Exception Process

Last Updated: May 21, 2025 2:27:14 PM PDT

Learn more about the exception process available for users who require access to trusted resources but whose endpoint(s) are unable to meet University cybersecurity requirements.

As part of the University of California's systemwide effort to enhance cybersecurity, UC San Diego has implemented the Secure Connect program to meet the minimum security outcomes set by UC President Drake and the UC Regents.

Two key outcomes of this initiative are:

The identification, tracking, and vulnerability management (VM) of all computing devices connected to university networks
The deployment and management of UC-approved Endpoint Detection and Response (EDR) software on 100% of assets.

To achieve these outcomes, in most cases UC San Diego will be utilizing Microsoft Intune Mobile Device Management (MDM) to deploy the following required security softwares: Trellix for EDR, and Qualys for VM. These tools will work together to safeguard access to UC San Diego's trusted resources.

We understand that not all endpoints will be able to comply with these new cybersecurity best practices. To support the diverse and ever changing needs of the university, an exception process is available for users who require access to trusted resources but whose endpoint(s) are unable to meet University cybersecurity requirements.

When should an exception be submitted?

You will need to request an exception for an endpoint if it requires access to one or more trusted resources and is incompatible with:

How does the exception process work?

Users must complete and submit an exception request form (coming soon!):
- Until the exception request form is available, please contact your local IT support or your Unit Information Security Liaison (UISL) to begin the exception request process
The exception form will infer using input from the requester to automatically determine the risk level of your request and route your request in one of two ways:
- Low risk: Your request will be reviewed by your Unit Information Security Liaison who has delegated authority to approve your request on behalf of your Unit Head.
- High risk: Your request will be reviewed by your Unit Information Security Liaison and if approved, will be reviewed by the Chief Information Security Officer (or delegate). Your Unit Head will be notified of this request and approval.
You will be automatically notified once the review process completes about the outcome of the review.
If approved, you will be able to connect to our trusted resources using the submitted Network (“MAC”) Address(es).
- Please be advised that any privacy settings that randomizes or changes your Network Address must be turned off.

Need IT Support?

Campus Service Desk

Web portal: https://support.ucsd.edu/its
Email: support@ucsd.edu
Phone: (858) 246-4357

Health Service Desk

Web portal: https://3help.ucsd.edu
Email: 3help@health.ucsd.edu
Phone: (619) 543-4357

Frequently Asked Questions

Why do I need to file an exception for Microsoft Intune or Certificate if neither are part of the mandate?

Microsoft Intune MDM will be used to automatically install required cybersecurity software, device Certificate, as well as automate the assessment of devices for compliance. If a device cannot install Intune or a Certificate, an exception will be required for the system to bypass the automated assessment process.

What are examples of exceptions?

A device running an operating system that is not compatible with Microsoft Intune MDM, Certificate, Trellix EDR or Qualys VM.
A device providing mission critical, 24/7 service, that cannot be subject to automated assessment and takedown.
A device owned by a third party company providing services to UC San Diego
A device subject to conflicting requirements, such as for compliance with Regulated Research requirements.