: skip to content : Home : Uni : Students : Research : Community : News : Events
150 years of Achievement: image of university student
Faculties : A-Z Directory : Library
  • A Guide to Reporting IT Security Incidents
-----------

A Guide to Reporting IT Security Incidents

IT Security Incidents

In this context an IT Security Incident is the suspicion or belief that someone is mischievously trying to affect or has affected the security of University information or a University IT facility.

OR

The belief that insufficient arrangements are in place to ensure the security of University information or a University IT facility.

Note if your workstation has been hacked, you must unplug the network connection immediately and contact someone responsible before powering it off.

 

IT Security Incident Details

When an IT Security Incident occurs your first reaction is best to keep calm. You can then gather as much information as possible regarding the IT Security Incident. Details that are important in the initial instance are the scope of the IT Security Incident, and the damage that may have been caused. Other important details are the value, sensitivity and criticality of the information or IT facilities that have been affected by the IT Security Incident. This will help you determine the priority of the IT Security Incident (Normal, High or Critical) and also the type of response you would like (Information only, Advice, Co-Ordination, Liason) from IT Security Support.

 

IT Security Incident Reporting Line

IT Security Incidents should first be reported to Local IT Experts (LITEs). LITEs are requested to complete the following page:

Webform to Report an IT Security Incident

If other staff are unable to contact their LITE, Local Area Network Administrator (LANAD) or IT Security nominee, staff are then requested to complete the page and submit as soon as possible and to the best of their abilities.

 

What is not an IT Security Incident?

IT Misuse or Abuse events occur which are not necessarily security "attacks" in themselves, but misuse events can be offensive and/or waste resources (including time). A form of IT misuse is SPAM email.

To deal with unsolicited commercial e-mail or Spam, please refer to the following link:

http://www.infodiv.unimelb.edu.au/systems/ube.html

 

 

Documents pertaining to the use of IT Resources in the University

8.1.R7 - University Computing and Network Facilities
http://www.unimelb.edu.au/Statutes/r81r7.html

Information Technology Policies, Strategies & Procedures Guide
http://www.infodiv.unimelb.edu.au/itpp/

 
top of page

Contact Us : Disclaimer & Copyright : Privacy