[Entm-researchstaff] Fwd: [Campus Notice] Update: UC Cybersecurity Mandate Compliance

Wendi Tapia wendi.tapia at ucr.edu
Fri May 16 11:25:52 PDT 2025 

Dear Entomology Faculty and Staff,

This is a friendly reminder that the University of California Office of the
President (UCOP) has issued a cybersecurity mandate that must be fulfilled
by *May 28, 2025*. Attached is the original communication from the Dean
outlining this important requirement.

Please be aware that *all devices purchased with grant funding, startup
funds, or other UC funds are considered university-owned* and must comply
with the mandate.

As part of UCR’s implementation plan, campus policy now requires the
installation and operation of applications from the *UCR Security Toolset*
on *all devices* that connect to secure UCR networks and cloud resources.
Full compliance is required by *May 28*.

For details, including links to the toolset, in-person installation
assistance, and online office hour schedules, please visit:
🔗 https://its.ucr.edu/uc-security-toolset


*Be sure to follow the instructions for non-managed devices.*

Additionally, campus administrative staff are transitioning to Secure
Desktop Systems. The ENTM Admin Unit migration was completed yesterday.
While there have been a few minor issues, ITS has been very responsive.  We
thank you for your patience during this time.

Cheers,

*Wendi Tapia*

Financial & Administrative Officer

Department of Entomology

*UNIVERSITY OF CALIFORNIA, RIVERSIDE*



---------- Forwarded message ---------
From: UCR Information Technology Solutions via Tech-Bulletin <
tech-bulletin at lists.ucr.edu>
Date: Fri, May 16, 2025 at 10:37 AM
Subject: [Campus Notice] Update: UC Cybersecurity Mandate Compliance
To: <tech-bulletin at lists.ucr.edu>


[image: image]
Compliance Support Plan Updates for the UC Cybersecurity Mandate 2025

Colleagues,

In a previous email we shared that UCR has committed to having all
staff on managed
devices <https://its.ucr.edu/secured-device-services> by May 23, 2025. We
are pleased to report that we are making steady progress toward this goal.
As such, you may be contacted by one of our BearHelp technicians via email
or phone call to ensure that your device is compliant with the security
toolset requirement.

Progress is also being made on UCR’s compliance support plan to ensure our
campus achieves the six cybersecurity outcomes outlined in the UC
Cybersecurity Mandate
<https://its.ucr.edu/cybersecurity-mandate-2025#outcomes-to-be-achieved>.
Updates and key dates are provided below for your awareness.

As we transition into the enforcement phase of UCR’s plan, please be
reminded that all employees play a role in in protecting our vital systems
and information. Please ensure you take the necessary steps to comply
<https://its.ucr.edu/cybersecurity-mandate-2025#required-actions-before-june-2>
by May 28, 2025.

Thank you for doing your part to keep our Highlander community safe.


Sincerely,

Elizabeth Watkins

Provost and Executive Vice Chancellor

Matthew Gunkel

Chief Information Officer and Associate Vice Chancellor

Dewight F. Kramer

Chief Information Security Officer


Compliance Plan Updates

   -

   UCR has upgraded its Duo service, our identity security provider, to
   leverage Duo Desktop as a mechanism for ensuring compliance with the UCOP
   cybersecurity training and device security requirements.
   -

   As communicated previously in an update to campus
   <https://insideucr.ucr.edu/announcements/2025/03/24/how-ucr-complying-uc-cybersecurity-mandate>,
   the compliance support plan for the UCR Security Toolset is phased. This
   means that initial secured access checks will restrict non-compliant
   devices from accessing a select number of UCR applications. Over time, more
   UCR applications will be subject to the secured access check.
   -

   The initial list of UCR applications subject to the secured access
   check, and therefore inaccessible to non-compliant devices or persons who
   have not completed their required cybersecurity training, is currently
   being finalized and will be communicated by May 31, 2025.
   -

   Step-by-step guidance on how to confirm that the UCR Security Toolset is
   installed on a device can be found in the IT Knowledge Base
   <https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012308>
   (UCR NetID login required
   <https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012053>
   ).

