Skip to main content

Security - Staff

UC Davis and the University of California are strongly committed to sustaining high standards in the protection of data assets and information technology resources that support the University’s academic, enterprise, and research operations and objectives.  This category includes the Operational and Business services the Information Security team currently offers to help the university reach and exceed these objectives.

Duo Multi-factor Authentication

Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.

File Integrity Monitoring (FIM)

File Integrity Monitoring (FIM) delivers risk visibility, business context and security business intelligence enabling enterprises to protect sensitive data and assets from breaches, vulnerabilities, and threats through a portfolio of high priority security controls.

Firewall Administration

IET provides firewall services to help secure department networks and to ensure compliance with campus cyber safety policies. The Turnkey Firewall service includes management of the entire firewall implementation and maintenance including the acquisition, installation, configuration, and programming. When equipment reaches the end of its life cycle, replacement costs are included.

Incident Response

The Information Security team helps the campus and IET through training and consulting on security incidents. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support (such as the police) to remediate the incident, thus staying compliant with laws and regulations.

Information Security Training and Awareness

The best way to achieve a significant and lasting improvement in information security is not to throw more technical solutions at a problem--the best approach is to teach the basics of information security to everyone who interacts with computer networks, systems, and information.

Risk Assessment

Laws (HIPAA) and industry mandates (PCI) require organizations to assess their vulnerabilities and risks. Organizations must be conscious of information security, and must develop and implement proper security controls based on their internal risk and vulnerability assessments. These assessments can help the organization:

Vulnerability Scanning Service

A self-directed Nessus scan is initiated by a VLAN administrator or technology support coordinator (TSC). These self-directed scans can be configured to search for more vulnerabilities than the campus scan seeks.

The Nessus vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware and botnet discovery; and sensitive data identification, with a continuously updated library of more than 60,000 plug-ins and the support of Tenable's expert vulnerability research team.