Skip to main content

Security

Account Analytics

Account Analytics focuses on investigations of suspicious login activity on UC Davis accounts campus-wide, putting together patterns of potential abuse.

This program analyzes, monitors, and investigates these abnormal patterns, looking for evidence of account compromise on specific UC Davis platforms.

In the case of suspicious activity, the Information Security Office initiates the incident response process to recover the integrity of the computing account in question. 

Appendix DS (Data Security)

The Appendix DS (Data Security) is a subset of the overall "Purchasing Agreement" with UC Davis vendors. The Appendix DS is not a stand-alone agreement. The package of documents includes:

Bastion Hosts (Multi-Factor Authentication)

Bastion hosts are gateways between internal and external networks. They help defend the internal network against attacks. The campus Bastion Host Service works by restricting access, among individuals outside the Data Center network, to Unix and Windows systems housed in the Data Center. 

Cloudflare

Cloudflare, Inc. is a U.S. company that provides content deliver network services, DDoS mitigation, Internet security and distributed domain name server services, sitting between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Cold Room

The Computational Research Service at the College of Letters and Sciences provides support for the use of restricted access, confidential data in social science research. It has a cold room available on a first come, first served basis, for research involving confidential data.

Data Sensitivity Guide

The Data Sensitivity Guide outlines which services are appropriate to store which data types based on data classification categories. Reference this guide to mitigate risks by protecting the privacy and security of information by only storing specified information in the appropriate service for the specific use-case.

For specific use-cases not explicitly addressed in the guide, fill out the Data Sensitivity Intake Form. The ISO Security Team, Privacy Officer, and Service Owner will provide an opinion based on provided information, dependent upon:

Duo Multi-factor Authentication

Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.

Incident Response

The Information Security team initiates and conducts the incident response process to address a variety of security incidents on campus. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support—such as law enforcement—to  remediate the incident through forensic analysis and investigation. The team also provides advice for remote, do-it-yourself, incident remediation.

Industrial Controls Vulnerability Assessments

The Information Security Office (ISO) is in the process of rolling out an Industrial Controls Security (ICS) Review Service, which will function to identify existing vulnerabilities in: air handling systems, water-waste management, fuel distribution, electrical distribution,  and other critical services. Departments utilizing industrial controls should seek to contact the ISO as soon as possible in order to jumpstart an Industrial Controls Vulnerability Assessment.    

IS-3 Exception Requests

In cases where a Unit member or organization is unable to meet IS-3 standards, they must submit an Exception Request. The ISO will review the request and ask the Unit Information Security Lead to request the Unit head to approve the request. Go to the following link  to view the campus UISL and Unit Heads:

Pages