University of Minnesota  Procedure

Report Information Security Incidents

Sidebar

Expand all

Sidebar

Table of Contents

TOC placeholder

Questions?

Please use the contact section in the governing policy.

It is critical that University community members report actual or suspected information security incidents as soon as possible. Timely reporting will assist the University in the investigation and resolution of an incident.

Report information security incidents to University Information Security (UIS) ([email protected]). To report anonymously, use the University UReport confidential reporting system.

What is a Security Incident

A security incident is any suspected, attempted, or successful unauthorized access, use, disclosure, modification, or destruction of information; interference with operations of IT Resources; or a violation of University policy, laws, or regulations.

Examples of security incidents include:

  • Intentional or unintentional interference with the integrity, confidentiality, or availability of IT Resources
  • Suspected breach or disclosure of private data
  • Suspected lack or circumvention of physical or technical security controls
  • Suspected compromise of a device, system, or account (e.g. social engineering)
  • Harassment of or by individuals using University of Minnesota IT Resources
  • Loss or theft of a University device or equipment
  • Violations of Acceptable Use of Information Technology Resources

For additional examples of information security incidents, see Recognize and Report Information Security Incidents.

Reporting Procedure

For suspected breach or disclosure of private data due to a lack of physical or technical security controls, or compromise of a device, system, or account:

  • Immediately disconnect all network access (e.g. put in airplane mode, disconnect network cable) and stop using the devices or systems.
  • Do not use, turn off, or reboot devices or systems involved in a suspected security incident until instructed to do so.
  • Communicate via alternate methods (e.g., use a different device, call Technology Help at 612-301-4357) to report the incident to UIS using the following guidance.

For all suspected security incidents:

  • Immediately report the details of a suspected security incident to UIS ([email protected]) Include:
    • Contact information of who is involved
    • IT asset information (e.g., IT asset type, service and asset tag)
    • The college/department involved
    • A brief description of what happened, including date/time
    • A general description of the type of data that may have been exposed
    • A general description of the impact of the incident
  • Alert your supervisor if appropriate. Do not discuss with other parties unless authorized.

For questions about what types of data/information are considered private, consult Examples of Public, Private and Confidential Information as well as the "contacts" listed in the policy.