Security

Security icon

Services and tools that safeguard UC Berkeley's computing resources and data such as desktop configuration, mobile device management, authentication systems, antivirus software, firewalls, and network monitoring.

Aggressive IP Distribution (AID) List

The Aggressive IP Distribution (AID) list is a list of IP addresses that the Information Security Office (ISO) has seen aggressively attacking campus hosts in an attempt to exploit known security weaknesses. The data for this list is taken from both campus-run Intrusion Detection Systems (IDS) and various systems on campus. The list is then published so that it can be used by local administrators to help protect campus electronic systems from network based attacks.
Berkeley IT | Information Security Office (ISO)

California State CPHS Data Security Assessment

The Information Security Office (ISO) offers an assessment service to help the Berkeley research community comply with California State CPHS data security requirements. ISO Security Analysts will engage research staff and/or primary IT support staff to evaluate the IT system according to State CPHS data security requirements.
Berkeley IT | Information Security Office (ISO)

CalNet 2-Step Verification

CalNet 2-Step verification provides an important, additional layer of protection against the theft of your CalNet credentials. You have likely experienced 2-Step verification with accounts such as online banking. When logging in, after you enter your CalNet ID and password, you will be prompted for a second step using a verification device that you set up. The second step could just be a tap on your phone!

Why should I do the CalNet 2-Step? It ensures you're the only person accessing your account. You'll be adding another layer of security (other than just your password). Doing the...
Berkeley IT | Information Security Office (ISO)

Campus Remote Access Services

There are several ways to remotely connect to the campus network based on the type of business you are conducting. The bSecure Remote Access VPN (Campus VPN) is the preferred method to access the campus network. It allows CalNet ID–authenticated users to securely access the UC Berkeley network. Campus Remote Access Options Which option is best for you? ...
See table for service provider information.

Campus Security Video System

The campus security video system is intended to deter crime as well as aid in the criminal and administrative investigation of violations of law and policy. Security cameras are thoughtfully installed — only where reasonably anticipated to be useful in response to a specific safety or security risk, and in a manner that respects privacy rights and minimizes any negative impact to lawful activity. Campus policy requires security cameras to be installed at all official cash handling points.

Cameras that are part of the campus security video system are installed in...

Berkeley IT | Campus IT Infrastructure | Network & Data Center Services (Network Services)

Device Security (BigFix)

BigFix (formerly called TEM) is the endpoint management system leveraged centrally by EOS and locally by departmental IT partners to improve the security posture of the UC Berkeley network, help simplify systems lifecycle management, provide machine inventory for data driven decisions, and reduce common IT tasks for overall time savings. EOS offers a Patching Service for supported Windows and Mac operating systems and commonly used applications, Self-Service Installations for a growing software library, Anti-Virus Management, and an assortment of optimizations to enhance the usability and...
Berkeley IT | Campus IT Infrastructure | Data & Platform Services

Information Security Support

The Information Security Office is available for consultation on various issues related to information security: educating the campus community about privacy and security policies, practicing cyber self-defense, using available security tools, being alert to potential danger signs, reporting unusual behaviors, and taking corrective action when necessary.

Learn more at security.berkeley.edu
Berkeley IT | Information Security Office (ISO)

LastPass Password Manager

The Information Security Office has two password management options available for the campus community:

LastPass Enterprise is free for UC Berkeley departments who want to use this upgraded license that has built-in administrative features to share credentials across teams. It provides secure password storage and sharing alongside centralized administration to reduce the risk of mishandled credentials. Each department will have total...

Berkeley IT | Information Security Office (ISO)

Log Correlation

The Log Correlation Program is an enterprise-grade audit logging and analysis software solution (based on HP ArcSight), to aid in managing, correlating, and detecting suspicious activities related to the campus' most critical data assets. All systems which meet the classification standard as an Institutional Device for UC P4 data are eligible to participate in the program.
Berkeley IT | Information Security Office (ISO)

MSSEI Assessment Service

Berkeley's Minimum Security Standards for Electronic Information (MSSEI) are security controls that systems must meet in order to handle campus data.

The Information Security Office (ISO) offers an assessment service using the MSSEI to identify technical and procedural weaknesses in campus applications that store, process, or transmit...

Berkeley IT | Information Security Office (ISO)

Network Intrusion Detection Systems

The Information Security Office (ISO) operates several "Intrusion Detection Systems” (IDS) to detect and respond to information security incidents involving computers connected to the campus network. These automated systems monitor and analyze network traffic and generate alerts in response to activity that either matches known signatures for malicious activity or is anomalous. Alerts are reviewed by ISO security analysts, and if warranted notifications are sent to designated security contacts for investigation and remediation.
Berkeley IT | Information Security Office (ISO)

Remote Access VPN

The Remote Access VPN (Virtual Private Network) service allows CalNet ID–authenticated users to securely access the UC Berkeley network from outside of campus, as if they were on campus, and encrypts the information sent to the network. The VPN service allows authorized users a way to connect into the campus network in order to access resources generally unavailable to users not on the campus network.

bSecure Remote Access VPN - UC Berkeley's VPN service built using Palo Alto Networks GlobalProtect software....

Berkeley IT | Campus IT Infrastructure | Network & Data Center Services

Socreg

The Information Security Office (ISO) maintains Socreg, a self-service network registration portal, to assist campus departments in maintaining security contact information.

Campus Policy requires that departments designate a Security Contact to receive security email notifications and alerts for their networked devices. Socreg is used by departmental Security Contacts to maintain their registration information, including information about the Security Contact Role, its membership, and registration of IP...
Berkeley IT | Information Security Office (ISO)

Vendor Security Assessment Program

The Vendor Security Assessment Program (VSAP) is an evaluation service for third-party service providers handling UC P3 and P4 data on behalf of the university. Campus policy requires that these service providers must comply with the requirements of the UC Berkeley Minimum Security Standard for Electronic Information (MSSEI).

VSAP is intended to ensure that campus third-party service providers adhere to the same baseline level of security practices required for campus...

Berkeley IT | Information Security Office (ISO)

Vulnerability Scanning

The Information Security Office (ISO) offers both campus-wide and departmental vulnerability scanning to detect systems which may be vulnerable to attack.

Campus-wide: ISO continuously scans the campus network for security vulnerabilities on connected devices. We use a number of scanners using Tenable Nessus, along with Tenable's Professional Feed of network vulnerability "plugins", to detect systems which may be vulnerable to attack. When detected, high-...

Berkeley IT | Information Security Office (ISO)