Dear Members of the UCSF Community:

Recent cyber attacks in the news are striking closer to home. These incidents can be detrimental on both an institutional and individual level. They require continued diligence by everyone within the university. I need each of you to take immediate action to assist in further securing the IT assets and data that you use and create at UCSF.

The following steps are mandatory and require your immediate action:

  • Any computer (laptop or desktop; UCSF-owned or individually owned) that you use to conduct UCSF business must have the BigFix program installed on it immediately. BigFix is a tool that allows us to track a computer to determine if a system meets UCSF minimum IT security requirements.
  • Individuals or departments who independently manage their own servers are required to immediately update security patches.
    • If an application will not operate with up-to-date critical security patches you are required to contact the application vendor immediately for resolution.
    • Per UCSF policy, unpatched computers will be subject to removal from the UCSF network.

While our Information Technology and Security teams continue to work diligently to secure our IT systems, we are all responsible to further protect our computers and data from external threats. I have directed our IT team to continue to be assertive to further fortify our security position. Take action now and be prepared for further security related instruction from UCSF IT.

Thank you,

Sam Hawgood, MBBS
Arthur and Toni Rembe Rock Distinguished Professor

Joe Bengfort
Associate Vice Chancellor and Chief Information Officer