MSSEI Requirements Finder

A service overview and catalog of MSSEI Requirements Finder provided by the UC Berkeley IT Service Hub.

Description

This tool helps to identify which security requirements apply to devices, IT infrastructure, and IT services based on the campus Minimum Security Standards for Electronic Information (MSSEI).

The MSSEI applies to all computers, electronic information, and IT services used to do university business, regardless of device ownership or location. More sensitive systems and data have more requirements; less sensitive ones have fewer requirements. The MSSEI Requirements Finder looks at various parameters and provides a list of applicable requirements.

Note : This tool is designed to help individuals who manage IT Resources and Services determine which MSSEI requirements apply to them. It is not intended for those who only use campus-managed devices and services, as most (though not all) of the requirements will be managed by the Service Providers.

Benefits & Features

Generates a customized list of only the security controls that apply to your specific environment.
Provides integrated implementation guidance through direct access to "how-to" information.
Ensures that departments stay in compliance with both UC Berkeley standards and the broader UC systemwide Electronic Information Security Policy (IS-3)

Getting Started

How to Access and Use:

Connect to the campus network or bSecure VPN
Go to https://mssei-app.security.berkeley.edu and log in with your CalNet credentials
Follow the instructions listed
Export results via URL or CSV file for further use.

Service Details

Eligibility	This service is available to Faculty, Staff, Students, and Affiliates.
Contact	Technical Support: For assistance, email security-policy@berkeley.edu.
Availability	Available 24/7. Support is provided Monday–Friday, 8:00 AM – 5:00 PM PT, excluding University holidays and curtailment periods.
Cost	There are no direct costs associated with this service.
Data Classification	This service is rated for P2, A1 and R1 data. Compliance: Users are responsible for ensuring data handled within this service complies with the Data and IT Resource Classification Standards.