UC Davis teams have been working to improve cybersecurity layers across the university, as part of the UC Cybersecurity Mandate 2025. In April, Provost Mary Croughan sent a message to all UC Davis staff and faculty members, highlighting three things all employees must complete by May deadlines to be in compliance with this systemwide mandate. 

As of May 1, FOA employees are already well positioned to meet these requirements — thanks to the hard work of Admin IT.

1. Trellix installed on workstations. Admin IT has completed the deployment of Trellix on all FOA workstations (about 1,700 devices) and FOA-managed servers (around 300). Trellix is considered a tool for endpoint detection and response, or EDR, which means it helps detect, investigate and respond to cyber threats in real time — reducing the risk of malware, phishing attacks and other security incidents. See FAQs below for common questions on Trellix and EDR.

2. Multi-factor authentication for all email accounts. To meet the requirement that all email accounts be protected with Duo for multi-factor authentication, Admin IT alerted owners of 853 departmental email accounts about the need to update from OU-type accounts to the AD3 standard, which supports multi-factor authentication.  Based on responses from the account owners, Admin IT helped to either update or disable outdated accounts. In addition, 94 identity and access management accounts, known as IAM, were updated for Duo readiness.

3. Mandatory cybersecurity training is nearly complete. FOA employees are nearing full compliance with the mandatory UC Cybersecurity Awareness Training. As of May 1, approximately 96% of FOA staff members and student employees have completed the required training. If you’re among the few who haven’t yet, please log in to the UC Learning Center and complete the training by May 28.

These changes are part of a campuswide effort to reduce risk, improve resilience and better protect the university’s people and its data.

“I’m proud our Admin IT teams were able to help FOA meet this mandate on such a short timeline,” said Ken Ezeh, IT services and security director. “These updates give every staff member an additional layer of protection from bad actors. The training is also an important refresher for all of us, as attacks are getting more sophisticated with help from AI, so falling victim doesn’t necessarily have to do with technical competencies.”

For questions or support, reach out to Admin IT at adminithelp@ucdavis.edu.

FAQs about Trellix for endpoint detection and response:

• What is Trellix, and why is it on my computer?
• Trellix is a type of software known as endpoint detection and response, or EDR. This is security software that helps protect your computer from viruses, ransomware and other cyber threats. It watches for unusual activity and alerts IET if something suspicious happens. Trellix is the UC-approved EDR solution.
• Is Trellix watching everything I do on my work computer?
• No. This type of software monitors system-level activity (like programs running, files being accessed and network connections) to detect threats. It’s not reading your emails or measuring your productivity. Trellix logs websites visited for the sake of identifying the source of a cyberattack, similar to other antivirus software programs. This is kept on the device and not sent to Trellix or the UC Davis Information Security Office.
• Will Trellix slow down my computer?
• Most users shouldn’t notice a slowdown. This type of software runs in the background and is designed to use minimal system resources.
• What happens if Trellix finds something suspicious?
• It may automatically block or quarantine the threat, and it alerts the campus IT security team. In some cases, they may reach out to you to help investigate.
  
  Find additional FAQs on the 2025 Cybersecurity Mandate on the IET website.