FAQ

How do I register P4 workstations as Protected Data Applications in Socreg?

Please see Instructions for Registering P4 Workstations in Socreg for step-by-step instructions.

Who do I contact if I think my CalNet credentials were compromised?

If you believe your CalNet credentials have been compromised, and you still have access to your account, change your password immediately. Instructions for changing your passphrase can be found online: https://calnetweb.berkeley.edu/calnet-me/manage-my-calnet-account#passph....

If you are not able to access your account, contact security@berkeley.edu.

If you have received notice from CalNet...

How would I know if my CalNet credentials were compromised?

You may not always know. Scams and malware that steal passwords are designed to be stealthy and unnoticed. Passwords are most frequently compromised one of three ways: Being tricked to giving up your credentials at a real-looking but scam website (AKA Phishing) Malware or other compromises of your device which installs software designed to run in the background and steal passphrases Re-using CalNet credentials for non-UCB websites, and the non-UCB websites are hacked and all credentials exposed

However, a couple of tell-tale signs of credential compromise are:

Your colleagues and...

Where do I find additional Information about Cloud Services?

For evaluating cloud service providers that handle P4 data on behalf of the University, the Information Security Office offers the Vendor Security Assessment Program (VSAP). The VSAP is intended to ensure that campus third-party service providers adhere to the same baseline level of security practices required for campus systems and applications that contain protected information and are managed and maintained by internal campus resources.

To request a VSAP evaluation for a P4...

How do I know if my intended use of service is in compliance with University policies?

The distinction here is that just because there is a contract in place with a supplier doesn't mean that it is appropriate for all use cases.

An example is our Google agreement which will meet the overwhelming majority of our needs in the e-mail/calendar space, but that is not HIPAA compliant and as such is not a good fit for use cases where Protected Health Information is in play. For assistance with IT policy questions, contact security-policy@berkeley.edu.

How do I request early disabling of CalNet ID or Berkeley email (bMail) accounts?

How do I request early termination of the CalNet or bMail accounts for an ex-employee before the end of the standard 90-day grace period?

Employees have a standard 90-day grace period after they have separated from UC Berkeley, during which they can access limited campus services, such as bMail. In rare cases, a department may want to request early termination of a former employee’s CalNet or Berkeley email (bMail) account before the end of the standard 90-day grace period.

Departments can contact policy-access@berkeley.edu to discuss...

Can I use the shared firewall service if I store sensitive or protected data?

The shared firewall service is not intended for systems storing sensitive data. Depending on the circumstances, you should either use a fully customizable Departmental Firewall or the...

How Do I Update My Socreg Profile Settings?

To change your profile settings in Socreg, log in and click your name in the top bar and then click ‘Settings’. Current options are:

Receive Release Email - this toggles whether or not you would like to receive the Socreg release notifications.

Note: This setting is different than the ‘...

I've received an "IP address to transfer" message.

Here we explain what it means and what you need to do.

You've received the message because Socreg has encountered a mismatch between the security contact that claimed an IP address (individually or by subnet) and the security contact that registered a subdomain.

(Note: In Socreg the assignment of a subdomain enables the transfer of IP address responsibility to the right party, but does not assign security contact responsibility).

For example, if security contact A registers a subdomain xyz.berkeley.edu and another security contact B claims subnet a.b.c.0/24 and there is a set of hostnames defined...

How are security notices routed?

Security notices are routed based on the registration information in Socreg.

For example, if an IP address has a registered Security Contact, the security notice is sent to that Security Contact, but if there is no specific IP address registration, then the notice is sent to the Security Contact that registered the subnet that contains the IP Address. Notices will also be sent to:

The registrant Security Contact’s Service Provider, if any.

The registrant Security Contact’s Departmental...