Secure Your Devices

Download the UC-Mandated Security Toolset

Instructions for Downloading the Toolset

UC-Mandated Tools to Access Secure Campus Resources

UCR has identified three industry-standard security toolsets known for their effectiveness in helping organizations identify and manage vulnerabilities, mitigate risks and respond swiftly to events by monitoring systems for signs of cyber threats, and keep track of vital data. These tools also provide more robust security services for university-managed devices, such as delivering automatic updates and maintaining the health of the devices.

As part of UCR's plan to meet the new UCOP mandate, our campus policy now requires that the applications for these three devices be installed and run on all devices that connect to secure UCR networks and cloud resources. All devices must be in compliance by May 28, 2025.

Security Outcomes Addressed by These Tools

“Identify, track, and manage vulnerabilities of all devices that connect to campus resources.”

“Deploy UC-approved Endpoint Detection and Recovery (EDR) software on 100% of assets.”

Tools to Protect Your Work and Preserve Your Legacy

Imagine our collective University data – research findings, financial records, sensitive personal information – as priceless works of art and historical artifacts housed within the Smithsonian. This vast collection represents the heart and soul of our institution, a treasure trove of knowledge, innovation, and individual contributions to our shared legacy.

Much like the Smithsonian’s sprawling complex of museums, UCR’s colleges, schools, departments, and administrative units house important artifacts that require preservation and protection from theft, damage, and unauthorized access. To protect these invaluable assets, a multi-layered approach is employed. View the cards below to explore this approach:

Vulnerability Management, Detection, and Response (VMDR)

The Architects

↓

Vulnerability Management, Detection, and Response (VMDR) provides cloud-based cybersecurity and compliance solutions. UCR will use VMDR to identify and manage vulnerabilities.

Imagine VMDR as the museum's team of expert architects and engineers. They meticulously assess the museum building's structural integrity, identifying potential weaknesses like cracks in the foundation or leaks in the roof. By proactively addressing these structural issues, they ensure the building remains a safe and secure environment for the valuable artifacts within without needing to inspect the contents of individual exhibits or storage rooms.

Similarly, VMDR assesses the digital infrastructure of the University, identifying vulnerabilities in software, hardware, or configurations that cyber threats could exploit. By identifying potential vulnerabilities so that the Information Security Office can address them, VMDR strengthens the overall security of the University's digital environment, safeguarding sensitive data without intruding on the content of individual files or activities.

Endpoint Management (EM)

The Environmental Controls

↓

Endpoint Management (EM) helps organizations manage their computer networks efficiently and securely. UCR will use EM to perform vital data inventory. For devices managed via the ITS Secure Device Service, EM will also be used to maintain the health of the device.

Think of EM as the museum's sophisticated climate control system. It constantly monitors the temperature, humidity, and air quality throughout the building to ensure optimal conditions for preserving the priceless artifacts. While it does focus its attention on each exhibit and storage room, it does not evaluate the specific artifacts within them. Its purpose is to maintain a stable and secure environment for the entire collection.

Similarly, EM maintains an inventory of devices and software on the university network, monitoring the overall health and performance of the University's digital infrastructure. It tracks metrics like device health and software updates to ensure everything is functioning properly and securely. It doesn't delve into the specific contents of individual files or monitor user activity, but rather focuses on maintaining a stable and secure digital environment for the entire Highlander community.

A security system equipped with a camera

Endpoint Detection and Response (EDR)

The Security System

↓

Endpoint Detection and Response (EDR) is used for threat detection and response, helping an organization identify, investigate, and respond to cyber threats across its entire digital environment.

Envision EDR as the museum's advanced security system, incorporating high-tech surveillance cameras, motion detectors, and laser grids. This system constantly monitors the environment, detecting any unauthorized access or suspicious activity. If an intruder attempts to breach security, the system triggers alarms, alerts security personnel, and activates countermeasures to protect the artifacts.

Similarly, EDR acts as our digital guardian, continuously monitoring our systems for signs of cyber threats like malware or unauthorized access attempts. It swiftly detects and neutralizes these threats, safeguarding our valuable data.

