Skip to main content

System Status: 

  1. HOME
  2. Technology
  3. Security
  4. Secure Connect
  5. Secure Connect FAQs

Secure Connect FAQs

Last Updated: October 14, 2024 10:30:32 AM PDT
Give feedback

Find answers to the most frequently asked questions about the UC Cybersecurity Mandate and UC San Diego's Secure Connect program. We will continue to add pertinent questions and answers to this page as we engage with the UC San Diego community.

Coming soon: Details and FAQ sections pertaining to the technical components of the Secure Connect program.

Expand all

Expand section General Questions

Why this program and why now?
Earlier this year, UC President Drake and the UC Regents outlined enhanced cybersecurity measures that all UC locations must meet by May 2025. The Secure Connect program was created to ensure that UC San Diego meets this timeline and that our cybersecurity practices are in line with systemwide standards. Secure Connect builds on existing campus and Health cybersecurity measures, adding further safeguards.
Will the mandate still go into effect now that President Drake is stepping down?
Yes, the mandate remains in effect. While President Drake has communicated the mandate, it is a directive endorsed and supported by the UC Regents, the governing board of the University of California. This ensures the mandate's continuity and prioritization as a critical component of UC's cybersecurity strategy, regardless of leadership changes.
What does this program mean for me?

Secure Connect will require contributions and input from all members of the UC San Diego community, with a specific focus on academics and staff. Safeguarding our intellectual property, student and employee information, and patient records is a collective responsibility.

The program will include both educational and technical components. The training efforts will be focused on building shared cybersecurity understanding and vocabulary for our community. The technical aspects of the program will provide an opportunity to reimagine access to UC San Diego Trusted Networks to ensure our information is kept secure.

I'm not technical, will I be expected to perform complex technical tasks for this program?
No. While you may be asked to download specific software, all complex technical tasks will be handled by IT teams. IT Support will be available to assist you if you encounter any issues.
What happens if I don't complete the Cybersecurity Awareness Training on time?

All academic and staff personnel are required to complete the annual UC Learning Cybersecurity Awareness training.

When logging on to a system using SSO (single sign-on), the system will check for Cybersecurity Awareness training compliance. Leading up to your training deadline, you will be alerted that training is coming due (you will see this message for 30 days). Once the training has become past-due, upon log-in users will be redirected to complete the training. Training completion will be required to continue access to university systems.

What cybersecurity software will be required to access trusted networks?
For university owned devices, Qualys and Trellix will be required. For BYOD devices, anti-virus software and host-enabled firewall will be required.
What happens if my device doesn't have the required software?

If your device does not have the required software you will not be able to access the university's trusted networks. Please note that the software requirements differ for university-owned and BYOD devices.

What is considered a trusted network?

Trusted networks at UC San Diego include: 

  • UCSD-PROTECTED (wireless network)
  • VPN
  • Wired connections

These are not considered trusted networks, so no change in access is expected:

  • UCSD-GUEST
  • ResNet
  • eduroam
What is considered a university-owned device? What is considered a BYOD device?

A university-owned device is a device purchased and owned by UC San Diego and used by employees to access the university network and conduct functions related to their job. Devices purchased with grant funding qualify as university-owned devices.

BYOD stands for “bring your own device”. BYOD comprises personal devices (owned by the employee) used by employees to access the university’s network. Devices owned by outside organizations that are used by vendors or consultants to access the university network and conduct functions related to their job, also qualify as BYOD devices.

Mobile devices such as phones and tablets are not subject to the same requirements as computers and laptops under the mandate.

Will all university-owned devices require registration and security software?

Yes. All university-owned devices will require registration and security software (Qualys and Trellix) regardless of intended access.

What is EDR and what will it be capable of doing?

EDR, or endpoint detection and recovery, is a cybersecurity solution designed to monitor, detect, investigate, and respond to threats on computing devices. It helps security teams quickly identify and eliminate suspicious endpoint activity to minimize the impact of an attack.

EDR software will only be implemented on university-owned devices. We are aware of the capabilities of EDR software and have carefully considered its intended use.

Capabilities

Some of EDR's capabilities include:

  • Administrative access to device
  • Access to device activity and data

Intended Use

  • Threat detection and response ONLY
  • EDR software will not gather, collect, or maintain any user data that is not necessary for the purpose of providing security
  • The Office of Information Assurance has placed strict guidelines around EDR use, ensuring that private user information is protected from unauthorized access, disclosure, or use

Stay tuned for more detailed information regarding the EDR and vulnerabilities management.

What is MFA and where will it be required?
MFA, or multi-factor authentication, is a multi-step account login process that requires users to enter more information than just a password. MFA will be required on 100% of campus email systems. If you're currently using MFA (such as DUO) on your email systems, no change will be required.
I'm a researcher with specialized equipment that may not be able to support this required software. What can I do?

Your research is crucial, and so is keeping our network secure. While most devices can seamlessly meet the Secure Connect outcomes, we understand that some equipment might have unique technical requirements. In such cases, exceptions can be granted based on technical compatibility:

  • What This Means for You:
    • Download the required the required software (Qualys and Trellix) on your computing devices
    • If your equipment has technical limitations that prevent it from meeting Secure Connect’s criteria, please partner with campus IT to determine the appropriate cybersecurity mitigating measures. You can do so by using the exception process detailed below. 
  • How to Apply for an Exception:
    • If an exception is anticipated, submit an Exception Request Form (coming soon) as soon as possible to avoid work interruption once the enforcement window begins
    • Provide details about your equipment, including why it can't fully comply with Secure Connect requirements.
    • Our team will assess your request to determine the most compatible solution.
Our Commitment to You: We aim to balance the need for security with your research needs.