Overview UCSF is required by a number of policies, laws, and regulations to assess the security risk of information systems that handle UCSF data.  What is an IT security risk assessment at UCSF? The IT security risk assessment process collects information about each of our information systems and scores their security compliance. The process measures the security aspects of all computing devices associated with the system including servers, desktop computers and laptops, mobile devices, network hardware, and other related technologies.

• Faculty
• Staff
• Technical Partner
• Security

What is Phish Alarm? Phish Alarm is a tool that is available to all users at UCSF. With the click of a button, users can report a phishing or malicious message. As described here, the Report Phish button is available for both PC and Mac Outlook clients as well as on Outlook Web Access (email.ucsf.edu) and the Outlook Mobile App.

• Faculty
• Staff
• Student
• Security

Introduction IT Security provides security awareness training and education services to UCSF faculty, staff and students. The goals of these services include educating the UCSF community on:

• Faculty
• Staff
• Student
• Security

The UCSF Minimum Security Standard requires that information residing on devices be encrypted. UCSF IT Security provides and supports encryption software for Windows and MacOS computers to the UCSF community at no charge. More information about Dell Data Protection Encryption (DDPE) is available at https://it.ucsf.edu/services/dell-data-protection-encryption-ddpe.

• Faculty
• Staff
• Student
• Security

Why are application and website security important?  Hackers must first find weaknesses (vulnerabilities) within a system or application in order to gain control of computers and other network systems. These weaknesses can be the result of many different causes, such as not keeping systems and applications up to date or the use of insecure development and coding practices. In either case, these weaknesses could allow hackers to gain unauthorized access to UCSF systems and data. 

• Staff
• Security