IR&C Information Security Initiative

In response to increasing threats and compliance requirements, Information Resources and Communications (IR&C) launched an initiative in January 2004 to raise the awareness of UCOP employees about information security, as well as to recommend and implement practices to minimize risks to UC's networked resources and information assets.

Enhancing UCOP Information Security
The goal of the initiative is to improve the security of UCOP's network infrastructure as well as our systems, desktops, applications, and data repositories. The following initiatives have been completed or are ongoing.

• All departmental servers have been relocated to the data center.
• The UCOP network capacity and defenses have been upgraded.
• Services for secure remote access to UCOP systems have been deployed.
• A managed desktop configuration has been implemented to support regular deployment of security updates.
• An inventory of restricted data at UCOP is maintained.
• New security policies governing network connectivity and stewardship of restricted data have been implemented.
• Information security training is available to UCOP departments.

Fostering UCOP's Collective Efforts
Information security is not a technology issue. It is our collective responsibility at UCOP to safeguard our information assets and to prevent breaches of personal or sensitive information, whether in computerized or paper format.

• UCOP IT Advisory Group. The UCOP IT Advisory Group was created in February 2004 to provide a forum for business area managers to discuss IT related needs, challenges, and strategies at UCOP. In the area of IT security, the group will collaborate in such areas as risk assessment and mitigation, as well as the need for new standards and practices.

For Information

Contact Person: Jon Good

Tel: (510) 987-0518