Colleagues,
There is a great deal of interest within the UCSF community to explore OpenAI / ChatGPT and other Large Language Models in the academic, research, clinical, and administrative areas of the university.
UCSF IT is actively working in collaboration with our Privacy, Procurement, and Legal teams to enable our first foray into this technology through UCSF’s Microsoft Azure cloud environment using the Azure OpenAI service. We expect to offer this as a secure and approved service in a phased manner beginning in August 2023.
In the meanwhile, until a secure and compliant solution is in place, do not use these technologies with sensitive UCSF data including identified or de-identified patient data, personnel data, confidential data, or otherwise sensitive UCSF data.
For additional guidance and updates, please reference the Data Protection and Large Language Models webpage. (MyAccess login required)
Thank you,
Joe R. Bengfort
Senior Vice President
Associate Vice Chancellor
UCSF CIO
Dear UCSF Community,
We are seeing an increase in cyber threats as a result of world events. Our IT teams are working together to bolster our defenses, but keeping UCSF safe requires vigilance from everyone.
Please follow these important recommendations to keep yourself and UCSF safe.
- If you’re not sure if an email is legitimate, click the Report Phish button in Outlook. See https://it.ucsf.edu/service/phish-alarm for instructions and support.
- Do not open unexpected or suspicious attachments:
- Do you know the sender? Look for email tags identifying external or suspicious senders. Look carefully at the email address. It should be spelled correctly and come from a trusted source , e.g., j[email protected] instead of [email protected]
- See https://it.ucsf.edu/how-to/email-tagging for information about email tags.
- Are you expecting an attachment from this person? If not, contact them to verify.
- If the email asks you to click a link:
- Pay attention to what the email is asking you. Attackers try to create feelings of familiarity, fear, or urgency to get you to click without thinking.
- Do you know the sender? Are you expecting a link from them? If not, contact them to verify.
- If you’re not sure, don’t click. Delete the email or report it using the Report Phish button.
- If you use a personal computer for UCSF...
Dear UCSF Community,
Given the increased use of phishing emails to launch cyber-attacks, UCSF IT will launch on Friday, April 16, an automated system that will provide visual tags on emails when:
- you receive an email from a sender that is outside of the UCSF community;
- the sender cannot be verified; or
- in other risky scenarios.
The “External Sender” tag does not indicate the email is or is not malicious but is intended to help you be more aware and cautious. External emails will appear in your inbox with a message like this:
Warning tags are an indication that the email may in fact be dangerous. While most of these kinds of emails get blocked by our system, some number make it through the filters and this tag will help you identify them.
Email tags are intended to increase your awareness of the origin and context of the email that you receive, especially from senders outside of the UCSF community. Read more about email tagging at https://it.ucsf.edu/how-to/email-tagging.
As phishing attempts increase, please continue to exercise caution, and report any suspicious email using the Phish Alarm tool: https://it.ucsf.edu/service/phish-alarm. If you need assistance in reporting suspicious email, please...
Dear UCSF Community,
I am writing to share a set of FAQs from the UC Office of the President regarding the system-wide data breach that the University of California reported last week.
I strongly encourage you to review the following resources to learn about the steps you should take to help protect yourself. This includes enrolling in the free credit monitoring and identity theft protection offered by UCOP in its April 2 update.
FAQs on the UC system-wide data breach
https://ucnet.universityofcalifornia.edu/news/2021/04/frequently-asked-questions-about-the-accellion-data-breach.html
UC Office of the President: April 2 update, including free credit monitoring and identity theft protection
https://ucnet.universityofcalifornia.edu/news/2021/04/update-on-accellion-breach-and-what-you-should-do.html
If you have questions about the data breach, the UC Office of the President asks that you send them to a special email address that has been created for this incident: [email protected].
I want to underscore the seriousness of this cybersecurity attack, which has affected many companies and universities across the country, and encourage you to stay...
To the entire UCSF Community:
I am writing to share an important update from the UC Office of the President regarding a cybersecurity breach. The UCOP IT security team informed the campuses that it had recently identified and contained a cybersecurity attack that resulted in stolen information. At this time, UCOP believes that the stolen information includes but is not limited to names, birth dates, Social Security numbers, and bank account information belonging to members of the UC community.
Please read the message from the UC Office of the President below—and take the protective actions UCOP recommends, including signing up for free credit monitoring and identity theft protection: https://ucnet.universityofcalifornia.edu/news/2021/04/update-on-accellion-breach-and-what-you-should-do.html
In addition, we believe the person(s) behind this attack are sending threatening mass emails to members of the UC community in an attempt to extort money. Anyone receiving this kind of message should report the suspicious email using the “Phish Alarm” tool. For information on how to do this, visit https://it.ucsf.edu/service/phish-alarm. If you need assistance in reporting suspicious email, please contact the UCSF IT Service Desk at 415-514-4100.
UCOP is working to determine what UCSF information may have been compromised. The investigation is ongoing and UCOP is working to confirm more information in the coming weeks. When more details are available, we will share those with you...