CyberSecurity
OEC can help you improve your cyber security stance, whether it is in your Research Lab, at your office, or in a server room on campus. Our Infrastructure team and Desktop team have years of experience working with a wide variety of customers and their unique needs across campus.
OEC Service Catalog: https://oec.ucsd.edu/service-catalog
Here at UC San Diego, we all work together to create a safe computing environment. From taking the yearly Cyber Security training and restarting our computers for security patches to complete, to setting secure firewall rules and registering equipment with campus Hostmaster, there are many ways that we can positively affect the health and security of not only our own computers and data, but everyone else's.
The desktops/laptops that OEC provides for our Core Customers have:
secure management software, with managed OS/software updates
up-to-date antivirus and vulnerability scanning software
active host firewalls with managed rulesets
local hard drive encryption
Authentication security through campus Active Directory
Things that each one of us should be doing to protect our own systems, and by association, protect other systems that connect to the campus network
Install antivirus/antimalware software and resolve known vulnerabilities - these protect your systems, and surface configuration issues and software that needs to be patched, to better protect systems
Regular patching of OS and installed software, reboots to complete patch installation
Working with IT to resolve configuration issues that leave your computer open to attack (based on Qualys scanning results)
Backup your data! (know what your data security requirements are)
Secure Passwords on all systems
https://blink.ucsd.edu/technology/security/certification/five-steps-to-cybersecurity.html
Campus CyberSecurity systems work together, in a multi-faceted approach to securing our network
Antivirus alone is not enough to protect systems - locking the front door but leaving the window open
Perhaps you think you don’t have data on your campus-connected computer that needs protection, but note that if your computer does become compromised, that makes it easier for attackers to gain access to other systems on campus
Each method of protection is important, and these can come together to provide correlation and visibility into the larger threat landscape, at the campus level
Qualys Cloud Agent - Vulnerability Management software
Campus licensed, should be installed on all computers that can run it
Scans the system for known vulnerabilities from the “inside”
Reports on unpatched software, software configuration that is problematic
Trellix Endpoint Security - Threat Detection software
UC licensed, should be installed on all computers that can run it
Scans the system for viruses, antimalware
Can quarantine viruses, antimalware
Reports on any viruses or antimalware that is found
Secure Connect Initiative- System Inventory and Network Access Control
Campus is required to identify all systems accessing trusted networks (wired, UCSD-PROTECTED, VPN)
Campus is required to verify all systems accessing trusted networks have defined basic cybersecurity in place (https://blink.ucsd.edu/technology/security/secure-connect/secure-connect-faq.html)
Along with many other methods of protection (Qualys Network-based vulnerability scanning, firewalls, secure authentication, VPN, DUO, account lifecycle management, end user diligence and cybersecurity awareness)
OEC has a variety of additional methods in place to scan and protect our own infrastructure and networks (server and network scanning, system configuration management, standardized and managed security profiles, active network monitoring)
UC San Diego is in the process of rolling out security software to all eligible computers on the campus network
Antivirus / Antimalware product: Trellix Endpoint Security (HX) (Previously FireEye)
Vulnerability Scanning: Qualys Cloud Security Agent
If you have a computer connected to the campus network, and do NOT have this software installed, please contact OEC for the latest installers: oec@ucsd.edu
Trellix / Qualys install details:
Qualys supported platforms - look under the VM column here: https://success.qualys.com/customersupport/s/cloud-agent-pam
Trellix supported platforms - https://docs.trellix.com/bundle/agent-hx-data-sheet/resource/agent-hx-data-sheet.pdf
OEC-curated Trellix / Qualys installers and instructions (restricted link): https://drive.google.com/drive/u/0/folders/1QMZHKUc8aHlRes3-niqUdL0mFxj7juD3
Campus CyberSecurity Resources
Secure Connect Program: https://secureconnect.ucsd.edu/
Campus Licensed Antivirus: https://antivirus.ucsd.edu
Campus Network Security - https://blink.ucsd.edu/technology/security/services/index.html
DUO 2-Step - https://blink.ucsd.edu/technology/security/services/two-step-login/index.html
CMMC - Research Lab Cybersecurity Certification - https://assure.ucsd.edu
Campus Security Policies & Standards
Campus Minimum Network Security Standards - http://blink.ucsd.edu/go/meetstandards
Campus Network Security Policy - https://adminrecords.ucsd.edu/PPM/docs/135-3.HTML
UC Electronic Communications Policy - https://policy.ucop.edu/doc/7000470/ElectronicCommunications
Data Protection Standard - https://security.ucop.edu/files/documents/policies/institutional-information-and-it-resource-classification-standard.pdf
Data Protection Levels - https://security.ucop.edu/files/documents/uc-protection-level-classification-guide.pdf