Submitting the SecureConnect Exception Request Form


Overview


The following guide provides instructions on how to request an exception to the SecureConnect network security requirements on UC San Diego’s campus network. More information about the exception process can be found on the Exception Process Blink page.

Devices that are in-scope and should not need exceptions include:

Devices that are in-scope and may need to submit exceptions include:

All devices that are currently out-of-scope will not need an exception at this time. Please note, an exception does not need to be submitted if you do not need access to trusted resources.

Critical Concepts


Exceptions will need to be submitted for devices that require access to trusted resources and fall under at least one of the following categories:

At the end of the form, you will have the opportunity to add all the devices that your exception request applies to. Please submit separate forms for each combination of exceptions you need.

For any unmanaged devices that need access to trusted resources and do not fall under at least one of the above categories, please see the corresponding guides for enrolling in Intune:

Chromebooks do not need to submit exceptions or install Intune Company Portal at this time for access to trusted resources. If you have a Chromebook and receive a pop-up for internet-only access when using UCSD-Protected, please visit the following article: Chromebooks - Internet-Only Captive Portal on UCSD-Protected.

If you are unsure about how to answer any of the questions on the form, please reach out to your supervisor and/or departmental IT team for further assistance.

Steps to Take


  1. Navigate to the SecureConnect Exception Request form. Make sure you have logged into the Support Portal before accessing this form.
    1. Alternatively, you can navigate to ‘support.ucsd.edu’, log in, and search for “SecureConnect Exception Request”.
  2. Your name and email will be pre-filled in the “Full Name” and “Email” fields. Verify this information is correct. If it is not, please contact your departmental IT for further assistance.
  3. Your first step in filling out the form is to read through the “Submission Agreement" and click the checkbox next to “I Agree”.
    1. Screenshot of Submission Agreement, Full Name, and Email fields
  4. Determine the Protection Level, Availability Level, and Risk Level of the data on your device using the drop-down menu. For more information on each term, click on the red question mark located next to each question.
    1. Screenshot of P-Level, A-Level, and Risk Level fields with blue arrows pointing to the red question marks at the end of each of these questions
  5. Select the period of time you will need the exception for. You can submit a new request later on if you need the length of your exception to be extended.
    1. Screenshot of length of exception question with dropdown menu options visible
  6. Fill out your Department Information. Once you select your department under “Select your unit:”, the “Unit Head Approver” and “Unit Information Security Liaison (UISL) Approver” fields will auto-populate with the people that will need to approve your request.
    1. Screenshot of an example of the unit head approver and UISL approver fields autopopulating after a unit is selected
  7. Determine the type(s) of exception you are requesting. This may be more than one option depending on your device.
    1. Screenshot of the question asking about which exception you are requesting along with the selectable options
  8. Answer questions about your device and your request. Refer to the explanation provided for each question below. The form has example answers in the provided text box for each question for your reference.
    1. Please describe what UCSD business process this endpoint or system serves to provide:
      1. Explain what this device is typically used for as well as who uses it. The more detailed your response, the better the review team will be able to assess your request.
    2. Please provide a justification for the exception:
      1. Explain why you need an exception for the option(s) you selected in step 7.
    3. What types of data are stored / transmitted / processed using the device?
      1. Provide all data types that are accessed on your device.
    4. Please estimate the number of records:
      1. Use the drop-down menu to select whether the device handles less than 70,000 records or 70,000 or more records between all data types.
    5. Are there any regulations in scope for this endpoint or system?
      1. Make sure to include all regulations that must be complied with for all the different types of data accessed on your device. For instance, if you access student records on your device, you should write “FERPA”. If the types of data your device accesses do not have any regulations, please type “None”.
    6. Describe the technical and procedural controls implemented to address the vulnerabilities and risks:”.
      1. This will include any steps you have taken to mitigate or reduce the risk of unauthorized access, data leakage, or other forms of compromise on your device(s), should you be approved for an exception.
    7. Were alternative controls considered and evaluated?
      1. Describe any alternative controls that were considered but not implemented for further protecting the system you are requesting the exception for. As an example, alternative controls considered for a system running Windows XP that needs access to trusted resources is installing Trellix HX to detect for bad activity.
  9. Fill the “MAC Addresses” question with all of the DNS/hostnames and MAC Addresses of the devices you would like this request to apply to.
    1. If you are unsure of how to find a device’s hostname, please refer to the following article: Finding a Device’s Hostname.
    2. If you are unsure of how to find a device’s MAC address, please refer to the following article: Find the MAC Address of your Device.
    3. You have the option under “Actions” to edit or remove any rows that you have added to this table.
    4. Screenshot of an example entry under the question asking for all associated MAC Addresses
  10. If you have any attachments that would assist the unit approvers with making a decision on your exception request form, you can add them by clicking on “Add attachments” at the bottom right of the form.
    1. Screenshot of the "Add attachments" button on the bottom right of the form

Post-Submission Process


Your request will first be reviewed by the Risk and Compliance team. During this stage, members of this team may contact you in order to gather additional information regarding your request. Once all of the necessary information has been gathered, your request will then be reviewed by your Unit Head and CISO for approval. 

If you still have questions or need additional assistance regarding questions about exceptions and filling out the exception form, please contact your departmental IT.
If you experience any technical issues with the form, please contact the ITS Service Desk. You can call us at (858) 246-4357, email us at support@ucsd.edu, or submit a ticket at support.ucsd.edu.