Secure Connect: Trusted Resources
Last Updated: September 2, 2025 4:16:36 PM PDT
Give feedback
Find out more about trusted resources at UC San Diego and how to access them.
Cyber threats are evolving, and so are we. As part of the Secure Connect program, UC San Diego will now enforce a set of cybersecurity software requirements for all endpoints accessing our trusted resources.
What are trusted resources?
Within the university network, there are collections of sensitive and valuable information, assets, and services which should not be made available to the general public. These include but are not limited to lab systems and restricted access systems. These are considered “trusted resources." These resources are protected by additional security controls and are only accessible when endpoints (any device connecting to the network) meet those additional security requirements or have an approved exception.
How do I know if I need access to trusted resources?
Trusted resources include:- Any IT resource (systems, database, equipment, etc.) that is not accessible from off-campus, without connecting first to VPN, is considered a trusted resource.
- Access to most business applications, instructional systems, productivity software and collaboration tools do not require access to trusted resources. E.g. Zoom, Microsoft Teams, Google Workspace, UCPath, Canvas, Kuali Research, OneDrive, etc.
- Library resources are now available via Single Sign-On (SSO) login and no longer require VPN.
Examples of resources that are typically found on trusted networks include:
- Lab systems
- Restricted access systems
What do I need to do to access trusted resources?
Your device needs to meet (be compliant with) one of the following requirements:
- Managed Device (maintained by department IT)?
- If you are staff or faculty, your department IT is or will be working with you to make sure these devices have everything they need to access the trusted resources.
- Unmanaged / Personal Device?
- If you are a student, staff or faculty with a personal or unmanaged department-issued device, you can enroll in Intune Mobile Device Management (MDM). Intune will make sure the device automatically receives the appropriate security software (Qualys Vulnerability Management (VM) and Trellix Endpoint Detection & Response (EDR)), and make sure it receives the certificates it will need to access trusted resources. This certificate will be your new and automated way of authenticating to the network and will work with UCSD-PROTECTED and VPN.
- Qualify for an Exception?
- Some devices may qualify for exceptions from one or more of the following security requirements:
- Microsoft Intune MDM
- Device Certificate
- Trellix EDR
- Qualys VM
- An Exception Process has been made available and includes a self-service Exception Request Form.
- For a step-by-step guide on submitting an exception request, refer to Submitting the SecureConnect Exception Request Form.
- Some devices may qualify for exceptions from one or more of the following security requirements:
If you believe your device cannot meet one or more of these requirements, please contact your Unit Information Security Lead (UISL) for guidance.
UC San Diego Health
Visit the Secure Connect for Health Pulse page (login).Once my device is compliant, I can reach trusted resources through:
- UCSD-PROTECTED (wireless)
- VPN
- A wired ethernet connection
You cannot access trusted resources through the following networks:
- Any of the RESNET networks
- Eduroam
- UCSD-GUEST
Other than being able to access trusted resources, are there advantages to having the additional security software on my device?
Yes. When you are enrolled in Intune MDM, your device will receive automated updates to the security software, Trellix EDR and Qualys VM. Trellix and Qualys will reduce the risk of being impacted by malware and provide an added layer of both security and remediation if your device is compromised.
What is Internet-Only Access?
Endpoints that are not compliant and do not have an approved exception will not be able to access trusted resources via VPN and will only be granted Internet-Only access when connected to the UCSD-PROTECTED wireless network and most wired networks.
Similar to internet service at home or at your local coffee shop, Internet-Only access is adequate for most administrative tasks and functions, such as:
- Cloud Services: Zoom, Microsoft Office 365 (Outlook, OneDrive, Teams, etc.), Google Workspace (Drive, Sheets, GMail, etc.)
- Business and administrative systems: Oracle Financial, SAP Concur, Kuali Research, UC Path, EcoTime and more
- Reports and analytics: Cognos, Tableau