IT Security and Privacy

Symantec security software now available to staff retirees

Allison Henry, IST–System and Network Security — Wed, 18 Nov 2009 00:00:00 -0800

The UC Berkeley Retirement Center and Information Services and Technology are pleased to announce that Symantec security software is now available for staff retirees subscribed to CalMail through the Retirement Center. Retirees can download the latest versions of Symantec and other useful software from Software Central.

Campus Guidelines for Kiosk Workstations

Dedra Chamberlin, IST–Infrastructure Services — Tue, 27 Oct 2009 00:00:00 -0700

The Campus Guidelines for Kiosk Workstations are a limited set of basic guidelines departments should follow if they provide workstations that are available for use by the general public. The guidelines focus primarily on configuring kiosk machines to minimize the chance that users will inadvertently leave themselves logged in when they leave a public workstation, and educating kiosk users so that they don't inadvertently leave themselves logged in to a public workstation.

NAV for Macintosh 11.0.3 available to campus users of Mac OS 10.6 (Snow Leopard)

Allison Henry, IST–SNS — Fri, 18 Sep 2009 00:00:00 -0700

As you may be aware, the latest Mac OS release, 10.6 "Snow Leopard", is not compatible with the campus site-licensed antivirus software, Symantec AntiVirus (SAV) for Macintosh 10.2.1. To cover the antivirus needs of Mac OS 10.6 users, Symantec has made the recently released 10.6–compatible Norton software, Norton AntiVirus (NAV) for Macintosh 11.0.3, available to UC Berkeley until the updated version of SAV for Macintosh is released. This software is now available for download on Software Central, under "Early Adopters" in the Symantec AntiVirus section.

Proventsure replaced by IdentityFinder

Allison Henry, IST–System and Network Security — Wed, 22 Jul 2009 00:00:00 -0700

The campus license for the Proventsure software suite, the tool campus users currently use to identify restricted data stored on campus computer systems, will expire July 31, 2009. IdentityFinder is the replacement tool that is now available free of charge to the campus community.

Before sourcing your technology...

Chris Ashley, Erika Donald, and Karen Eft, OCIO–Security, Privacy, and Policy — Tue, 07 Apr 2009 00:00:00 -0700

A variety of technology support services such as email, blogging, webhosting, collaborative tools, and data management are available from outside organizations and companies. These services may offer great utility, the latest technology, low cost, and other very attractive benefits, but there are risks. This article discusses the importance of a departmental or campus review before sourcing any technological service.

Finding restricted data on campus computer systems

Allison Henry, IST–System and Network Security — Mon, 30 Mar 2009 00:00:00 -0700

Over the last two years, System and Network Security (SNS) has tested and distributed various restricted data search tools to the campus. Earlier solutions offered some success, but limitations have motivated us to continue to look for better solutions. Our current scanning program offers several restricted data identification tools, ranging from self-assessment software to service-based clients reporting to a central management console.

Annual credit-card compliance process

Kate Riley, IST–Infrastructure Services — Thu, 05 Mar 2009 00:00:00 -0800

In order to conduct credit-card transactions, merchants must meet the security standards set by the Payment Card Industry (PCI) Security Standards Council. Every year, the UC Berkeley Controller's office must submit an attestation confirming that campus merchants have implemented their credit-card acceptance solutions in a manner that adheres to the Payment Card Industry Data Security Standard (PCI DSS) Requirements and Security Assessment Procedures. This article explains how the certification process works.

Security alert update: Internet Explorer 0-Day exploit

Mike Blasingame, IST–Infrastructure Services — Wed, 17 Dec 2008 00:00:00 -0800

Microsoft has released Security Update for Internet Explorer (960714) to address the vulnerability in all currently supported versions of Internet Explorer. The patch is available from the campus WSUS service.

Security alert: Internet Explorer 0-Day exploit

John Ives, IST–System and Network Security — Tue, 16 Dec 2008 00:00:00 -0800

A new Internet Explorer (IE) exploit is being used to compromise Windows systems. At this time, the only preventative option available is to use a browser other than IE such as Firefox, Opera, or Safari. Microsoft has announced it will release an out-of-cycle patch for this bug tomorrow, December 17. System and Network Security strongly encourages everyone who uses IE to be sure to apply this patch as soon as it becomes available.

New departmental security contact registration application

Karl Grose, IST-System and Network Security<br /> — Fri, 29 Aug 2008 00:00:00 -0700

The campus Departmental Security Contact Policy requires each department to appoint a security contact who can be notified in the event of a computer or network security incident. SNS has available a new web-based application that allows these security contacts to view, update, and maintain their own list of IP addresses and contact information.