As shared in June, we have made impressive strides in meaningfully improving the security of our campus community, including achieving 96% overall compliance with requirements of the UC Cybersecurity Mandate.
This success means that most of you have already taken the required steps to complete your training and ensure your device is secured by the UCR security toolset. We are now ready to take the next step in our compliance support plan with the phased implementation of secure access checks beginning September 30, 2025.
To support this transition, please be reminded of the following:
What are secure access checks?
Secure access checks refer to a verification process that ensures both the device and its user meet UC security standards before granting access to a secure UCR resource. These standards include:
- The user who is attempting to gain access has completed their annual UC Cyber Security Awareness Fundamentals training
- The device attempting to gain access is running the UCR Security Toolset
Who must meet the UC Cybersecurity Mandate 2025 security requirements?
All UCR employees and affiliates, with the exception of academic student employees, are subject to the UC Cybersecurity Mandate 2025 security requirements.
Note: retirees, emeriti, and certain affiliates are not subject to the cybersecurity training requirement but must use a secured device if accessing secure UCR resources.
What will my experience be like once the secure access checks are in place?
Once the secure access checks are implemented, individuals who have not taken the required steps to be compliant with training and/or secured device requirements will not be able to access secure UCR resources and applications. Instead, the individual will be prompted to take the action(s) needed to come into compliance.
What is the schedule for the phased implementation?
| Timeline | Phase | Groups |
| September 30 | Phase 1 | Information Technology Solutions |
| October 1 - 15 | Testing & Phase 1 Hypercare | |
| October 16 | Phase 2 | |
| October 17 - 20 | Phase 2 Hypercare | |
| October 22 - 23 | Phase 3 | Administrative units (including Academic Senate, Intercollegiate Athletics, Palm Desert Center, UNEX) |
| October 24 - 26 | Phase 3 Hypercare | |
| October 27 - 30 | Phase 4 | Schools and Colleges |
| October 31 | Phase 5 | Select remaining groups (includes Unit 18 Lecturers and non-active emeriti and retirees) |
| November 3 - November 7 | Phases 4 & 5 Hypercare | Schools, Colleges, and select remaining groups |
Please keep an eye out for information from your administrator, as ITS is notifying org administrators of their respective implementation dates.
What if I don’t have Duo Desktop?
Duo Desktop is the security check mechanism and was added to the August 2025 release of the UCR security toolset. As a result, Duo Desktop should have been automatically added to all devices that contain the toolset. If for any reason your device did not receive Duo Desktop, please follow the guidance contained in this knowledge article (note that you must be logged in with your UCR NetID credentials to view this protected article).
Which resources are exempt from secure access checks?
All UCR resources that require authentication using netID and password are considered secure resources and are therefore subject to secure access checks. However, the following secure resources are currently exempt and will remain accessible:
- Zoom
- Slack
- Office 365
- Google Workspace
- ServiceNow
- Canvas
- UC Learning Center
- Virtual Private Network (VPN)
- Community-facing UCR Library services
- Public-facing websites, applications, and other resources (i.e., resources that do not require you to log in with UCR NetID credentials)
It is important to note that the list of resources excluded from secure access checks will be reevaluated as part of ongoing operations to determine whether any changes need to be made for security or user accessibility purposes. In the event of a change to this resource list, campus will be notified.
Notice to Users of Non-Managed Mac Devices
Faculty and staff who use a non-managed (i.e., no administrative support from IT) Mac laptop or computer to perform university work and have installed the UCR Security Toolset on their device must manually allow their device to run the required version of the UCR Security Toolset by October 27, 2025. Failure to do so will result in the inability to access secure UCR resources once secure access checks are fully implemented.
As a reminder, ITS does not have administrative permissions over devices not managed by ITS' Secured Device Services. As a result, users of non-managed Macs are responsible for initiating and/or permitting any necessary security updates. Non-managed Mac users are welcome to opt into the Secured Device Services (SDS) program if they prefer ITS to manage future updates.
For IT support, please submit a support ticket at its.ucr.edu/help to schedule one-on-one assistance with a BearHelp technician or call BearHelp at (951) 827-4848. For in-person support, please visit the IT Support Services stations located on the first floors of the Student Success Center and the Orbach and Rivera libraries.
Let us help you with your search