Bastion hosts are gateways between internal and external networks. They help defend the internal network against attacks. The campus Bastion Host Service works by restricting access, among individuals outside the Data Center network, to Unix and Windows systems housed in the Data Center.
Cloudflare, Inc. is a U.S. company that provides content deliver network services, DDoS mitigation, Internet security and distributed domain name server services, sitting between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
The Data Sensitivity Guide outlines which services are appropriate to store which data types based on data classification categories. Reference this guide to mitigate risks by protecting the privacy and security of information by only storing specified information in the appropriate service for the specific use-case.
For specific use-cases not explicitly addressed in the guide, fill out the Data Sensitivity Intake Form. The ISO Security Team, Privacy Officer, and Service Owner will provide an opinion based on provided information, dependent upon:
Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.
The Information Security team initiates and conducts the incident response process to address a variety of security incidents on campus. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support—such as law enforcement—to remediate the incident through forensic analysis and investigation. The team also provides advice for remote, do-it-yourself, incident remediation.
The Information Security Office (ISO) is in the process of rolling out an Industrial Controls Security (ICS) Review Service, which will function to identify existing vulnerabilities in: air handling systems, water-waste management, fuel distribution, electrical distribution, and other critical services. Departments utilizing industrial controls should seek to contact the ISO as soon as possible in order to jumpstart an Industrial Controls Vulnerability Assessment.
In cases where a Unit member or organization is unable to meet IS-3 standards, they must submit an Exception Request. The ISO will review the request and ask the Unit Information Security Lead to request the Unit head to approve the request. Go to the following link to view the campus UISL and Unit Heads:
This service is primarily for Campus Counsel, so it can leverage the UC Davis Information Security Team’s expertise to perform e-discovery and collect information in a sound manner. However, campus IT support and administrative units can use this service for the same reasons. The Information Security team can also assist communications between departments and other groups such as Campus Counsel, FBI, and local law enforcement.