UCSF is required by a number of policies, laws, and regulations to assess the security risk of information systems that handle UCSF data. 

• Faculty
• Staff
• Technical Partner
• Security

IT Security provides security awareness training and education services to UCSF faculty, staff and learners.The goals of these services include educating the UCSF community on:

• Faculty
• Staff
• Student
• Security

The UCSF Minimum Security Standard requires that information residing on devices be encrypted. UCSF IT Security provides and supports encryption software for Windows and MacOS computers to the UCSF community at no charge. More information about Dell Data Protection Encryption (DDPE) is available at https://it.ucsf.edu/services/dell-data-protection-encryption-ddpe.

• Faculty
• Staff
• Student
• Security

Phish Alarm is a tool that is available to all users at UCSF. With the click of a button, users can report a phishing or malicious message. As described here, the Report Phish button is available for both PC and Mac Outlook clients as well as on Outlook Web Access (email.ucsf.edu) and the Outlook Mobile App.

• Faculty
• Staff
• Student
• Security

Hackers must first find weaknesses (vulnerabilities) within a system or application in order to gain control of computers and other network systems. These weaknesses can be the result of many different causes, such as not keeping systems and applications up to date or the use of insecure development and coding practices. In either case, these weaknesses could allow hackers to gain unauthorized access to UCSF systems and data. 

• Staff
• Security