Report Security Threat or a Potential Breach

Introduction

The best way to maintain a safe campus environment on and off line is to have full cooperation of all involved. If you notice something that is not quite right please let us know so we can address it and fix it before it becomes a large problem.

Incidents should be reported as soon as possible so that the team can begin their investigation and evaluation.

Report the incident

Data to include:

• Date of incident (suspected or known)
• Time of incident (suspected or known)
• Impact of incident (# of records, etc)
• Method of incident (hack, accidental disclosure, etc.)
• Point of contact information (Email and phone details)
• Do NOT include any sensitive information/actual records

Examples of a Breach

• Student grades sent to the wrong student
• Student transcripts sent to the wrong school
• Student schedule posted publicly
• Non-directory student data exfiltrated from a server
• Breach of student data due to compromised credentials
• Student hard copy records left in the open and viewed by someone who normally would not have rights to such information
• Lost or stolen unencrypted USB flash drives containing sensitive information
• Stolen student hard copy records