Basic Socreg Functions and Use Cases

The following instructions explain how to establish a Security Contact and register assets to receive security notices about those assets.

Establish a Security Contact by using the sidebar item Asset/Access Requests.

  • If you are not a member and a Security Contact exists, you may request to join the membership by selecting “Request membership” from the drop-down menu. Someone in the Security Contact will have to approve your request.

  • If there is not a Security Contact for your department, you may request one, by selecting "New Departmental Request" from the drop-down menu.

Once you are a member of a Security Contact, you can view and edit the Security Contact and its membership.  Each type of asset has its own tab where you can view the asset, add new ones, or remove them.  Once an asset has been registered to your Security Contact you will receive any security notices involving it to the email address of the Security Contact. Other Socreg business emails will be sent to the members’ email addresses.

Please note: Users accessing socreg.berkeley.edu from an off-campus IP address, or while connected to CalVisitor, will need to use the campus VPN to connect.

Use Case #1

Your department has a number of subunits that each manage their own network resources.

Solution:  Socreg supports a parent-child relationship through “Group Security Contacts"

Group Security Contacts:

  • Establish a Security Contact

  • Claim subnets and IP addresses for your Security Contact

  • Create Group Security Contacts for each sub-unit

    • You will automatically be the first member but you can add others by CalNet ID.

    • Check "Security Notices to parent also?” if notices should also go to the parent Security Contact 

  • Now members of the Group Security Contacts can:

    • Claim subnets and IP addresses for their Security Contacts

    • Add and remove members to the Security Contact

  • You can be a member of both the parent and child Security Contact.

Use Case #2

You manage all devices for your department, but some labs, research groups, or other sub-units would also like to receive notices for their systems directly.

Solution: Socreg supports additional notices through “CC IP addresses"

  • Under the “CC IPs” tab add other Security Contacts to your IP addresses if they should be copied on any security notices sent to that IP address.

  • Or, request CC IP addresses from other Security Contacts if you should be copied on their security notices.

Use Case #3

All of your department's IT resources are managed by IT Client Services.

Solution: Add IT Client Services to your Security Contact as a “Service Provider"

  • Add IT Client Services as the service provider for your Security Contact.  Note: please contact IT Client Services before making this change.  It is necessary to go through their onboarding process.

  • ITCS staff can now add and remove network assets for your Security Contact.

  • And ITCS will be automatically copied on any security notice sent to your registered assets, so they can help you resolve it.

Use Case #4

Your department maintains some systems internally, while other systems are supported by IT Client Services.

Solution: Create a “Group Security Contact” and add IT Client Services as a Service Provider

  • Create a Group Security Contact under your Department Security Contact and add yourself as a member.

  • Select IT Client Services as the Service Provider for this Security Contact. Note: please contact IT Client Services before making this change.  It is necessary to go through their onboarding process.

  • Move assets as appropriate from the Department Security Contact to the Group Security Contact supported by IT Client Services.

Use Case #5

You are a database administrator, application developer, or otherwise support applications/middleware. The system administrators for the servers hosting your services now receive security notices, but you would like to get these notices as well.

Solution: Socreg supports additional notices through “CC Security Contact IP addresses"

  • Establish a Security Contact 

  • Request CC IP Addresses for the systems hosting your services

  • The Security Contact claiming these IP addresses will need to approve your request

  • Once approved, you will begin to be copied on security notices for these IP addresses

Use Case #6

You are a researcher within a large department.  As part of your research, you have Protected Data on a server managed by Berkeley IT in the data center. 

Solution: Create a Group Security Contact under your Department Security Contact

  • Request the group from your Department Security Contact, providing its name, security notice email address, and other information.

  • Register your Protected Data (PD) Application to your new Security Contact, including Protection Level, number of records, etc.

  • Add components (IP Addresses, Devices, etc.,) to the PD Application even if those assets belong to other Security Contacts.

Please contact socreg@berkeley.edu for any questions or additional support.

Topics

SOCREG DOCUMENTATION