Application Security Consulting
IBM AppScan is a dynamic web application security tool that identifies flaws and vulnerabilities in web applications. The Information Security team offers this tool at no charge for campus use.
Bastion Hosts (Multi-Factor Authentication)
Bastion hosts are gateways between internal and external networks. They help defend the internal network against attacks. The campus Bastion Host Service works by restricting access, among individuals outside the Data Center network, to Unix and Windows systems housed in the Data Center.
Duo Multi-factor Authentication
Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.
File Integrity Monitoring (FIM)
File Integrity Monitoring (FIM) delivers risk visibility, business context and security business intelligence enabling enterprises to protect sensitive data and assets from breaches, vulnerabilities, and threats through a portfolio of high priority security controls.
Firewall Administration
IET provides firewall services to help secure department networks and to ensure compliance with campus cyber safety policies. The Turnkey Firewall service includes management of the entire firewall implementation and maintenance including the acquisition, installation, configuration, and programming. When equipment reaches the end of its life cycle, replacement costs are included.
Incident Response
The Information Security team helps the campus and IET through training and consulting on security incidents. After a severe incident, the team will help prevent further damage to the campus by working with the departments and any outside support (such as the police) to remediate the incident, thus staying compliant with laws and regulations.
Information Security Training and Awareness
The best way to achieve a significant and lasting improvement in information security is not to throw more technical solutions at a problem–the best approach is to teach the basics of information security to everyone who interacts with computer networks, systems, and information.
Law Enforcement Support
Our responses to cyber-security threats sometimes require UC Davis to work with outside law enforcement agencies, such as the FBI. IET’s Information Security team is ideally situated to help those agencies, because it works closely with both central IET and campus IT leads, and has access to information that can help offer a university-wide perspective.
Litigation Support
This service is primarily for Campus Counsel, so it can leverage the UC Davis Information Security Team’s expertise to perform e-discovery and collect information in a sound manner. However, campus IT support and administrative units can use this service for the same reasons. The Information Security team can also assist communications between departments and other groups such as Campus Counsel, FBI, and local law enforcement.
PII (Personally Identifiable Information) Scanning
This service uses Identity Finder software to scan computers for digital assets, including personally identifiable information (PII). The scans can help campus units identify their digital assets; units can then use the resulting information to help them avoid, assume, reduce, or transfer their information risks. Identity thieves who find poorly secured PII can use it to enter accounts, steal money and assets, and impersonate others.