[Faculty] Thank You for Supporting UCR’s Cybersecurity Efforts!

UCR Information Technology Solutions its at ucr.edu
Tue Jun 17 16:07:06 PDT 2025 

[image: image]

Colleagues,

Thanks to the dedication and diligence of every employee, we are pleased to
announce that UCR has achieved 96% overall compliance with the UC
Cybersecurity Mandate 2025 <https://its.ucr.edu/cybersecurity-mandate-2025>.
This is a significant milestone on our campus’ Security Investment Roadmap
<https://its.ucr.edu/cybersecurity-mandate-2025#future>, and we deeply
appreciate your ongoing commitment to protecting our Highlander community
and the university’s valuable resources. Your efforts have significantly
bolstered UCR's cybersecurity and ensured we continue to meet critical
UC-wide standards.

We're thrilled to celebrate our 96% compliance achievement! It's a
fantastic accomplishment, and your dedication is truly appreciated. To stay
ahead of the ever-changing cybersecurity landscape and keep our community
secure, we will introduce some helpful additions to our security tools,
like Duo Desktop
<https://docs.google.com/document/d/1R9d0zK7M-4o-YsihgjZSXB-KuqooxjSJuTmzruI0AB4/edit?tab=t.0#heading=h.aiwuilnn557y>,
in the near future. Along with staying up-to-date on training, using
secured devices, and utilizing multi-factor authentication, these new
measures will ensure we continue to maintain a strong defense. We will keep
you informed every step of the way and are grateful for your ongoing
support and engagement.

To help ensure a smooth transition for all as we enter the enforcement
phase, we have adjusted the compliance support plan timeline
<https://its.ucr.edu/blog/2025/06/05/updates-ucrs-plan-ensure-compliance-uc-cybersecurity-mandate-2025>.
The implementation of training validation and secured device access checks
when trying to access secure UCR applications is targeted to commence
August 1, 2025.

Once again, thank you for your unwavering commitment to keeping our
Highlander community safe.


Sincerely,

Elizabeth Watkins

Provost and Executive Vice Chancellor

Matthew Gunkel

Chief Information Officer and Associate Vice Chancellor

Dewight F. Kramer

Chief Information Security Officer


Compliance Plan Updates

   -

   To help ensure a smooth transition for all, training verification and
   secured device access checks are now targeted to commence August 1, 2025
   <https://insideucr.ucr.edu/announcements/2025/06/05/updates-ucrs-plan-ensure-compliance-uc-cybersecurity-mandate-2025>
   instead of June 2025.
   -

   As a reminder, once these compliance measures are implemented, employees
   who have not taken the required steps to be compliant with training and/or
   secured device requirements will be unable to access secure UCR resources
   and applications.
   -

   These campus communications are intended to address the general campus
   community but are not inclusive of all employees. ITS, Labor and Employee
   Relations (LER), and the Academic Personnel Office (APO) have been in
   contact with the union representatives of some represented employee groups.
   1.
         -

         Please review the toolset FAQs
         <https://its.ucr.edu/uc-security-toolset#i-am-a-unit-18-lecturer-how-ca>
         to see how these changes are being considered and implemented
with respect
         to your employment contract. If you have any questions related to the
         changes please reach out to your union representative to discuss.

Exemption Process Reminders

   -

   Device exemptions are only granted under rare and special circumstances.
   For example, an exemption may be possible for a device that cannot support
   the security toolset (e.g., certain scientific equipment, high-performance
   computing cluster, or sensitive research devices). Similarly, individuals
   with contingent or limited appointments may be exempt if the security
   toolset is not compatible with their home organization’s security
   policies.
   -

   To request an exemption, please fill out the Information Security Office
   consultation form
   <https://ucrsupport.service-now.com/ucr_portal?id=sc_cat_item&sys_id=c0ecbe881ba7b300c675dac9bc4bcb6b>
   in the IT service portal. Select “Other Risk Assessment” from the Category
   drop-down. Please also include the following information in the Short
   Description field:


   1.

