Information Technology Services

Wave pattern

Guide: Cybersecurity for Employees

All UC Santa Cruz employees—including faculty, staff, contract employees and student employees—have legal, contractual, and ethical obligations to protect the confidentiality, integrity, and availability of UC Santa Cruz systems and data. Learn more about information security requirements for UCSC staff, along with best practices for staying safe and secure. Related guide: Cybersecurity for Students

In this guide

Report an information security incident

Learn how to report a compromise of the privacy, integrity, or availability of UC Santa Cruz data and systems.

Report a security incident
Green dash

Security requirements for employees

1. Complete cybersecurity awareness training

Annual cybersecurity training is mandatory for all University of California employees—including UC Santa Cruz faculty, staff, student employees and contract employees. The training takes approximately 35 minutes to complete. You will receive email reminders, and can confirm your current status in the UC Learning Center (login required). 

Managers and supervisors: make sure that your team members, including student employees, complete the course annually.

2. Connect devices securely

All devices that access UC Santa Cruz data and resources must comply with UC security control standards. This includes using multi-factor authentication, running an up-to-date operating system, and having an active firewall and antivirus software. Devices that do not meet these standards may be blocked from accessing systems or disconnected from the network.

Some UC Santa Cruz systems require enhanced security measures. Learn more about Verified Access—what it is, when it’s needed, and how to set it up. Note that all ITS-Managed Computers are automatically configured for Verified Access.

Green dash

Security best practices

Backup Files

Data Breaches

Downloads

Doxing

Firewall

Identity Theft

Job Offer Scams

Lock Screen

Mobile Devices

Online Scams

Operating System

Passwords

Physical Security

Phishing

Unnecessary Services

Verified Access

Green dash

Policies

The University of California System has minimum security standards for all users and devices that access UC data or resources. Learn more about UC policies and responsibilities:

Group of people having a meeting
Green dash

Services and contact

Information Security Services

Contact

Need support with information security?

Last modified: May 09, 2025