Skip to main content

System Status: 

Cybersecurity Practices

Follow these basic practices to secure your lab and work environment cyberinfrastructure.

The Research Cybersecurity Baseline is a set of required practices selected for the greatest impact on cybersecurity while minimizing any disruption to the scientific workflow of faculty and researchers.

Fully half of the practices are informational and serve to enable the Office of Information Assurance to notify the PI or lab technical staff when an attack is detected.

The baseline also recognizes that not all of the technical practices, like installing the campus provided anti-malware software, can be achieved on every computer or instrument within an environment. Installing this software wherever possible, however, supports the “herd immunity” model of the overall program. Each system running this software acts as a tripwire, enabling the early detection of compromises and attacks before they completely overwhelm a lab.

Baseline Cybersecurity Practices

Use campus anti-malware and vulnerability identification software

Install the campus-provided anti-malware and vulnerability identification software on systems that are capable.

Two anti-malware packages, bundled into one installer, provide a best-of-breed anti-malware and antivirus solution as well as a program that identifies software known to be susceptible to attacks. Jointly they permit the campus to identify at-risk systems or systems under attack.

Packages are available for Windows, OSX, and many versions of Linux. 

Information and Installers

We have placed the anti-malware and vulnerability identification software installation packages on two secure websites that require Active Directory sign-on. 

Main campus users, including those from San Diego Supercomputer Center, should visit secure.assure.ucsd.edu (Please use your @ucsd.edu login, no @eng.ucsd.edu).

Health Sciences users - ie, those with @health.ucsd.edu - can get the software from Pulse - click here to access.

Have a data backup strategy

The simplest and most effective solution to the threat of ransomware is to back up essential data such that it is insulated from a ransomware attack.

For workstations and laptops, we recommend a commercial solution such as Crashplan or Druva. Contact campus IT Services about volume discounts for these services.

For small- to medium-sized data sets (1-20 TBs), we recommend working with the San Diego Supercomputer Center to leverage their Qumulo storage environment.

Use campus accounts through Active Directory integration whenever possible

Campus Active Directory accounts are used by every faculty, staff, and student at UC San Diego and are protected by strong password/passphrase requirements, real-time monitoring for abuse, and, for online services, a two-step login (aka multi-factor authentication).

If Active Directory integration is not possible, ensure password requirements for strong passwords are enforced and that passwords are changed annually.

Contact IT Services, support.ucsd.edu/its for more information.

Provide contact information for you and your staff and a description of your lab

A key element in our ability to respond to cyberattacks is to be able to quickly reach out to a lab to see if the suspicious activity we’ve detected is legitimate or malicious.

Malware moves at the speed of the network, and losing hours or days determining who to contact when an attack is detected can undermine the best defenses.

Provide lab and contact details through the Cybersecurity Certification Form. Active Directory sign-on required. Please use your @ucsd.edu login, not @health.ucsd.edu or @eng.ucsd.edu.

For web applications, use the campus single-sign-on service (SSO) when possible

SSO provides seamless integration with multi-factor authentication, the gold standard for securing accounts. 

SSO is a remarkably simple service to use, though it does require planning when deciding to build an application.

Contact IT Services, support.ucsd.edu/its for more information.

Use the campus-provided email services

Email remains the dominant method by which ransomware is introduced into the campus environment.

Campus-provided email is protected by a host of email security features and technologies. Using anything other than @ucsd.edu or @health.ucsd.edu puts you at greater risk of a compromise.  

Learn about UC San Diego's email security.

Support: 

Campus faculty and researchers, email ccr-support@ucsd.edu for assistance. 

Health Sciences faculty and researchers, email 3help@health.ucsd.edu