital assets, including personally identifiable information (PII). The scans can help campus units identify their digital assets; units can then use the resulting information to help them avoid, assume, reduce, or transfer their information risks.

Identity thieves who find poorly secured PII can use it to enter accounts, steal money and assets, and impersonate others.

Procurement Support

When deciding how to apply cyber-security requirements for new products, information security experts and procurement organizations need to work with vendors so that together they can implement and maintain the correct cyber-security controls and prevent costly retrofits.

Pages