UC Irvine

UCI Office of Information Technology
  1. Home
    2.  → 
  2. About OIT
    3.  → 
  3. OIT Campuswide Projects
    4.  → ZotDefend

ZotDefend

Quicklink(s)

UC Cybersecurity Mandate
Report an Incident

ZotDefend is an initiative by UC Irvine to enhance cybersecurity across campus by implementing new security standards, ensuring compliance through mandatory training, and deploying advanced security measures to comply with UCOP-mandated targets.

ZotDefend: Protecting UCI’s Digital World

As we become increasingly more collaborative online, protecting our shared electronic information is critical. Over the next year, UC Irvine will be working diligently to update, strengthen and elevate our security processes to achieve new security standards that all UC’s have committed to upholding.

We are branding this initiative, ZotDefend, as we roll out our plans to campus. Many of these improvements will be happening behind the scenes, but several, like Cybersecurity Awareness Training, will be the responsibility of our campus community as a whole, making it imperative that a strong awareness for the initiative is established.

What will Change?

  1. Cybersecurity Awareness Training – Integrate with UCI Single Sign-On (web login) process to display warnings to users whose training is due in 14 days and restrict application access once the training becomes overdue.
  2. Incident Response Process – Timely escalation of incident response in alignment with UC standards.
  3. Ensure identification, tracking, and vulnerability management of all university computing devices
  4. Endpoint Threat Detection and Response – All compatible university computing devices will be required to have the minimum security packages. Devices that do not meet this requirement will be restricted from certain UCI web applications and/or from parts of the UCI network.
  5. Email Duo Multi-factor Authentication – Disable UCI mail forwarders and provision UCI mailboxes for users without a UCI mailbox. Enforce DUO multifactor authentication for all university email accounts.

*For additional unit-level changes, please contact your local information security representative.

Estimated Enforcement Timeline

ZotDefend TargetEnforcementEnforcement DateStatus
Ensure cyber security awareness training for 100 percent of location employees.Warning of expiring and expired training after each SSO login.October 8, 2024Complete
Restricting access to SSO based applications until training is completed.Coming in 2025
Enable DUO multi-factor authentication (MFA) on 100 percent of campus and health email systems.Disable self-service forwarding.August 22, 2024Complete
Provision OIT-Managed mailboxes for alumni and retirees who does not have OIT-Managed mailboxes.September 2, 2024Complete
Self-register to DUO.AvailableComplete
Enforce DUO authentication to access email.January 24, 2025
Rehome student accounts forwarding email off campus11/8/2024Planning
Rehome employee (excluding active faculty*) accounts forwarding email off campusFirst week of Dec. 2024Planning
Deploy Endpoint Detection and Recovery software on 100 percent of university owned assets.Webpage to download the security package for self-managed endpoints.January 14, 2025
Block non-compliant endpoints from some Wi-Fi and VPN network access.Coming in 2025
Block non-compliant endpoints from some single sign-on application access.Coming in 2025

*For additional unit-level changes, please contact your local information security representative.

Jump to: General Information | Cybersecurity Awareness Training | Email Duo Multi-factor Authentication | Endpoint Threat Detection and Response


General Information:

  1. What is the purpose of this initiative? The initiative is being implemented to protect the University’s sensitive information and systems by strengthening UCI’s cybersecurity posture and mitigating potential risks. It includes the UC Cybersecurity Mandate 2025,  IS-3 encryption compliance, and IS-12 backup compliance.
  2. Who will be affected by this rollout? All employees, and all locations units regardless of whether the IT infrastructure is managed centrally.
  3. When will the rollout take place? The security enforcements will be rolled out in phases, see Timeline tab for more information.
  4. Will there be any downtime during the rollout? No, we do not expect any downtime.
  5. Who do I contact if I encounter an issue during the rollout? You can reach out to the Helpdesk for support.
  6. What is the minimum university endpoint security standard? Visit the page “Minimum Security Standards for all devices connected to the UCI Network or accessing UCI Information“.

Cybersecurity Awareness Training:

  1. What is cybersecurity awareness training? All UC employees are required to complete security awareness training annually. This is a system-wide requirement across all UC locations.
  2. Where do I go for the training? Log into the UC Learning Center (UCLC) and search: “UC Cyber Security Awareness Fundamentals”.
  3. When will I see the training non-compliance warning message? You will start seeing the warning message 14 days before your training is due. If the training is not completed by the due date, the warning will appear each time you log in to the web until the training is finished.
  4. When will I be restricted from web applications? Access to certain web-based applications will be restricted if you do not complete the required training by the due date. The enforcement date for these restrictions will be announced at a later time.

Email Duo Multi-factor Authentication:

  1. How do I self-enroll in Duo? Follow this link to self-enroll in Duo.
  2. I am an alumni, how do I request a UCI Gmail account? Contact Alumni Association.

Endpoint Threat Detection and Response:

  1. What devices will be impacted? All university computing devices and any device connecting to a high-risk network or application.
  2. The school manages my device. Where can I get more information? Contact the school information security lead. 
  3. I manage my device. How will I be impacted? A security software package will be available for self-install at a later date.
  4. Where can I download the security package? A link to the website will be provided here once the security package is available.
  5. What’s in the security package? The security package includes the following components:
    – Endpoint Detection and Response (EDR)
    – Anti-malware
    – Vulnerability Scanning
    – Virtual Private Network (VPN)
    – Security Posture Checking
    – Full Disk Encryption
  6. Will it impact system performance? We try to balance security and performance that will not impact the user productivity.
  7. Is there an exception process? Yes, on a case-by-case basis for rare exceptions that require OIT security to review and approve.
  8. How do you plan to enforce compliance? Certain parts of the network (WiFi/VPN) and enterprise applications will check and block access for non-compliant devices. 
  9. What are the minimum system requirements to install the security package? Windows systems require at least Windows 10 and TPM chip version 1.2 or later.
  10. When can I expect to receive the security package? For systems in the campus Active Directory domain, the estimated delivery date is currently the end of January 2025.

Project Status

  • Percentage Complete 40% 40%

Project Phase

Executing

Communities Affected

  • UCI Campus
  • College of Health Sciences

Start Date

July 2024

Projected Completion Date

May 28, 2025

Key Stakeholders

  • Client: All Campus and Health Employees
  • Sponsor: Kian Colestock
  • Project Manager: Josh Drummond