Key Compliance Plan Dates

   -

   June 1 - Employees still overdue on training may be unable to access UCR
   systems (except for the Learning Center) until training is completed.
   -

   June 15 - Secured access checks will commence, beginning with a select
   few UCR applications. These applications will be inaccessible to users
   and/or devices that are not compliant with the UCOP cybersecurity training
   and secured device requirements.

Guidance

Resources

What's my role?

   -

   View my checklist
   <https://docs.google.com/document/d/157De7HcwWoWJGeUGVNP_uR8deqigF-lL15Q5RWItWFU/edit?usp=sharing>
   -

   Am I already on SDS?
   <https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012086>


Read the UCR Security Toolset Purpose and Use whitepaper
<https://docs.google.com/document/d/1R9d0zK7M-4o-YsihgjZSXB-KuqooxjSJuTmzruI0AB4/edit?usp=sharing>
.

Find answers to FAQs about the mandate
<https://its.ucr.edu/cybersecurity-mandate-2025#faq> and the security
toolset <https://its.ucr.edu/uc-security-toolset#security-toolset-faq>.
UC-wide Mandate

All UC campuses are called to comply to help protect sensitive data,
maintain operational continuity, comply with regulations, and mitigate
financial risks associated with cyber attacks.
Read the Letter <https://its.ucr.edu/uc-presidents-letter>

Support

   -

   Review the toolset information and guidance
   <https://its.ucr.edu/uc-security-toolset>
   -

   Get help in person by visiting an IT Support station in the libraries or
   SSC
   -

   Attend the next virtual office hour with ITS
   <https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>
   -

   Submit an IT support ticket <https://its.ucr.edu/help>

Campus Compliance Report

[image: image]
What's at Risk if UCR Doesn't Comply by May 28, 2025?

   -

   Employees who have not taken the required steps to be compliant with
   training and device security will not be able to access secure UCR
   resources and applications beginning June 2025.
   -

   UCR will face costly financial penalties
   <https://its.ucr.edu/cybersecurity-mandate-2025#campus-consequences> and
   greater liability, which may further impact budgets.
   -

   Your personal information and university data will be at greater risk of
   cyber attack or ransom
   <https://its.ucr.edu/cyber-attacks#higher-ed-cyberattack-news>, which
   may result in research data loss, identity theft, prolonged disruption to
   university operations, and personal financial loss.

Learn More

The security toolset is required for any device that is used to connect to
secure UCR networks and cloud resources, including personal devices. These
devices include computers, laptops, and Microsoft Surface tablets (learn
what’s not included
<https://its.ucr.edu/uc-security-toolset#are-mobile-devices-included-in>).
[image: image]
Reason for Change: UC Cybersecurity Mandate 2025

These changes are part of UCR's plan to better protect our community and
comply with a new UC systemwide mandate.
Learn About the Mandate <https://its.ucr.edu/cybersecurity-mandate-2025>

[image: image]
Video: Message from the Provost

Watch this video message from Provost Watkins to learn why UCR is
strengthening MFA, along with other key steps we must take to keep our
Highlander community safe.
Watch on YouTube <https://www.youtube.com/watch?v=8-bMZddr-Bc>



Need IT help? Submit a support ticket at its.ucr.edu/help


Information Technology Solutions

Computing & Communications Building

900 University Ave.

Riverside, CA 92521

951-827-4848 | its.ucr.edu
_______________________________________________
Tech-Bulletin mailing list
Tech-Bulletin at lists.ucr.edu
https://lists.ucr.edu/mailman/listinfo/tech-bulletin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 42199 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 140849 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/jpeg
Size: 361433 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0001.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 604736 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0005.png>
-------------- next part --------------
An embedded message was scrubbed...
From: Jennifer Farias via Cnasdeptadministrators
 <cnasdeptadministrators at lists.ucr.edu>
Subject: [CNASDeptAdministrators] Fwd: FW: Joint Letter to Campus re: UCOP Cybersecurity Mandate 2025
Date: Tue, 15 Apr 2025 11:52:11 -0700
Size: 35996
URL: <https://lists.ucr.edu/pipermail/entm-researchstaff/attachments/20250516/4e050bf0/attachment-0001.eml>

More information about the Entm-researchstaff mailing list