Security Incident Response and Investigation

Overview

The scope of this service offering includes (but is not limited to) the following:

 

  • Authorized investigations into suspected misuse of University information systems.
  • Assistance with finding computers that cannot be located or are reported as either lost or stolen.
  • Leading a “Data Breach Response Team” to jointly develop and periodically update a documented data breach response plan.
  • Coordination of periodic “table top exercise” to walk through and update the documented data breach response plan (as may be needed).
  • Management of the University’s response to known or suspected data breaches including coordination with the University’s Data Breach Response Team, third party product and service providers, government agencies, and members of the Framingham State University community and/or organizations affected by the breach.

 

Eligibility

All Faculty and Staff are eligible for this service.

 

 

Prerequisites

None. Except for requests for investigations into suspected misuse of University information systems which must be initiated, approved, and conducted in accordance with Framingham State’s policy.

 

Features and Benefits

 

  • Determining whether or not systems have been compromised, or if a breach of information security has occurred, and if so to what extent including the systems and people affected.
  • Adequately preparing the University by ensuring that Framingham State personnel and third party product or service providers have the resources and knowledge necessary to respond to and investigate security incidents efficiently and effectively.
  • Mitigating the impact of a compromised system or breach of information security.
  • Management of a coordinated response including remediation, communication, and reporting.

 

 

Requesting the Service

Click on “Request Assistance” from this web page in order to provide us with some basic information about your unmet or anticipated need and then submit your request.

 

Related Documentation

 

  • Acceptable Use Policy
  • Information Security Breach Response Plan for Framingham State University
  • Information Security Program for Framingham State University
  • Policy on Requests for Investigations into Suspected Misuse of University Information Systems
  • Policy on Tracking Computers with Capability of Storing Personally Identifiable Information

 

Fulfillment Target

Response from someone within Information Technology Services (ITS) will be determined by the urgency of the incident or request based on a preliminary assessment, for example within 4 hours for situations potentially involving Personally Identifiable Information (PII) or before the end of the next business day for anything determined to involve less potential risk of loss or damage.

 

 
Request Assistance with Security Request Assistance with Finding Computers Report an Incident of Spam, Malicious E-Mail and/or Phishing Report a Response to Phishing

Details

Service ID: 52089
Created
Wed 6/22/22 4:37 PM
Modified
Mon 6/27/22 9:52 AM

Service Offerings (4)

Assistance with Finding Computers
Assistance with finding computers that cannot be located, have been misplaced, are lost or have been stolen.
Report Spam, Malicious E-Mail and Phishing
Use this service to report email phishing messages or inquire about the validity of email messages.
My Account may be Compromised - I Responded to Phishing
If you believe that you responded to a phishing attempt or otherwise gave out confidential data, request support now.