What is an Information Security Incident?
A Security Incident is a violation of computer security policies, acceptable use policies, or standard computer security practices. An "IT security incident" could:
- Result in misuse of confidential information (social security number, grades, health records, financial transactions, etc.) of an individual(s).
- Jeopardize the functionality of the University’s IT infrastructure.
- Provide unauthorized access to university resources or information.
Examples of Information Security Incidents include:
- Hacking a University system
- Using University IT resources to hack into any non-University computer system
- Using University IT resources to harass or threaten someone
What to do when you suspect a security incident
An IT security incident is defined as an event that impacts or has the potential to impact the confidentiality, availability, or integrity of University information technology resources. Having an effective incident response is essential in mitigating damage and loss due to an information security incident. Proper handling of such incidents protects the University’s information technology resources from future unauthorized access, use or damage.
Please report any information security problems or potential problems immediately. Timely reporting will allow the ISCO to determine if further investigation is necessary and to limit any further damage or loss of data. Please see the Incident Response Procedure for further guidance on steps to take if you suspect an incident.