UC San Diego SearchMenu

Computer Security

Learn about network security at UC San Diego, including policy, scope, and areas of responsibility.

The Information Technology Services department is the custodian of hardware, software, and data used in critical business processing at UC San Diego. Network security is a key aspect of this custodial role.

Policy

IT Services carries out security policies and procedures that:

  • Ensure the physical security of the data and telecommunications centers and resources
  • Regulate authorized access to resources through security measures such as user IDs, passwords, and digital certificates
  • Implement auditable authorization processes that adhere to University policies
  • Train all IT Services users in security awareness
  • Inform Departmental Security Administrators (DSAs) and system/data custodians about access rules and security violations

Scope

The IT Services policy covers all IT Services hardware, software, and data resources.

Responsibilities

The following IT Services units and individuals bear particular responsibilities in carrying out the IT Services network security policy:

  • IT Services Data Center Operations ensures physical security of the data center.
  • IT Services Database Administration:
    • Provides users with system access and training in security issues
    • Monitors system access and violation reports
  • IT Services Systems builds adequate security protection into application systems as required by policy, specific applications, and the direction of systems and data stewards.
  • Data stewards determine data security needs and establish access rules and request processes.
  • Departmental Security Administrators (DSAs) grant access to authorized users.
  • Campus managers (e.g., department heads) authorize system and data access to users and deal with security violations within their departments or units.
  • Internal Audit audits security issues within IT Services and campus units.
  • Campus departments oversee the security of local servers and their data.
  • Individual users are responsible for the security of the data they use and for adhering to security and privacy policies.
  • Campus administration maintains the physical security of buildings and the personal security of staff.