CU Boulder research and learning activities generate a wealth of data that are critical to the mission of the university. The value of these data assets and the IT systems on which they reside attracts attackers who are sometimes successful in gaining unauthorized access. When a system that contains sensitive data is compromised, the university may be responsible for notifying individuals whose information may have been disclosed. For these and other reasons, it is important to notify the campus IT Security Office as soon as possible when a system compromise is suspected.
To assist in protecting our data assets, the IT Security Office on the CU Boulder campus is providing the following guidelines for defining, reporting, and acting should a security incident occur.
Let’s start by identifying some symptoms of a computer security incident:
- Something happens that is out of the norm
- The action is an attempt to do harm
- There is a loss of data
- There is a loss of access to resources you can normally access
- Behavior that cannot be explained
If you suspect a security incident has occurred, you should follow these security incident next steps. To report a security incident, please follow the instructions for filing a report.
We rely on our computers to perform many complex tasks and they are capable of storing copious amounts of data. For those reasons it is important that you are cognizant of normal behavior and are diligent to report behavior that is out of the norm.
Should you notice behavior that meets the above criteria, please report it to the IT Service Center at 303-735-4357 (5-HELP from a campus phone) or help@colorado.edu, or contact the Campus IT Security Office at security@colorado.edu.
