SOP 16.1 Information Security Incident Response Procedure

              ONLY YOU CAN REPORT SECURITY INCIDENTS

 

What is a Security Incident?

A security incident is any attempted or actual unauthorized access, use, disclosure, modification, or destruction of information. This includes interference with information technology operation and violation of VCCS policy, laws or regulations.

Examples of security incidents include:

  • Computer system breach
  • Unauthorized access to, or use of, systems, software, or data
  • Unauthorized changes to systems, software, or data
  • Potential unauthorized disclosure of sensitive information, such as PII (Personally Identifiable Information}
    or FERPA protected student data
  • Loss or theft of equipment storing institutional data
  • Denial of service attack
  • Interference with the intended use of IT resources
  • Compromised user accounts
  • inappropriate use of computers and the System Office network

It is important that actual or suspected security incidents are reported as early as possible so that VCCS can limit the damage and cost of recovery.  Include specific details regarding the system breach, vulnerability, or compromise of your computer and we will respond with a plan for further containment and mitigation.

All users of System Office computer resources are responsible for being vigilant for unusual system behavior which may indicate a security incident in progress and for reporting computer incidents to include:

  • Noting all important details (e.g. type of non-compliance or breach, occurring malfunction, messages on the screen, strange behavior, etc.) immediately and recording details of any suspicious activities
  • Not carrying out any own action, but immediately reporting the event as noted below.
  • If available, use automated reporting features such as the “Report Message” button in Outlook
  • Do not turn off your computer but disconnect it from the network (including wireless networks) if you suspect it might have been compromised.

How to report a System Office security incident:

Contact the Helpdesk or ITS Security through the Emergency Support Line at (804) 819-4915.  Inform your immediate supervisor about the incident.  Report the incident to the security office email at Abuse@vccs.edu.  All incidents should be reported only through channels that have not been compromised.  If any of the above reporting methods are compromised, verbal or face-to-face reporting should be used. 


Remember, “You are an essential ingredient in our ongoing effort to reduce Security Risk.”― Kirsten Manthorne