It's Easy to Ensure Compliance with Secured Device Services (SDS)

SDS ensures that your department meets compliance by providing vulnerability monitoring and remediation, virus protection, and asset management. Campus leadership has called for all units to move to SDS. In the meantime, it is required that those who manage their own devices install and use the security toolset.

Learn more about SDS

Frequently Asked Questions

Will these tools monitor my personal activity, emails, or browsing history?

These tools are designed to protect against cybersecurity threats. They focus on detecting unusual, malicious, or potentially harmful activity and not on monitoring personal information.
Will these tools slow down my device or interfere with my work?

We've carefully selected tools that are lightweight and have minimal impact on device performance. It is worth noting that these tools are not new. UCR currently utilizes these tools but now must expand coverage across campus to strengthen security. If you experience any issues, please submit an IT ticket.
Will I be able to control the settings or disable these tools if needed?

Settings on IT-managed devices will be managed centrally to ensure optimal security. For personal devices, you will have some control over settings, but default configurations should be preserved for maximum protection and program compliance. Please note that noncompliance will result in the inability to access secure UCR resources and applications.
Why are these tools necessary?

Universities are among the most targeted entities by Nation States and other bad actors, and their attempts to attack us are becoming more sophisticated and frequent. Each tool in the UCR security toolset serves a unique and important purpose. Together, these tools provide an additional layer of protection for our University data and systems and, importantly, your sensitive personal and financial information.
What happens if a threat is detected?

The tools will alert the ITS Information Security Office. UCR’s security professionals will then take appropriate action to investigate and mitigate the threat while adhering to strict UC and campus privacy policies and industry-standard operating procedures.
Do I need all three tools?

Yes, each tool is crucial in fulfilling UC's security requirements. To learn about the role of each tool, please refer to the “Tools to Protect Your Work and Preserve Your Legacy” section.
Will ITS or any of the tools be able to read my email?

The security tools are not designed to read your email content. Their purpose is to protect your device and university data, not to monitor personal communications. In the event that a potential threat is detected, the ITS Information Security Office is required to investigate while adhering to strict UC and campus privacy policies, including the UC Electronic Communications Policy.
Are personal devices, such as BYOD, included in the mandate?

Yes, the security tools must be installed on personal devices if the user wishes to connect to secure UCR resources and applications that hold sensitive institutional data. Mobile devices (phones and some tablets) are not currently subject to the same requirements.
Are mobile devices included in the mandate?

No, mobile devices such as phones and tablets* are not subject to the same requirements as computers and laptops under the mandate.
That said, it is still crucial to secure your mobile devices to protect your data. To safeguard your data, utilize complex passwords or biometric authentication, maintain up-to-date software, and exercise caution when using public Wi-Fi for sensitive activities. Be sure to remain vigilant against phishing attempts and establish regular data backup routines. For more information about best practices, refer to Mobile Security Guidance.
*Note: Microsoft Surface Tablets require installation and use of the security tools.
What happens if I don't follow the mandate?

The UC President's letter outlines the campus consequences of non-compliance. In an effort to mitigate these consequences, UCR’s security plan employs additional consequences, which include but are not limited to restricted access to campus resources (such as networks, WiFi, and online service applications). These measures are necessary to help ensure the safety and security of both the UCR community and our larger UC community.
What is the UC Cybersecurity Mandate and where can I learn more about it?

The UC President has called for all UC campuses to achieve key cybersecurity outcomes by May 28, 2025, to help protect sensitive data, maintain operational continuity, comply with regulations, and mitigate financial risks. To learn more about the UC Cybersecurity Mandate, visit the dedicated UC Cybersecurity Mandate 2025 webpage.

Learn About UCR's Response to the UC Cybersecurity Mandate

Return to the UC Cybersecurity Mandate Webpage

Information Technology Solutions

Download the UC-Mandated Security Toolset

UC-Mandated Tools to Access Secure Campus Resources

Security Outcomes Addressed by These Tools