[Campus Notice] UC Cybersecurity Mandate: Updates on Secure Access Checks

UCR Information Technology Solutions tech-bulletin at lists.ucr.edu
Fri Oct 17 16:55:04 PDT 2025 

[image: image]

Colleagues,

In our last letter, we announced the launch of the phased implementation of
secure access checks, which began on September 30, 2025. Secure access
checks are part of the series of security enhancements that UC Riverside is
making to comply with the UC Cybersecurity Mandate 2025
<https://its.ucr.edu/uc-presidents-letter>. To learn more about the UC-wide
mandate and your role as a Highlander, please visit the ITS website
<https://its.ucr.edu/cybersecurity-mandate-2025>.

As the first campus org to experience secure access checks, Information
Technology Solutions (ITS) is in the process of documenting the user
experience so that we may ensure a smooth rollout to the rest of campus.

One important discovery has been a potential compliance issue with Mac
devices that are not managed by the university. If this is the type of
device you use to perform university work, please follow the guidance
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012337>
below to ensure your Mac is running the required version of the UCR
Security Toolset <https://its.ucr.edu/uc-security-toolset>. Note that this
permissions issue applies to all non-managed Mac devices, regardless of
date of toolset installation.

On October 22, 2025 we will move to phase three, which applies secure
access checks to the remaining administrative orgs. To view the schedule of
the phased implementation, please refer to the ITS blog
<https://its.ucr.edu/blog/2025/09/12/uc-cybersecurity-mandate-2025-compliance-support-plan-updates>
.


Sincerely,

Matthew Gunkel

Chief Information Officer and Associate Vice Chancellor

Dewight F. Kramer

Chief Information Security Officer

Information Technology Solutions



Potential Toolset Utilization Issue for Non-Managed Mac Devices

Faculty and staff who use a non-managed
<https://its.ucr.edu/uc-security-toolset#what-is-the-difference-between>
(i.e., no administrative support from IT) Mac laptop or computer to perform
university work and have installed the UCR Security Toolset
<https://its.ucr.edu/uc-security-toolset> on their device must manually
allow their device
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012337>
to run the required version of the UCR Security Toolset by October 27,
2025. Failure
to do so will result in the inability to access secure UCR resources
<https://its.ucr.edu/blog/2025/09/12/uc-cybersecurity-mandate-2025-compliance-support-plan-updates>
once secure access checks are fully implemented.

As a reminder, ITS does not have administrative permissions over devices
not managed by ITS' Secured Device Services
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012086>.
As a result, users of non-managed Macs are responsible for initiating
and/or permitting any necessary security updates.
Available IT Support

The following support options are available to users of non-managed Mac
devices with the UCR Security Toolset installed:

   -

   Step-by-step instructions: Detailed guidance is available in the ITS
   knowledge base
   <https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012337>
   .
   -

   Cybersecurity Mandate Office Hours: Attend the next cybersecurity
   mandate office hour
   <https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>
   .
   -

   IT Support Services Stations: Visit the IT Support Services stations
   located on the first floors of the Student Success Center and the Orbach
   and Rivera libraries.
   -

   BearHelp Technician Support: Submit a support ticket at its.ucr.edu/help
   to schedule one-on-one assistance with a BearHelp technician or call
   BearHelp at (951) 827-4848.

Additionally, non-managed Mac users are welcome to opt into the Secured
Device Services (SDS) <https://its.ucr.edu/secured-device-services> program
if they prefer ITS to manage future updates.
Guidance

Resources

Read the UCR Security Toolset Purpose and Use whitepaper
<https://docs.google.com/document/d/1R9d0zK7M-4o-YsihgjZSXB-KuqooxjSJuTmzruI0AB4/edit?usp=sharing>
.

Find answers to FAQs about MFA <https://its.ucr.edu/mfa#faq> and the security
toolset <https://its.ucr.edu/uc-security-toolset#security-toolset-faq>.
UC-wide Mandate

All UC campuses are called to comply to help protect sensitive data,
maintain operational continuity, comply with regulations, and mitigate
financial risks associated with cyber attacks.
Read the Letter <https://its.ucr.edu/uc-presidents-letter>

Support

   -

   Review the toolset information and guidance
   <https://its.ucr.edu/uc-security-toolset>
   -

   Report an issue with installation
   <https://ucrsupport.service-now.com/ucr_portal?id=sc_cat_item&sys_id=d10c39ee0f348300138942bce1050e8b>
   -

   Get help in person by visiting an IT Support station in the libraries or
   SSC
   -

   Attend the next virtual office hour with ITS
   <https://events.ucr.edu/event/uc-cybersecurity-mandate-office-hours-with-its>

Download the UCR Security Toolset <http://endpointinventory.ucr.edu/home>

Installation guides are available for Windows
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012265>
and MacOS
<https://ucrsupport.service-now.com/ucr_portal?id=kb_article_view&sysparm_article=KB0012269>
users.
Learn More

The security toolset is required for any device that is used to connect to
secure UCR networks and cloud resources, including personal devices. These
devices include computers, laptops, and Microsoft Surface tablets (learn
what’s not included
<https://its.ucr.edu/uc-security-toolset#are-mobile-devices-included-in>).
[image: image]
Reason for Change: UC Cybersecurity Mandate 2025

These changes are part of UCR's plan to better protect our community and
comply with a new UC systemwide mandate.
Learn About the Mandate <https://its.ucr.edu/cybersecurity-mandate-2025>

[image: image]
Video: Message from the Provost

Watch this video message from Provost Watkins to learn why UCR is
strengthening MFA, along with other key steps we must take to keep our
Highlander community safe.
Watch on YouTube <https://www.youtube.com/watch?v=8-bMZddr-Bc>



Need IT help? Submit a support ticket at its.ucr.edu/help


Information Technology Solutions

Computing & Communications Building

900 University Ave.

Riverside, CA 92521

951-827-4848 | its.ucr.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20251017/99a86e5f/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/jpeg
Size: 361433 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20251017/99a86e5f/attachment-0001.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 604736 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20251017/99a86e5f/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image
Type: image/png
Size: 42199 bytes
Desc: not available
URL: <https://lists.ucr.edu/pipermail/tech-bulletin/attachments/20251017/99a86e5f/attachment-0003.png>

More information about the Tech-Bulletin mailing list