The link to the IT Security Awareness Quiz is at the end of the article. Everyone who takes the quiz is entered to win a prize!

Is your computer running slowly? Are programs opening and closing automatically? Are you seeing pop-ups, suspicious websites, or other unwanted programs? These are a just a few symptoms of malware.

Malware is a general term used to describe any type of malicious software program, including viruses, worms, spyware, adware, ransomware, and scareware. Malware presents a direct threat to devices and data and can be used to delete, damage, or steal data. It can also create backdoors into our secure environments, potentially leading to security breaches and large punitive fines, all of which can impact patient care and make critical UCSF systems unavailable.

People most often become victims of malware by doing one of the following:

• Opening infected email attachments, usually from messages they were not expecting
• Installing non-reputable applications without anti-virus software installed
• Downloading pirated software, music or videos
• Sharing files and applications with strangers
• Visiting sites infected with malware
• Not patching their operating system and/or applications
• Clicking on ads

What can you do to prevent becoming infected with malware?

1. Follow the required UCSF Minimum Security Standards and install our anti-malware solution, Symantec Endpoint Protection (SEP). ITFS-managed computers automatically have SEP installed and are kept up-to-date to the latest version. If you are using a non-ITFS managed Mac or Windows computer, you must install SEP as well as the other mandatory security software. They are free and you can download them from https://software.ucsf.edu. Once installed, make sure you keep all UCSF security software up-to-date by periodically checking the UCSF Software Download site.
2. Install BigFix from the software site mentioned above. It is our endpoint management agent which assists with patching and automatic entry into our CMDB (asset inventory). This allows you to be associated with your device in the event of an incident, which allows for a more direct and rapid response if detection of a security event occurs.
3. Don't open email attachments that you are not expecting.
4. Don't install programs from unverified locations.
5. Don't download or install pirated software.
6. Properly backup the content of your computer. Backup service (CrashPlan Pro) is offered at no additional charge to all ITFS-managed Windows and Macintosh computers as part of the ITFS Basic Support, and to UCSF Medical Center managed laptops. For installation, contact the IT Service Desk.

What should you do if you think your computer is infected?

Contact the IT Service Desk at https://ucsf.service-now.com/ess/ or call 415-514-4100

Take the quiz on Reducing the Risk of Malware. The prize for passing the quiz is one entry in a drawing for one of six foldable, travel UV Sanitizing wands to remind you to keep a clean machine!

Additional Information

UCSF Minimum Security Standards for Electronic Information Resources

Ransomware Rising: Putting Our Files at Risk

UC’s Important Security Controls for Everyone and All Devices