Overview
The scope of this service offering includes (but is not limited to) the following:
- Authorized investigations into suspected misuse of University information systems.
- Assistance with finding computers that cannot be located or are reported as either lost or stolen.
- Leading a “Data Breach Response Team” to jointly develop and periodically update a documented data breach response plan.
- Coordination of periodic “table top exercise” to walk through and update the documented data breach response plan (as may be needed).
- Management of the University’s response to known or suspected data breaches including coordination with the University’s Data Breach Response Team, third party product and service providers, government agencies, and members of the Framingham State University community and/or organizations affected by the breach.
Eligibility
All Faculty and Staff are eligible for this service.
Prerequisites
None. Except for requests for investigations into suspected misuse of University information systems which must be initiated, approved, and conducted in accordance with Framingham State’s policy.
Features and Benefits
- Determining whether or not systems have been compromised, or if a breach of information security has occurred, and if so to what extent including the systems and people affected.
- Adequately preparing the University by ensuring that Framingham State personnel and third party product or service providers have the resources and knowledge necessary to respond to and investigate security incidents efficiently and effectively.
- Mitigating the impact of a compromised system or breach of information security.
- Management of a coordinated response including remediation, communication, and reporting.
Requesting the Service
Click on “Request Assistance” from this web page in order to provide us with some basic information about your unmet or anticipated need and then submit your request.
Related Documentation
- Acceptable Use Policy
- Information Security Breach Response Plan for Framingham State University
- Information Security Program for Framingham State University
- Policy on Requests for Investigations into Suspected Misuse of University Information Systems
- Policy on Tracking Computers with Capability of Storing Personally Identifiable Information
Fulfillment Target
Response from someone within Information Technology Services (ITS) will be determined by the urgency of the incident or request based on a preliminary assessment, for example within 4 hours for situations potentially involving Personally Identifiable Information (PII) or before the end of the next business day for anything determined to involve less potential risk of loss or damage.