The Secure UCSB program is an initiative to invest in critical technology updates during the upcoming academic year to protect our community from rapidly evolving cybersecurity threats. As a world-class institution, UC Santa Barbara is committed to safeguarding the privacy of our community, and the evolving digital landscape requires enhanced protections to secure sensitive personal, financial, academic, and research information.
While the timeline and requirements of Secure UCSB are driven by a new University of California systemwide mandate, it presents our campus with an opportunity to prioritize improvements to UCSB’s overall cybersecurity landscape.
A new University of California systemwide mandate requires all campus to meet six key cyber security requirements by May 2025.
- Ensure 100% campus compliance with UC Cybersecurity Awareness Training
- Ensure identification, tracking, & vulnerability management on all computing devices connected to campus networks
- Deploy and manage Endpoint Detection & Response (EDR) software on 100% of UCSB-owned assets
- Implement multi-factor authentication (MFA) on 100% of campus email systems
- Deploy a Data Loss Prevention (DLP) solution on all health email systems
- Ensure timely escalation of incidents in alignment with UC Cybersecurity Incident Response standards
The Secure UCSB program includes multiple infrastructure and technology upgrades happening simultaneously during the upcoming academic year. Our campus community will experience varied impacts as a result of several key efforts that must be implemented by summer 2025.
Network Security
Our current network infrastructure is decentralized across campus buildings. To bring the University to a modern, secure level of connectivity, we need to shift to a network that is centrally-managed with standardized equipment in all buildings.
How will we achieve this?
- In the coming weeks, ITS will begin the work to transition to an enterprise-scale IP address management platform and adopt additional technology to ensure sufficient address capacity as students return to campus this fall.
- Engage individuals responsible for building management and technology in the coming weeks to start assessments of network equipment locations. The work required in each campus building will depend on the age, condition, and renovation history of the building and its network equipment. Buildings that require a more extensive overhaul of equipment will experience more disruptions.
- Publish a schedule of internet outages in buildings and encourage faculty, students and staff to plan ahead.
Device Security
In collaboration with other IT units on campus, ITS will implement a new device management (MDM) platform to manage all UC-owned desktops, laptops, and mobile devices, enhancing cybersecurity in response to rising threats. Approximately 12,000 devices will be enrolled and managed to ensure compliance, security, and performance. The initiative also involves integrating the MDM solution with Single Sign-On (SSO) for unified access control and providing comprehensive training to IT staff. The goal is to complete all implementation phases by May 2025, significantly improving device security and management campuswide.
How will we achieve this:
- Establish an Advisory Group to assist with the deployment, maximize adoption, review and recommend operational activities, as well as help develop standards for data, policies and processes.
- Select a mobile device management (MDM) platform(s) to manage all University owned devices.
- Launch device management pilots beginning August 2024 to test compatibility, management capabilities, and functionality. These pilots will include 1% of university-owned endpoints and conclude by early October 2024.
- Leverage MDM to deploy Trellix EDR and Nessus agent to all devices.
- Work collaboratively with local IT staff and offer training opportunities to support migration and post-migration activities.
- Work with our community to enroll all University-affiliated devices in MDM.
Contact Us
Have questions or concerns about Secure UCSB?
Send us a message at secure-ucsb@it.ucsb.edu