Skip to content

Secure Software Configuration

Secure software configuration is essential to the management of cyber risk. UC's Secure Software Configuration Standard, linked to below, details the software configuration practices required to adequately protect UC's cybersecurity.

Proper configuration is not a guaranteed feature of all applications, no matter their source. Even prestigious or well-known companies sometimes fail to properly ensure an application's security. Any application, whether free or purchased, can represent a significant cyber risk if not properly configured. 

Units should use this standard, in conjunction with UC's information security policy, IS-3, to guide the configuration of their applications. It applies to all Locations and to all purchased, leased, open-source, in-house developed or cloud-based applications that are configured by a Unit or Service Provider. For information about cybersecurity resources near you, visit Location Information Security Resources.

To read the full standard, please click on the link below.

Copyright © Regents of the University of California | Terms of use