This section of the Knowledge Base provides some information on UCSB Secure, an initiative to invest in critical technology updates by ITS, the central IT organization for UCSB

While the timeline and requirements of Secure UCSB are driven by a new University of California system-wide mandate ordered by President Drake, it presents our campus with an opportunity to prioritize improvements to UCSB’s overall cybersecurity landscape.

Please also refer to the following that is provided by UC Santa Barbara Information Technology Page

• Project overview page: https://it.ucsb.edu/secure-ucsb

• Network changes: https://it.ucsb.edu/secure-ucsb/unified-network-service-model

• Device Security: https://it.ucsb.edu/secure-ucsb/securing-your-ucsb-device

• Required Cybersecurity training: https://it.ucsb.edu/secure-ucsb/cybersecurity-awareness-training-enforcement

• Common questions and FAQs: https://it.ucsb.edu/secure-ucsb/secure-ucsb-frequently-asked-questions-faq

Key Dates:

• May 7, 2025 - end of SMS/Text support for VPN, end of Pulse Secure support and new Ivanti VPN required

• May 24th, 2025 - when all UC owned PC, Apple, and Android devices are expected to be enrolled in management software for their respective operating systems

• December 15th, 2025 - Engineering II shutdown till January 15th for electrical and network work. Access to SSO cut off for anyone who has not finished their cybersecurity training over the last year (this is the third extension).

• June 14th, 2026 - launch of UCSB Secure part 2 with changes coming to VPN, DHCP, DNS, and how computers are registered for both wired and wireless. More info T.B.D.

Key Points:

• Any costs for the Device Security Platform will be absorbed by the Secure UCSB program per the new UCOP Cybersecurity Mandate.

• UC owned devices include anything purchased even partially by UC system-wide, UCSB, or any UCSB Department or organization/entity including Gift/Startup/Grant funds administered by any UC organization/entity

• UC owned computers, tablets and mobile devices will be installed with Trellix or equivalent Antivirus as well as operating system specific management and update software.

  • Apple computers: UCSB Jamf - Manual Enrollment ProcedurePreview

  • PC computers: UCSB Maas360 - Manual Enrollment Procedure (Computer, Laptop and non-mobile devices)Preview

  • UC owned linux devices will not be required to have management software installed on them at this time, however they are still required to have Trellix Antivirus installed and automatic updates enabled.

• Even personally owned devices on the wired or wireless networks will be required to have a minimal level of security

  • https://security.ucop.edu/policies/security-controls-everyone-all-devices.html

  • The above requirements have been posted for years the only change is they are going from "recommended" to "required"

  • Please note the above rules affect everyone and all devices, regardless of ownership or UC location. ITS has imposed additional requirements at the campus level.

• Per the ITS FAQ page: The MDM solution protects your sensitive data from unauthorized access through several key security features, such as device encryption, authentication policies, remote wipe in the event of a stolen or lost device, application management, and data separation (to protect campus vs. personal data). No devices enrolled in MDM and EDR software (whether a UCSB-owned or personal device) will allow access to your emails, browsing history, or any other standard, activity-related information. Learn more about privacy considerations.

  • That being said, Trellix Antivirus software needs "full disk access" to run and does have the ability to automatically delete malicious files, software, or in extreme cases wipe computers to protect other networked devices.

• ECI and ITS highly recommends you have backup software running on your computer. ECI is not responsible for loss of data resulting from the above.

• There are different and less restrictive rules for computers and devices NOT connected to the wider internet as well as a standardized form in ITS's servicenow portal to request exceptions. See ITS FAQ page for more information.