Skip to main content
Pepperdine | Community

Information Security

Technical team in a control room environment

Current Events

  • Wavenet Holds for SecureConnect enrollment will NOT prevent Students from registering for or enrolling in classes. These Holds are cleared daily Monday through Friday by 10:00am for users who signed up the previous day.
  • Message to Students regarding mandatory SecureConnect Enrollment sent on the following dates:
    • All Students - 12/5/2023 & 1/26/2024
    • Students without SecureConnect - 2/15/2024, 2/20/2024, 2/27/2024, 3/5/2024, 3/12/2024, 3/21/2024 & 3/25/2024
  • Criminals are phishing for your SecureConnect MFA code. Pepperdine will NEVER ask you for your code nor force you to use a code option to log into any website. Switch to DUO App push if you are using codes routinely for login.

    • Beginning February 1, 2024, users who choose the phone call option will be prompted to push a specific key to complete authentication or to report fraudulent activity. 

Mission

"The mission of the Information Security Office is to help our colleagues protect student data and maintain trust in the University."

Contact Us

Please send your security questions, consulting, and operational requests by email to iso@pepperdine.edu. Report information breaches and other urgent issues by phone at 310.506.4040.

Quick Links - Look Here First

  • RESTRICTED Data - if you have health records or credit card/driver's license/social security numbers, find out what you need to do.
  • Resources - tools you can use to secure data and systems for which you are responsible.
  • Tips - our quick reference guides and short videos to help you secure data.
  • Policy - policy, standards, guidelines, and procedures to keep good intentions from turning into bad results.
  • ISO CatalogsServices we provide and operate and Standards you must apply to your mobile, computer, server, or application.

Work Securely Wherever

"Work Securely Wherever" covers a subject of opportunity and great risk -- remote work. For security and efficiency in administrative and academic work, especially when working remote from campus, please follow the guidelines below and call the Information Security Office x4040 with any security questions.

Use the University's Secure Collaboration Tools

View this Google Doc for details on the University's secure collaboration tools:

Follow these practices to comply with the Computer and Network Responsible Use Policy:

  • keep your computing device updated timely with security patches (see also operating system end-of-support dates)
  • keep its firewall on and physically secure your device;
  • do not circumvent security controls for expediency, but please call our office for advice;
  • and don't share your password.

Use the DUO Mobile app for SecureConnect

  • The DUO Mobile app "push" notification is faster and more secure than SMS
  • DUO Mobile works even when your phone doesn't have service.

Follow the University Remote Work Policy

This policy, updated by UMC June 2021, mandates the following actions for staff or faculty with remote work agreements:

  • You MUST use a University owned and managed computer for University work.
  • You MUST NOT use a personally owned computer for University work.
  • If you are storing, printing, or processing "RESTRICTED" data (e.g. social security, customer credit card, CA driver's license, or healthcare treatment info) you MUST use a University-owned & managed PGP/SafeGuard encrypted computer. Please call our office for questions on your Restricted data workflows.
  • If you're using a mobile device to check email or collaborate: 
    • Apply security updates as they become available.
    • Use the native Google Workspace apps for efficiency and security.
    • Be sure to set a strong PIN and lockout for failed attempts on your device.

Five Ways ISO Helps You Protect Data and Preserve Trust

Pepperdine University has created the Information Security Office to assist the community in keeping our data secure. The ISO security program consists of training, consulting, policy, systems, and monitoring/response activities.

1. Training

Annual training events include:

Training for the entire community

  • October National Cyber Security Awareness campaign for students, faculty, and staff.

Training for students

Training for departments and academic divisions

  • ISO presents online annual mandatory basic online training in March, and entertaining monthly optional training & raffle for all faculty and staff.
  • We routinely hold "Information Security for Managers" briefing meetings on several campuses and online.
  • Our team can also provide tailored 15-60 minute training sessions for your department meeting or specific groups. Please call us to discuss!

2. Consulting

Need to find a secure way to efficiently do your business?  Start with a call to us to discuss at x4040.

3. Usable policy, guidelines, and standards

While the Information Security Office doesn't make policy, we advise those that do. During this process, our goal is to promote workable security policies, guidelines, and standardsPepperdine has security policies comparable with the best of our peer institutions.

4. Security systems and services

Our office offers a robust service catalog. Here is a quick overview of some of our systems:

  • Our firewalls, network access controls, and intrusion detection systems stop tens of thousands of attacks daily, from the internet and devices walked onto campus nets.
  • The spam filter stops 99+% of spam, phishing, and email viruses and blocks sending "RESTRICTED" information.
  • Attachments.pepperdine.edu is easy to use to send or request "RESTRICTED" information securely or to email very large files of any kind.
  • Every computer on the network is registered and University-owned servers or computers receive configuration and patch management.

5. Monitoring & incident handling

  • We analyze network intrusion attempts and prepare new defenses every week.
  • When there is a security incident, ISO works to identify, contain, and eradicate the threat and then helps restore service. ISO then leads lessons-learned meetings aimed at improving defenses.