Information Technology Security Incidents
Reporting Security Incidents and Abuse Complaints
Computer abuse, including inappropriate or commercial use of resources, password sharing, software piracy, phishing attempts, chain mail, pyramid schemes, fraud, and forgery, should be reported to IT Help Desk, (609) 771-2660,firstname.lastname@example.org. Please forward suspected phishing attempts or suspicious email including the full email headers to email@example.com.
Virus infections: Disconnect the infected machine from the network immediately to avoid spreading the infection, then use another machine to consult the IT HelpDesk’s Virus Information pages or Symantec’s Security Update pages to find out what steps to take to repair the infection. If the infection is new on campus, it should be reported to the IT Help Desk, (609) 771-2660, firstname.lastname@example.org.
Theft: Please report all computer-related thefts to Campus Police (609-771-2167) as soon as possible and then refer to the section on reporting a Data Incident.
Data Incident: TCNJ IT department assists in responding to and investigating incidents related to computer and network security breaches, loss or theft of laptops, computers, USB or other portable storage devices, and unauthorized disclosure or modification of electronic institutional or personal information.
This information includes, but is not limited to:
• Social Security numbers
• Credit or debit card numbers
• State identification card numbers
• Driver’s license numbers
• Health records
In the event a security incident concerning a computer hosting sensitive institutional or personal data is suspected, the individual, supervisor, or other departmental representative should take immediate action to report the incident to the IT helpdesk as soon as possible.
1. Contact the IT helpdesk (609-771-2660 or email@example.com) and state that you believe a security incident has occurred. Provide your name and as many details as possible about the incident. It is critical that you notify the helpdesk as soon as possible.
2. Please do not continue using the suspected compromised system. Do not power it off, do not attempt to login, do not attempt to alter the system. These actions will delete forensic evidence that may be critical to your incident.
3. Please ensure no one uses the computer and do not take any other action until advised by an authorized representative from the IT Department.
4. Do not talk about the incident with any other parties until you are authorized to do so by a representative from IT.