   Briefly describe the exception you’re seeking and the justification for
   it
   2.

   Name of the device (learn how to find it on an Apple device
   <https://support.apple.com/guide/mac-help/find-your-computers-name-and-network-address-mchlp1177/mac#:~:text=On%20your%20Mac%2C%20choose%20Apple,Click%20About.&text=View%20your%20computer%27s%20name%20to%20the%20right%20of%20the%20Name%20field.>
   or Windows device
   <https://support.microsoft.com/en-us/office/do-you-need-help-locating-your-computer-name-00384381-8aa9-4398-b81b-475f09fed618>
   )
   3.

   MAC address of the device (learn how to find it
   <https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012313>
   )
   4.

   Which UCR resources you access with the device


   -

   The Information Security Office may reach out for additional information
   as it performs the risk assessment.
   -

   Even if a device is granted an exception, it must still be inventoried
   and have an ISO-approved security plan for how the device will be kept
   safe. Note that exceptions are rarely granted. No exceptions will be made
   for personal devices.

Download the UCR Security Toolset <http://endpointinventory.ucr.edu/home>

Installation guides are available for Windows
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012265>
and MacOS
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012269>
users.
Guidance

Resources

What's my role? View your checklist:

   -

   I manage my device
   <https://docs.google.com/document/d/1h0kCYKFfb41sInBec-Bqc8EtRs-fqu08Jesv3mrVmh8/edit?usp=sharing>
   -

   IT manages my device
   <https://docs.google.com/document/d/173rXeikz-Ko5-qjOm4WUVhRVRcntpCIGKhCF4iHiToA/edit?usp=sharing>



Read the UCR Security Toolset Purpose and Use whitepaper
<https://docs.google.com/document/d/1R9d0zK7M-4o-YsihgjZSXB-KuqooxjSJuTmzruI0AB4/edit?usp=sharing>
.

Find answers to FAQs about the mandate
<https://its.ucr.edu/cybersecurity-mandate-2025#faq> and the security
toolset <https://its.ucr.edu/uc-security-toolset#security-toolset-faq>.
UC-wide Mandate

All UC campuses are called to comply to help protect sensitive data,
maintain operational continuity, comply with regulations, and mitigate
financial risks associated with cyber attacks.
Read the Letter <https://its.ucr.edu/uc-presidents-letter>

Support

   -

   Review the toolset information and guidance
   <https://its.ucr.edu/uc-security-toolset>
   -

   Report an issue with installation
   <https://ucrsupport.service-now.com/ucr_portal?id=sc_cat_item&sys_id=d10c39ee0f348300138942bce1050e8b>
   -

   Get help in person by visiting an IT Support station in the libraries or
   SSC
   -

   Attend the next virtual office hour with ITS
   <https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>

Campus Compliance Report

[image: image]
Learn More

The security toolset is required for any device that is used to connect to
secure UCR networks and cloud resources, including personal devices. These
devices include computers, laptops, and Microsoft Surface tablets (learn
what’s not included
<https://its.ucr.edu/uc-security-toolset#are-mobile-devices-included-in>).
[image: image]
Reason for Change: UC Cybersecurity Mandate 2025

These changes are part of UCR's plan to better protect our community and
comply with a new UC systemwide mandate.
Learn About the Mandate <https://its.ucr.edu/cybersecurity-mandate-2025>

[image: image]
Video: Message from the Provost

Watch this video message from Provost Watkins to learn why UCR is
strengthening MFA, along with other key steps we must take to keep our
Highlander community safe.
Watch on YouTube <https://www.youtube.com/watch?v=8-bMZddr-Bc>



Need IT help? Submit a support ticket at its.ucr.edu/help


Information Technology Solutions

Computing & Communications Building

900 University Ave.

Riverside, CA 92521

951-827-4848 | its.ucr.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250617/6091082f/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 136906 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250617/6091082f/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 42199 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250617/6091082f/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/jpeg
Size: 361433 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250617/6091082f/attachment-0001.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 604736 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250617/6091082f/attachment-0005.png>

More information about the Faculty mailing list