Skip to main content

Security - Staff

Account Analytics

Account Analytics focuses on investigations of suspicious login activity on UC Davis accounts campus-wide, putting together patterns of potential abuse.

This program analyzes, monitors, and investigates these abnormal patterns, looking for evidence of account compromise on specific UC Davis platforms.

In the case of suspicious activity, the Information Security Office initiates the incident response process to recover the integrity of the computing account in question. 

Appendix DS (Data Security)

The Appendix DS (Data Security) is a subset of the overall "Purchasing Agreement" with UC Davis vendors. The Appendix DS is not a stand-alone agreement. The package of documents includes:

Cold Room

The Computational Research Service at the College of Letters and Sciences provides support for the use of restricted access, confidential data in social science research. It has a cold room available on a first come, first served basis, for research involving confidential data.

Data Sensitivity Guide

The Data Sensitivity Guide outlines which services are appropriate to store which data types based on data classification categories. Reference this guide to mitigate risks by protecting the privacy and security of information by only storing specified information in the appropriate service for the specific use-case.

For specific use-cases not explicitly addressed in the guide, fill out the Data Sensitivity Intake Form. The ISO Security Team, Privacy Officer, and Service Owner will provide an opinion based on provided information, dependent upon:

Duo Multi-factor Authentication

Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.

Incident Response

The Information Security team initiates and conducts the incident response process to address a variety of security incidents on campus. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support—such as law enforcement—to  remediate the incident through forensic analysis and investigation. The team also provides advice for remote, do-it-yourself, incident remediation.

Industrial Controls Vulnerability Assessments

The Information Security Office (ISO) is in the process of rolling out an Industrial Controls Security (ICS) Review Service, which will function to identify existing vulnerabilities in: air handling systems, water-waste management, fuel distribution, electrical distribution,  and other critical services. Departments utilizing industrial controls should seek to contact the ISO as soon as possible in order to jumpstart an Industrial Controls Vulnerability Assessment.    

IS-3 Exception Requests

In cases where a Unit member or organization is unable to meet IS-3 standards, they must submit an Exception Request. The ISO will review the request and ask the Unit Information Security Lead to request the Unit head to approve the request. Go to the following link  to view the campus UISL and Unit Heads:

PCI Compliance

The Information Security Office (ISO) and Merchant Support work in tandem to guide UC Davis merchants as they complete their compliance documentation and to provide direction for non-compliant situations relating to information security of payment information. The ISO also performs vulnerability scans of SAQ-A websites, on which payment cards are processed, and collaboratively assists merchants as they complete self-assessments.

Research Security Assessments

Upon request, the Information Security Office completes Research Security Assessments. This assessment assures that the researcher’s environmental security standards align with guidelines defined by both IS-3 and a 3rd party contracts as well as identifies vulnerabilities in the research environment. The ISO will provide recommendations regarding the mitigation of potential environmental flaws, and provide CISO approval pending compliance with standards.

Research Support

The Information Security Office provides support to researchers with certain types of data, without compromising sensitive information belonging to individuals or the campus itself. The data is typically confined to the Information Security Office, where it can be accessed by on-site campus researchers.

Sophos Anti-Virus

The Sophos Anti-Virus Central Service is an integrated management system, tying together multiple Sophos products in order to provide a more complete and effective security net.

Anti-ransomware and anti-exploit technology combines to detect suspicious network traffic and identify trends and potentially threatening packages as they cross the UC Davis network border. The Information Security Office (ISO) monitors Sophos data in order to respond to potential threats, if necessary. 

Vendor Risk Assessment

In order to verify vendors’ compliance with IS-3 policy, organizations and units must work with the Information Security Office to complete Vendor Risk Assessments. This process assesses vendors’ conformity to information security standards, better assuring:

Vulnerability Management

The Vulnerability Management Program scans all UC Davis network computing resources for vulnerabilities and configuration weaknesses. The service is provided by the vendor, Tenable.

The Information Security Office (ISO) will report identified vulnerabilities to the Unit’s ISO Point of Contact and the Unit System Administrator, who must take action to remediate the threat. This process is tracked and recorded in ServiceNow.