Change to CAS Service Registry will upgrade campus cybersecurity, assist greater use of Duo

Only campus technologists are likely to notice this change, although the entire campus will benefit.

In the second half of June, UC Davis will modify its CAS Service Registry, which identifies the applications and services that are allowed to use the campus Central Authentication Service (CAS) to secure their log-in processes.

CAS is a core campus resource used by approximately 1,900 UC Davis-related services and apps, including myucdavis, UC Davis Canvas and the Time Reporting System. They’ll continue to use CAS, and faculty, students and staff shouldn’t see any changes in how they log in to those services.

What will change is that apps and services not listed in the registry will be barred from using CAS. This change will block apps and services that might be fine, but have no affiliation with the campus. Limiting access will improve campus security.

Information and Educational Technology (IET) programmers have been compiling the list of services and apps that belong on the registry, partly by observing which ones have used CAS over the past year. They have been adding apps to the registry, and monitoring to make sure the services are not affected by the change.

Once all the testing is complete, IET will modify the registry by removing an existing “all-any” rule as soon as June 19. The date and time will be posted in advance to the campus status service, status.ucdavis.edu.

This change also satisfies an audit requirement, and sets the stage for another security improvement in the works for UC Davis: greater use of Duo multi-factor authentication.

IET is sending system administrators additional information, including instructions on how to add a service to the registry. Please send comments or questions to the IT Express Service Desk, 530-754-HELP.