"The mission of the Information Security Office is to help our colleagues protect student data and maintain trust in the University."
Please send your security questions, consulting, and operational requests by email to firstname.lastname@example.org. Report information breaches and other urgent issues by phone at 310.506.4040.
Quick Links - Look Here First
- RESTRICTED Data - if you have health records or credit card/driver's license/social security numbers find out what you need to do.
- Resources - tools you can use to secure data and systems for which you are responsible.
- Tips - our quick reference guides and short videos to help you secure data.
- Policy - policy, standards, guidelines, and procedures to keep good intentions from turning into a bad result.
- ISO Catalogs - Services we provide and operate and Standards you must apply to your mobile, computer, server or application.
Work Securely Wherever
October is National Cyber Security Awareness Month (NCSAM). Pepperdine's theme for the month, Work Securely Wherever, covers a subject of opportunity and great risk -- remote work. Watch your email for announcements, changes, tips and trainings for actualizing this theme. For security and efficiency in administrative and academic work, especially when working remote from campus, please follow the guidelines below and call the Information Security Office x4040 with any security questions.
Use the University's Secure Collaboration Tools
View this Google Doc for detail on the University secure collaboration tools:
- Google Workspace: Mail, Drive/Docs, Calendar, Chat (read the ISO white paper on Google Workspace privacy and security)
- Google Meet and Zoom video conferencing clients.
- Attachments, eSign, Imaging, WaveNet
- Pepperdine Softphone Client (Jabber)
Follow these practices to comply with the Computer and Network Responsible Use Policy:
- keep your computing device updated timely with security patches;
- keep its firewall on and physically secure your device;
- do not circumvent security controls for expediency, but please call our office for advice;
- and don't share your password.
Use the DUO Mobile app for SecureConnect
- The DUO Mobile app "push" notification is faster and more secure than SMS
- DUO Mobile works even when your phone doesn't have service.
Follow the University telecommute policy
This policy, updated by UMC June 2021, mandates the following actions for remote work:
- You MUST use a University owned and managed computer for University work.
- You MUST NOT use a personally owned computer for University work.
- If you are storing, printing, or processing "RESTRICTED" data (e.g. social security, customer credit card, CA driver's license, or healthcare treatment info) you MUST use a University-owned & managed PGP/SafeGuard encrypted computer. Please call our office for questions on your Restricted data workflows.
- If you're using a mobile device to check email or collaborate:
- Apply security updates as they become available.
- Use the native Google Workspace apps for efficiency and security.
- Be sure to set a strong PIN and lockout for failed attempts on your device.
Five Ways ISO Helps You Protect Data and Preserve Trust
Pepperdine University has created the Information Security Office to assist the community in keeping our data secure. The ISO security program consists of training, consulting, policy, systems, and monitoring/response activities.
Annual training events include:
Training for the entire community
- October National Cyber Security Awareness campaign for students, faculty, and staff.
Training for students
- We give talks and participate during New Student Orientation events in August.
- We offer an online class that is available to all students on Courses.
Training for departments and academic divisions
- We routinely hold "Information Security for Managers" briefing meetings on several campuses and online.
- We offer an online security class that is available for all staff and faculty.
- Our team can also provide tailored 15-60 minute training sessions for your department meeting or specific groups. Please call us to discuss!
Need to find a secure way to efficiently do your business? Start with a call to us to discuss at x4040.
3. Usable policy, guidelines, and standards
While the Information Security Office doesn't make policy, we advise those that do. During this process, our goal is to promote workable security policies, guidelines, and standards. Pepperdine has security policies comparable with the best of our peer institutions.
4. Security systems and services
Our office offers a robust service catalog. Here is a quick overview of some of our systems:
- Our firewalls, network access controls, and intrusion detection systems stop tens of thousands of attacks daily, from the internet and devices walked onto campus nets.
- The spam filter stops 99+% of spam, phishing, and email viruses and blocks sending "RESTRICTED" information.
- Attachments.pepperdine.edu is easy to use to send "RESTRICTED" information or very large files securely.
- Every computer on the network is registered and University-owned servers or computers receive configuration and patch management.
5. Monitoring & incident handling
- We analyze network intrusion attempts and prepare new defenses every week.
- When there is a security incident ISO works to identify, contain, and eradicate the threat and helps with restoring service and improving defenses.