Search Information Security site

 

Preventing and Reporting Security Incidents FAQs

If your computer or electronic device is stolen always contact the police first. If it was stolen on campus, you need to contact University Police. Otherwise, report the theft to local law enforcement.

What is an "information security incident"?

Although “information security incident” might sound like it refers to something specific, it actually refers to a wide variety of events, problems, and activities.  Simply getting an alert from an app that you do not recognize or losing your work laptop in public are concerns that you should report to InfoSec. If you notice anything out of the ordinary, report it immediately. 

Examples of security incidents

  • Phishing attacks where you click an unsuspecting link that turns out to be malicious
  •  Unauthorized alteration of University data, such as changing information on websites or in databases
  • Unauthorized use of a computing account (Don’t give out your password to anyone for anything)
  • Using information technology resources for unethical or harmful purposes
  • If someone gets access to your email, they not only have to ability to read your emails they can also send emails on your behalf

How can we prevent information security incidents?

From anti-malware to firewalls, our office takes a lot of preventative measures to keep the University’s systems and data protected.  Despite our best efforts, we still need your help to keep the University secure.  Sec_rity is not complete without “U”!

Consider the following steps to protect your devices and data:

  • Never leave your computer unattended in public…even if it is just for a second!
  • Protect your mobile devices with remote device management:
  • Record the serial numbers of your devices in case they do get stolen so the authorities will know what they are looking for (e.g. external hard drive, USB drive).
  • Use a secure network such as University VPN.  Public Wi-Fi is a hotbed for hackers.
  • Use stronger passwords, longer and more complex is always better. 
  • You wouldn’t give your ATM pin to anyone, so don’t give your passwords out either!
  • Anti-Virus and Anti-Malware software such as Symantec Endpoint or Microsoft Center Endpoint are available to you.
  • Do not store sensitive information such as SSNs or Banking Information on your computer, and if you must then encrypt your file drive.
  • Run full system back ups often, you never know when you will need to restore a back-up.

Who do I contact to report an information security incident?

Depending on what happened and how you became aware of the security incident, consider the following steps:

Stolen device with University data:

  1. Report the theft to local law enforcement.
  2. Report it to InfoSec at https://security.virginia.edu/report-information-security-incident.
  3. Monitor your account for unauthorized changes.
  4. If you stored sensitive information for another employer, you need to inform them of the theft.

Unexpected device or account behavior:

  1. Contact your LSP or the ITS Help Desk.
  2. If they are unable to resolve or you have a more immediate concern, report it to InfoSec at https://security.virginia.edu/report-information-security-incident.

Potential threat to University data or IT resources:

  1. If it includes physical danger, contact local law enforcement.
  2. Report it to InfoSec at https://security.virginia.edu/report-information-security-incident.

     Why report it?

    • According to the Acceptable Use policy, you are responsible for anything done under your computing account or using your credentials.
    • The incident reporting standard requires that you must report security incidents within one hour from the time an incident is discovered.
    • The faster you open a dialogue with InfoSec, the faster we can get your accounts back up and running.
    • InfoSec will help to keep your data safe.

    Report an Information
    Security Incident

    Please report any level of incident, no matter how small. The Information
    Security Office will evaluate the report and provide a full investigation.

    Complete Report Form