Preventing and Reporting Security Incidents FAQs

If your computer or electronic device is stolen always contact the police first. If it was stolen on campus, you need to contact University Police. Otherwise, report the theft to local law enforcement.

Access answers to a specific question here:

 

What is an "information security incident"?

Although “information security incident” might sound like it refers to something specific, it actually refers to a wide variety of events, problems, and activities.  Simply getting an alert from an app that you do not recognize or losing your work laptop in public are concerns that you should report to InfoSec. If you notice anything out of the ordinary, report it immediately. 

Examples of security incidents

  • Phishing attacks where you click an unsuspecting link that turns out to be malicious
  •  Unauthorized alteration of University data, such as changing information on websites or in databases
  • Unauthorized use of a computing account (Don’t give out your password to anyone for anything)
  • Using information technology resources for unethical or harmful purposes
  • If someone gets access to your email, they not only have to ability to read your emails they can also send emails on your behalf

 

How can we prevent information security incidents?

From antimalware to firewalls, our office takes a lot of preventative measures to keep the University’s systems and data protected.  Despite our best efforts, we still need your help to keep the University secure.  Sec_rity is not complete without “U!

Consider the following steps to protect your devices and data:

  • Never leave your computer unattended in public…even if it is just for a second!
  • Protect your mobile devices with remote device management:
  • Record the serial numbers of your devices in case they do get stolen so the authorities will know what they are looking for (e.g. external hard drive, USB drive).
  • Use a secure network such as University VPN.  Public Wi-Fi is a hotbed for hackers.
  • Use stronger passwords, longer and more complex is always better. 
  • You wouldn’t give your ATM pin to anyone, so don’t give your passwords out either!
  • Antivirus and Antimalware software such as Microsoft Defender for Endpoints, which is available to you for free and for Macs and Linux as well as Windows.
  • Do not store sensitive information such as SSNs or UVA or other's banking Information on your computer.  (Be sure you are complying with Highly Sensitive Data (HSD) Protection Standard for Individual-Use Devices or Media if you have HSD on your drive.
  • Run full system back ups often, you never know when you will need to restore a back-up.

 

Who do I contact to report an information security incident?

Depending on what happened and how you became aware of the security incident, consider the following steps:

Stolen device with University data:

  1. Report the theft to local law enforcement.
  2. Report it to InfoSec at https://security.virginia.edu/report-information-security-incident within one hour of becoming aware of the theft.
  3. Monitor your account for unauthorized changes.
  4. If you stored sensitive information for another employer, you need to inform them of the theft.

Unexpected device or account behavior:

  1. Contact your LSP or the ITS Help Desk.
  2. If they are unable to resolve or you have a more immediate concern, report it to InfoSec at https://security.virginia.edu/report-information-security-incident

Potential threat to University data or IT resources:

  1. If it includes physical danger, contact local law enforcement.
  2. Report it to InfoSec at https://security.virginia.edu/report-information-security-incident  within one hour of becoming aware of threat.

     

    Why report it?

    • According to the Acceptable Use policy, you are responsible for anything done under your computing account or using your credentials.
    • The incident reporting standard requires that you must report security incidents within one hour from the time an incident is discovered.
    • The faster you open a dialogue with InfoSec, the faster we can get your accounts back up and running.
    • InfoSec will help to keep your data safe.