Device security is a core component of the new UC systemwide cybersecurity mandate. In order to meet new requirements, UCSB must deploy Endpoint Detection and Response (EDR) to all University-owned devices.
In cybersecurity, devices are considered “endpoints” that connect to a network. All endpoints are potential entry points for security threats. EDR software specializes in detecting and responding to endpoint-level threats. UCSB is rolling out an MDM tool in order to manage the installation and updating of EDR, malware protection and disk encryption software.
The Security Operations Center (SOC) already manages an EDR tool called Trellix and a malware protection program: Nessus Agent. Approximately 66% of campus devices / endpoints currently use these tools. The UCOP mandate requires 100% compliance.
Upcoming Events
You’re invited to participate in virtual and in-person forums to learn more about Secure UCSB: the university’s initiative to improve cybersecurity and comply with a new University of California systemwide mandate.
Join Shea Lovan, Chief Technology Officer, and Jackson Muhirwe, Director of Information Assurance and Chief Information Security Officer, as they discuss device security, actions needed from our campus community, and how to get support. They're joined by Manny Cintron, Director of Workplace Technology Services and Ben Price, Associate CIO, Administrative Services.
Device Security: Virtual Forum
Thursday, November 7 @ 11 a.m.
Zoom Link
Device Security: In-person Forum
Wednesday, November 13 @ 10 a.m.
Location: Corwin Pavilion
Light refreshment will be provided
Want to learn more about security tools?
Frequently Asked Questions
A Mobile Device Management (MDM) solution is a software system used by organizations to manage, secure, and enforce policies on mobile devices such as smartphones, tablets, desktops, and laptops that are used for work purposes. It allows IT administrators to manage and protect the data on these devices, ensuring they comply with organizational security policies.
In cybersecurity, devices that connect to a network are considered “endpoints” as they are potential entry points for security threats. Endpoint Detection and Response (EDR) software specializes in detecting and responding to endpoint-level threats. UCSB already deploys an EDR tool called Trellix, which is in use by approximately 66% of campus endpoints.
If your device(s) (e.g desktop, laptop, mobile phone or tablet) are owned by UCSB, your device(s) will have to be enrolled in the tools needed to maintain device security, which includes MDM.
No, the MDM platform cannot access the content of files on a managed computer. It focuses on managing device security and campus data, but file content—whether personal or campus—remains inaccessible to the MDM unless stored within a secure container specifically managed by the organization.
Location services will be enabled. However the software tracking function will be disabled unless the device is reported stolen, lost, or if it’s doing something that’s exposing the network to potential vulnerabilities.
The MDM doesn't directly track application usage time. It can monitor when apps are launched, closed, or updated, as well as time spent using some aspects of the device including logins and logouts, when the device is turned on or off, or when a user logs in or out.
The MDM solution will not inherently limit your ability to use your device for personal purposes unless specific restrictions are set by your department or local IT. In most cases, personal use of the device is allowed as long as it complies with UCOP IT Policies and Guidelines, which ensures the security and proper use of University resources.
MDM is intended to enforce security measures and typically won't prevent normal personal use of your device unless this activity poses a security threat. However, since your device is owned by UCSB and intended for work related purposes and activities, it is typically advised that you avoid using your UCSB device for personal use.
The MDM solution protects your sensitive data from unauthorized access through several key security features, such as device encryption, authentication policies, remote wipe in the event of a stolen or lost device, application management, and data separation (to protect campus vs. personal data).
The MDM does not block any application installation on personally-issued devices. The EDR software will block malicious applications per the guidelines provided by Legal and IT Leadership. Exception requests, such as research, will be reviewed on a case-by-case basis.
Typically, device cameras or microphones will not be restricted unless requested by a department for a unique concern (i.e. sensitive work environment, GDPR compliance requirements)
Vulnerability scanners continuously scan the UCSB network for devices with listening ports and services. The Nessus Agent installed on endpoints collects software/version inventory information and regularly reports this list to the Tenable.io instance. This agent reporting activity is lightweight and does not impact device performance.
Yes, the MDM tool will deploy disk encryption to all devices, which ensures all data stored on the device is unreadable to anyone who gains unauthorized access.
No training will be required for end users. Users should contact the IT Service Desk for any support needs related to the Device Security Platform.
Any costs for the Device Security Platform will be absorbed by the Secure UCSB program per the new UCOP Cybersecurity Mandate.
- Windows PCs / laptops
- Mac PCs / laptops
- University-owned mobile devices (Android and iOS)
- Chromebooks
There are a variety of benefits that will result from these new device security tools and processes:
- Protects personal data through encryption and access controls.
- Automates updates for necessary systems, apps and tools.
- Locks and wipes devices remotely if they are lost or stolen.
- Minimizes setup and management of devices by streamlining configurations. Users can focus on their work while IT units handle device updates and threats.
- Separates personal and UCSB data, protecting user privacy while ensuring campus data is secure.
- Supports remote work by facilitating access to UCSB resources and systems, enabling effective work from various locations.
- Provides advanced threat detection, quickly detecting and patching issues with minimal user impacts.
- Enhances reporting capabilities for compliance and regulatory purposes.
Don't see your question?
Submit it below, and we can address it at upcoming forums and add to the above.