Security - Report an Incident

Description

A security incident is a threat or possible compromise involving non-public institutional data. Non-public data is any data that is not posted on a website or made public on a regular basis through reports and other means.

If you have experienced what you think is a possible security incident, you must report it immediately by clicking on the Report Security Issue button on this page, and submitting the form to report an issue.

Your report must be made immediately after you become aware that a security incident may have occurred.

Examples of known or suspected security incidents that must be reported:

  • Attempts (failed or successful) to gain unauthorized access to a system or its data
  • Giving your username and password to someone else
  • Loss of printed information that is not public
  • Loss of a physical storage device containing data that is not public (e.g. a flash drive, an external hard drive, a laptop with such data on its hard drive)
  • A virus or malware infection of an institutional computer

Service Level Agreement: 1 business day

Scope/Constraints

This service and policy only applies to ISU data, ISU owned devices, or any devices connected to the ISU secure network.

Directions

You will need to provide the following information:

  1. Description of the incident.
  2. Location of the incident
  3. Type of network connection (if any).
  4. Type of data involved such as:
    1. credit card
    2. personal information, such as your social security number, passport ID, drivers licences.
    3. personal health information
    4. Any other type of information