OIT Security

OIT provides information security services to the entire campus. If you need to contact the Security Team, please call the OIT Help Desk at (949) 824-2222, send an email to oit@uci.edu, or you may open a ticket.

Vulnerability Management Program

UCI Vulnerability Management Program

Introduction

OIT has embarked upon a program to track and manage information-security vulnerabilities on the network as part of an ongoing effort to reduce cybersecurity risks. This program involves scanning systems connected to UCInet for known weaknesses, informing owners of the issues that need to be addressed, offering technical assistance to fix problems, and when necessary, protecting the rest of UCInet by denying network access to vulnerable systems.

If you wish to analyze your own systems, please visit the Information Security Service Request site to gain access to our Tenable SecurityCenter self-service form or IBM Web Application vulnerability scan request form. An OIT security engineer will fulfill your request as soon as possible or will reach out to you if any additional information is needed.

Please allow up to 3 business days to process your Tenable SecurityCenter requests and 20-30 business days for IBM Web Application scan requests. More information about this service can be found on the OIT Security website.

What if I'm blocked?

If the OIT Security Team determines that you're machine is vulnerable, we will email you the details of our scan and ask that you address the issue (either yourself - if you manage the machine - or with the help of your local IT support). We will give you 30 days to address the issue. If you haven't addressed the issue in 30 days, your network connection will be blocked. You will not receive a notification of the block: you simply won't be able to get online.

If you contact the Help Desk, we'll be able to help you understand why you were blocked. Steps for remediation will include finding one of the email notifications you received 30 days prior (the emails would have come from security-vmp@uci.edu), taking action, and replying to that email to let the IT Security team know you've addressed the issue.

Keep in mind that only the affected computer is blocked: you can still use your mobile phone (or another computer) to check your inbox for the email notification from the Security Team.

BigFix Endpoint Security

BigFix Endpoint Security

OIT offers IBM's BigFix software as a service (SaaS) to its desktop supported clients and all of the academic units across campus. Supported machines with the BigFix client installed are able to receive software updates & security patches automatically. Moreover, users whose machines have been blocked due to software vulnerabilities can use this service to remediate any outstanding issues with their computers.

DSS-supported clients already have the client installed. If you are part of an academic unit, please partner with your CSCs for guidance on how to take advantage of this service.

Return to the OIT Help Center.

Scroll Up