What is a Security Incident?

A security incident is any attempted or actual unauthorized access, use, disclosure, modification, or destruction of information. This includes interference with information technology operation and violation of district policy, laws or regulations.

Examples of security incidents include:

  • Computer system breach
  • Unauthorized access to, or use of, systems, software, or data
  • Unauthorized changes to systems, software, or data
  • Loss or theft of equipment storing institutional data
  • Denial of service attack
  • Interference with the intended use of IT resources
  • Compromised user accounts

It is important that actual or suspected security incidents are reported as early as possible so that the technology services team can limit the damage and cost of recovery for the district and it. Include specific details regarding the system breach, vulnerability, or compromise of your computer and we will respond with a plan for further containment and mitigation.

A security incident may also refer to the inappropriate use of computers and the district network. Common violations and examples of misuse include:

  • Communications for commercial or political marketing purposes
  • Email spam
  • Copyright infringement allegations

What should I do if I suspect a serious Security Incident?

A security incident is considered serious if the district is impacted by one or more of the following:

  • potential unauthorized disclosure of sensitive information
  • serious legal consequences
  • severe disruption to critical services
  • active threats
  • is widespread
  • is likely to raise public interest

If you know or suspect that the compromised system contains sensitive data, please take these steps:

  • Do not attempt to investigate or remediate the compromise on your own
  • Instruct any users to stop work on the system immediately
  • Do not power down the machine
  • Remove the system from the network by unplugging the network cable or disconnecting from the wireless network
  • Report the incident

In the case of a serious incident, please be aware that continued interaction with a compromised machine can severely affect later forensic analysis