Chromebooks are unique devices that, considering their architecture from both a security and a service standpoint, warrant caution in using them for UCSF business. Chromebooks use local encryption by default (although it is system-level and not full-disk) and are architected against malware. However, there are challenges from a regulatory risk perspective.

Keeping on top of information security vulnerabilities is an essential component of information security. Attackers exploit existing security vulnerabilities on systems to gain unauthorized access to systems and data.

The Open Web Application Security Project (OWASP) is an open-source application security project. The OWASP community includes corporations, educational organizations and individuals from around the world.