Responding to a Security Incident
The Keene State College Office of the Chief Information Officer (CIO) responds to and investigates incidents related to misuse or abuse of KSC information and information technology resources and is responsible for coordinating campus communications and response. In the event of a breach or suspected breach of security, the department or unit must immediately execute each of the relevant steps below:
Report the incident to the Office of the CIO immediately. Time is critical. Send an email to firstname.lastname@example.org OR call 358-2526 and leave a message with your name, phone number, date and a brief summary. Do not make any other contact and/or leave messages elsewhere. The CIO will involve the appropriate individuals based on the scope and severity of the security incident.
Contact the KSC IT Security Manager (358-2597) for proper direction of preservation of electronic data. The steps should include:
- Disconnect the computer/devices(s) from the network. To disconnect the device from the network, simply unplug the Ethernet (network) cable, or if the computer uses a wireless connection, disconnect from the wireless network.
- DO NOT turn the computer device off or reboot. Leave the device powered on and disconnected from the network.
- Document date and time and location
Prevent any further access to or alteration of the compromised system(s). (i.e., do not log on to the machine and/or change passwords; do not run a virus scan). In short, leave the system(s) alone, disconnected from the network, and wait to hear from the KSC Security Manager.
If a suspected or confirmed intrusion / breach of a system has occurred, the CIO will notify appropriate campus authorities including; Dean, Directory or Department Head of the unit experiencing the breach, Internal Audit, General Counsel, and the Executive Vice President.
Reporting Inadequate Protection of Sensitive Data
If you suspect a weakness in the protection of sensitive institutional or personal data, immediately contact the security manager who will coordinate the investigation and react to potential risk. You can report the incident by sending an email to Security Manager.