[Faculty] Update: UC Cybersecurity Mandate Compliance
UCR Information Technology Solutions
its at ucr.edu
Fri May 16 11:18:04 PDT 2025
[image: image]
UC Cybersecurity Mandate 2025: Compliance Support Plan Updates and Town
Hall for Q&A
Colleagues,
We are making progress on UCR’s compliance support plan to ensure our
campus achieves the six cybersecurity outcomes outlined in the UC
Cybersecurity Mandate
<https://its.ucr.edu/cybersecurity-mandate-2025#outcomes-to-be-achieved>.
Updates and key dates are provided below for your awareness.
As we transition into the enforcement phase of UCR’s plan, please be
reminded that all employees play a role in protecting our vital systems and
information. Please ensure you take the necessary steps to comply
<https://its.ucr.edu/cybersecurity-mandate-2025#required-actions-before-june-2>
by May 28, 2025, or risk losing access to certain secure applications.
As an additional resource, the Academic Senate will host ITS for a Town
Hall Q&A on cybersecurity on Tuesday, May 27, at 10:30 AM. Event details
will be provided by the Academic Senate shortly. We encourage you to attend
this faculty-focused session or any of the regularly scheduled office hour
sessions
<https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>
to ask questions and receive support.
Thank you for doing your part to keep our Highlander community safe.
Sincerely,
Elizabeth Watkins
Provost and Executive Vice Chancellor
Matthew Gunkel
Chief Information Officer and Associate Vice Chancellor
Dewight F. Kramer
Chief Information Security Officer
Compliance Plan Updates
-
UCR has upgraded its Duo service, our identity security provider, to
leverage Duo Desktop as a mechanism for ensuring compliance with the UCOP
cybersecurity training and device security requirements.
-
As communicated previously in an update to campus
<https://insideucr.ucr.edu/announcements/2025/03/24/how-ucr-complying-uc-cybersecurity-mandate>,
the compliance support plan for the UCR Security Toolset is phased. This
means that initial secured access checks will restrict non-compliant
devices from accessing a select number of UCR applications. Over time, more
UCR applications will be subject to the secured access check.
-
The initial list of UCR applications subject to the secured access
check, and therefore inaccessible to non-compliant devices or persons who
have not completed their required cybersecurity training, is currently
being finalized and will be communicated by May 31, 2025.
-
Step-by-step guidance on how to confirm that the UCR Security Toolset is
installed on a device can be found in the IT Knowledge Base
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012308>
(UCR NetID login required
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012053>).
Key Compliance Plan Dates
-
June 1 - Employees still overdue on training may be unable to access UCR
systems (except for the Learning Center) until training is completed.
-
June 15 - Secured access checks will commence, beginning with a select
few UCR applications. These applications will be inaccessible to users
and/or devices that are not compliant with the UCOP cybersecurity training
and secured device requirements.
Download the UCR Security Toolset <http://endpointinventory.ucr.edu/home>
Installation guides are available for Windows
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012265>
and MacOS
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012269>
users.
Guidance
Resources
What's my role? View your checklist:
-
I manage my device
<https://docs.google.com/document/d/1h0kCYKFfb41sInBec-Bqc8EtRs-fqu08Jesv3mrVmh8/edit?usp=sharing>
-
IT manages my device
<https://docs.google.com/document/d/173rXeikz-Ko5-qjOm4WUVhRVRcntpCIGKhCF4iHiToA/edit?usp=sharing>
Read the UCR Security Toolset Purpose and Use whitepaper
<https://docs.google.com/document/d/1R9d0zK7M-4o-YsihgjZSXB-KuqooxjSJuTmzruI0AB4/edit?usp=sharing>
.
Find answers to FAQs about the mandate
<https://its.ucr.edu/cybersecurity-mandate-2025#faq> and the security
toolset <https://its.ucr.edu/uc-security-toolset#security-toolset-faq>.
UC-wide Mandate
All UC campuses are called to comply to help protect sensitive data,
maintain operational continuity, comply with regulations, and mitigate
financial risks associated with cyber attacks.
Read the Letter <https://its.ucr.edu/uc-presidents-letter>
Support
-
Review the toolset information and guidance
<https://its.ucr.edu/uc-security-toolset>
-
Report an issue with installation
<https://ucrsupport.service-now.com/ucr_portal?id=sc_cat_item&sys_id=d10c39ee0f348300138942bce1050e8b>
-
Get help in person by visiting an IT Support station in the libraries or
SSC
-
Attend the next virtual office hour with ITS
<https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>
Campus Compliance Report
[image: image]
What's at Risk if UCR Doesn't Comply by May 28, 2025?
-
Employees who have not taken the required steps to be compliant with
training and device security will not be able to access secure UCR
resources and applications beginning June 15, 2025.
-
UCR will face costly financial penalties
<https://its.ucr.edu/cybersecurity-mandate-2025#campus-consequences> and
greater liability, which may further impact budgets.
-
Your personal information and university data will be at greater risk of
cyber attack or ransom
<https://its.ucr.edu/cyber-attacks#higher-ed-cyberattack-news>, which
may result in research data loss, identity theft, prolonged disruption to
university operations, and personal financial loss.
Learn More
The security toolset is required for any device that is used to connect to
secure UCR networks and cloud resources, including personal devices. These
devices include computers, laptops, and Microsoft Surface tablets (learn
what’s not included
<https://its.ucr.edu/uc-security-toolset#are-mobile-devices-included-in>).
[image: image]
Reason for Change: UC Cybersecurity Mandate 2025
These changes are part of UCR's plan to better protect our community and
comply with a new UC systemwide mandate.
Learn About the Mandate <https://its.ucr.edu/cybersecurity-mandate-2025>
[image: image]
Video: Message from the Provost
Watch this video message from Provost Watkins to learn why UCR is
strengthening MFA, along with other key steps we must take to keep our
Highlander community safe.
Watch on YouTube <https://www.youtube.com/watch?v=8-bMZddr-Bc>
Need IT help? Submit a support ticket at its.ucr.edu/help
Information Technology Solutions
Computing & Communications Building
900 University Ave.
Riverside, CA 92521
951-827-4848 | its.ucr.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250516/ac721944/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 140849 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250516/ac721944/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 42199 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250516/ac721944/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/jpeg
Size: 361433 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250516/ac721944/attachment-0001.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 604736 bytes
Desc: not available
URL: <https://scotmail.ucr.edu/pipermail/faculty/attachments/20250516/ac721944/attachment-0005.png>
More information about the Faculty
mailing list