Servers

UCSF IT provides a number of tools and resources for departmentally managed servers, as well as data center services for those that need servers, storage, and support from ITFS.

• Data Center Services: UCSF IT's Data Center Services include virtual hosting, physical server hosting, storage services, and backup services.
• IBM BigFix Endpoint Manager: Required for all devices used to conduct UCSF business, whether they're UCSF-owned or personal. BigFix allows UCSF IT to find, fix, and secure IT resources attached to the UCSF network.
• Vulnerability Scanning: Vulnerabilities are often due to out-of-date operating systems or insecure network applications. UCSF IT Security offers vulnerability scanning services and will provide a follow-up report with security severity and remediation steps.
• Server Inventory: Register your server in UCSF’s ServiceNow CMDB (Configuration Management Database) through the device registration form, or create a service request to get your device registered.
• Centralized Logging: SOM departments have the option of utilizing UCSF IT's Syslog-NG to send copies of system, security, and application logs to the central Syslog-NG servers, with delegated rights to see only logs from your systems. Helpful for troubleshooting and forensics purposes.

Applications

If you’re responsible for a departmental application – whether it’s a local instance, cloud application, or a custom development – there are a number of resources at UCSF to help secure your application.

• Application Security Resources: List of resources covering everything from general security best practices to security scans to risk assessments. Includes community and learning resources like listservs, feeds, e-books, and online courses.
• IT Security Risk Assessment: UCSF is required - by a number of laws, regulations, and policies - to assess the risk of information systems that create, store, process, or transmit UCSF data. Open a ServiceNow ticket to get started or contact UCSF IT's Customer Solutions Group for help.
• Business Impact Analysis: BIAs identify and evaluate the potential effects (financial, life/safety, regulatory, legal/contractual, reputational, etc.) of natural and man-made events or disasters on business operations. Complete this questionnaire to determine if UCSF IT should conduct a BIA of your IT system or service.
• Web Application Scanning: The Netsparker scanner finds web application vulnerabilities such as SQL injection and cross-site scripting (XSS). UCSF IT Security will scan your website on request.
• SSL Certificate Requests: SSL encryption is essential for any web application. UCSF IT provides commercial SSL certificates, verified to work with most major platforms and browsers, at no cost to SOM departments.
• MyAccess Single Sign-On Integration: MyAccess is a campus-wide service providing central authentication (login) and authorization (access to UCSF systems). It allows campus units to securely identify their online customers and to properly control who has access to applications and resources. Consider integrating your department application with MyAccess for better security.