• Report an Incident
• Self Service
• Services & Products
• Policies & Guidelines
• Security Training (SATE)
• Vulnerability Info
• About EIS

UCSF Security Campaign

May 18, 2009

See the UCSF announcement about the launch of the data security campaign.

Goal

UCSF is launching a campuswide data security communications campaign to raise awareness and reinforce best practices to ensure the security of protected electronic information, other sensitive data and information resources.
UCSF Public Affairs will lead the communications campaign in coordination with OAAIS Enterprise Information Security. Training will be conducted by OAAIS Enterprise Information Security.

The Primary Messages

• UCSF leadership is committed to ensuring the security of protected health information (PHI) and other sensitive data.
  

• Physically secure your work area and information when unattended:
  Lock up files and folders, log off your computer when away, lock the doors and windows when leaving for the day, etc.

• Properly use portable devices:
  Store information on a department’s server or other secure back-up media. Sensitive data should not be stored on portable devices

• Back up your data:
  Backup data to a department’s server, DVD, external hard drive, etc., and protect the back ups.

• Use cryptic/strong passwords:
  Create strong passwords that are hard to guess but easy for you to remember.

• Install anti-virus and security updates:
  Ensure that every device is protected with anti-virus software.

• Practice safe emailing:
  Use UCSF secure email services whenever communicating restricted information outside of the UCSF network.

Communication and Training Overview

Address All of the Following Topics

• Information Security Laws and Policies:
  Cover laws and policies UCSF must comply with and implications of these laws and explain what the laws really say or protect, the purpose of these laws, and the responsibilities of UCSF’s faculty, staff, student and trainees.

• Information Security Threats:
  Define terms such as virus, worm, malware and other threats and explain the implications of these threats and tips for preventing security breaches.

• Information Security Tools:
  Describe available security tools to prevent security incidents at UCSF, how to download them, how these tools are used, and what is expected of faculty, staff, students and trainees for using them.

• Information Security Incident Response Procedures:
  Define security incidents describe three to four case studies and computer attack scenarios with appropriate responses, review processes and protocols for responding to or reporting an incident and how to report lost or stolen devices.

• Information Security: Six Simple Steps:
  Explain the six security practices faculty, staff, students and trainees can do to reduce the risk of an information security incident.

Please tell us what you think of our website

The University of California, San Francisco, CA 94143, 415/476-9000
Copyright © 2008, The Regents of the University of California.