What is the UCSF IT Security Suite?
The UCSF IT Security Suite is a group of tools to help keep you, your data and UCSF safe. The Security Suite includes:
- System management agent for device inventory, security patching and software delivery. UCSF uses BigFix to deliver the other security software listed below.
- Endpoint protection software provides anti-virus and anti-malware protection plus a host-based firewall on Windows computers.
- Network access control (NAC) agent, to ensure minimum security standards are met before your computer connects to the UCSF network.
- Endpoint Detection and Response (EDR) agent, to intercept malicious software before it can spread.
- Device encryption, to protect your data from loss or theft.
- Backup software, to automatically back up your data (UCSF IT–supported computers only).
Downloads for all of the software mentioned here are available at https://software.ucsf.edu/ (requires MyAccess login).
The IT Security Suite has the following system requirements:
- Windows 7-10, 4GB+ RAM, 20%+ free disk space
- macOS 10.14.6 or 10.15.x, 4GB+ RAM, 20%+ free disk space
- Linux CentOS/RedHat or Ubuntu/Debian
Why is the Security Suite important?
Who should use the UCSF IT Security Suite?
Everyone who uses a computer for UCSF work!
- Computers supported by UCSF IT Field Service receive the UCSF IT Security Suite automatically.
- All other computers, including personal computers, must have the Security Suite checklist and download the supporting software.
1. System management: BigFix
BigFix allows us to inventory a computer, associate the computer with a specific user and collect hardware information (e.g., OS, CPU, RAM, hard drive space) to determine if a system can support other required software. BigFix can also be leveraged to verify patch levels and anti-virus and anti-malware software versions. Having BigFix on your computer is essential to complying with UCSF’s Minimum Security Standards (MSS).
2. Endpoint protection: Symantec Endpoint Protection (SEP)
Symantec Endpoint Protection (SEP) provides anti-virus and anti-malware protection. SEP is an important tool in protecting your computer and personal information from vulnerabilities, malware, viruses and worms.
3. Network access control (NAC): Forescout SecureConnector
Ensuring that computers meet UCSF’s minimum security standards is critical to keeping a sprawling enterprise like UCSF secure. Computers without critical security patches, anti-virus software or host-based firewalls are targets for hackers and can be used to spread malware and compromise other devices on the network. Using a network access control (NAC) client drastically decreases the likelihood of infected or vulnerable computers joining our network. UCSF uses the Forescout SecureConnector agent for network access control.
4. Endpoint Detection and Response (EDR)
Security Endpoint Detection and Response (EDR) software looks at the behavior of your computer, along with intelligence-based indicators, to help detect, investigate and mitigate advanced threats and risks on the UCSF network. This allows us to stop malicious software from monitoring or infecting your computer, including things that even SEP can’t catch.
5. Device encryption
Given the prevalence of restricted data (e.g., protected health information, financial information, personal information, intellectual property) in the UCSF environment, all endpoints (desktops, laptops and mobile devices, including mobile phones and tablets) used for UCSF business must be encrypted. This applies to both UCSF-owned and non-UCSF–owned endpoints. UCSF IT offers state-of-the-art encryption software for Windows and Mac computers. All IT-supported computers are deployed encrypted, and we will help you encrypt your personal device at any UCSF IT Health Desk.
6. Backup software
We would like to underscore the importance of backing up your data. If you have an ITFS-managed computer, then it is backed up automatically with CrashPlan. You can verify that backups are working by following the instructions on the CrashPlan page below or contacting the IT Service Desk at 415-514-4100. If you are not supported by ITFS, you can find out about support levels and costs here: IT Field Services Desktop Support.
- Note: To verify that your computer has Crashplan installed and has a recent backup, click on the "How to check if Crashplan backups are working" link and follow the directions there.