UCSF IT Technology

UCSF is required by a number of policies, laws, and regulations to assess the security risk of information systems that handle UCSF data. The IT security risk assessment process collects information about each of our information systems and scores their security compliance. The process measures the security aspects of all computing devices associated with the system including servers, desktop computers and laptops, mobile devices, network hardware, and other related technologies.

• Faculty
• Staff
• Technical Partner
• Security

The UCSF Minimum Security Standard requires that information residing on devices be encrypted. UCSF IT Security provides and supports encryption software for Windows and MacOS computers to the UCSF community at no charge. More information about Dell Data Protection Encryption (DDPE) is available at https://it.ucsf.edu/services/dell-data-protection-encryption-ddpe.

• Faculty
• Staff
• Student
• Security

IT Security provides security awareness training and education services to UCSF faculty, staff and learners.The goals of these services include educating the UCSF community on:

• Faculty
• Staff
• Student
• Security

Phish Alarm is a tool that is available to all users at UCSF. With the click of a button, users can report a phishing or malicious message. As described here, the Report Phish button is available for both PC and Mac Outlook clients as well as on Outlook Web Access (email.ucsf.edu) and the Outlook Mobile App.

• Faculty
• Staff
• Student
• Security

SSL (secure socket layer protocol), currently using TLS 1.2 or greater encryption, is used to secure transmissions between servers and clients. Example: Visiting a https address from Google Chrome or Safari. SSL / TLS certificates allow clients to verify a server's authenticity against known Certificate Authorities before establishing an encrypted connection. This helps determine if the server is who they say they are.

• Affiliate
• Faculty
• Non-UCSF
• Staff
• Technical Partner
• Security