Saint Louis University appreciates your assistance in helping us provide a stable and secure computing environment.
Computer and Information Security Incident Quick Reference Guide
All users of SLU IT resources are responsible for reporting suspected and confirmed incidents. When an incident occurs, follow these tips:
- Stay calm. The information security team has a process in place to address these issues.
- Immediately document the event (i.e. time, date, file name, application name, how discovered, type of data loss or exposure).
- Don't act hastily. The accuracy of the information is more important than how quickly it is addressed and resolved.
- Do not modify or make any changes to the system. This could impact file logs or contaminate system evidence.
- Involve senior management early. Remind them that details of the incident are to be kept confidential, especially in the early stages as data is being collected.
- Don't withhold information. Share all details, no matter how insignificant they may seem, at SLUAware or call the ITS Help Desk at 314-977-4000 so informed decisions can be made.
Report a Computer or Information Security Incident
- Email the information security team at SLUAware or call the ITS Help Desk at 314-977-4000
What to Report
Serious incidents are those that meet one or more of the following criteria:
- Involves unauthorized access to, loss or theft of a device known to store, process or transmit sensitive information.
- Involves the suspected compromise of a critical enterprise security device, such as a data center firewall, border firewall or authentication service.
- Involves compromise of an ITS-managed networking device, such as a router or switch.
- Causes the extended unavailability of a service critical to the University's mission.
Involves a significant number of University systems, indicating a widespread attack.
In the judgment of the CIO or ISO, poses a high-severity risk to University systems or information.
Sensitive Data
Compromised user or email accounts associated with sensitive data should also be reported. Sensitive data is a blanket term designating classes of data with a high level of sensitivity that the University is legally or contractually required to protect. At Saint Louis University, sensitive data refers to personally identifiable information (PII) such as:
- Social Security number
- Credit card number
- Driver's license number
- Student records
- Protected health information (PHI)
- Human subject research
- Never email sensitive or restricted data (such as your Social Security number or credit card information) to anyone. Email is not a secure form of communication. Instead, consider using the phone, fax machine or United States Postal Service. Never email HIPAA- or FERPA-sensitive data.
- Use caution when storing sensitive or restricted information on readily mobile electronic storage devices such as CDs/DVDs, thumb drives, laptops, etc. These devices are easy to lose and make good targets for thieves because they are easy to sell and often valuable.
- Always confirm the identity of anyone who asks for your personal information, whether over the phone or through email. "Social engineering" is when someone lies to you to get you to reveal your confidential information and is often used with great success by identity thieves.
- SLU will never ask you for sensitive or restricted information (full Social Security numbers, passwords, etc.) via email or phone. When you call 314-977-4000 or email a service desk you will be asked to verify your information with the last four digits of your Social Security number, your date of birth and your Banner ID if you are resetting your password.
- Maintain situational awareness when viewing sensitive or restricted data or discussing private matters when others are present.
- Always shred documents that contain sensitive or restricted information (full Social Security numbers, credit card numbers, Banner ID numbers, medical records, purchase orders, etc.) instead of simply discarding them.
Email is one of the most effective tools in the cybercriminal's arsenal. Spam filters stop much of the bad email that would otherwise end up in your inbox, but crafty cybercriminals know how to design their emails to circumvent these filters.
Even though an email may seem to be real, the easiest and fastest way to spot a scam is if it asks you to confirm your passwords. SLU will never ask for a password in an email. Any email that asks for such personal information should be considered a phishing scam, reported to SLUAware, and then deleted.
If you think you have spotted a phish, please follow these instructions to report it.
Protecting SLU's data is everyone's responsibility. Whether sharing business data across the hall or traveling for business across the world, we must keep in mind information security best practices. Encryption can be used as one way to maintain the confidentiality of SLU's sensitive data.
What is Encryption?
Encryption is a method of encoding information from a plain text format into unreadable text.
Full Disk Encryption for Computers
SLU-managed computers undergo full disk encryption with BitLocker. BitLocker encrypts your computer's hard drive. It is recommended that you use full disk encryption if:
- You handle sensitive data
- You regularly travel with your laptop
- You have a security requirement for encryption
Document Encryption
Encrypting documents for storage (locally or on removable devices) or to transmit in email adds a layer of protection to your sensitive information. Once you encrypt your documents using one of the methods listed below, no one can open the document without the password. ITS cannot help you recover passwords for documents you encrypt, so follow these guidelines before you encrypt:
- Have a backup of the document. If you lose the password it is not recoverable, so the information will be lost.
- Store your passwords in a safe place. Each document will require a password, so this could amount to managing many passwords. Using a password manager tool such as Password Safe is recommended.
- Communicate the password for the document wisely. Sending the password in the same email as the encrypted document is not a good practice.
External Drive Encryption Tools
There are many other options regarding tools you can use. You can purchase an encrypted external hard drive or thumb drive from any place that sells computer supplies. We recommend 256-bit AES encryption to meet most compliance standards.
Please contact ITS at ask@slu.edu if there are additional types of encryption needed in your area.
It is important to be aware of current regulations, laws and safety tips when traveling abroad. Additionally, the U.S. federal government has strict policies around export controls which can include technology and some data. More information about this can be found at SLU's Export Controls webpage.
To explore various countries travel restrictions, visit https://travel.state.gov.
Most people who travel abroad prefer mobile electronic communication devices to maintain contact with work, family and friends. When taken abroad, mobile electronic devices such as laptops, cell phones, and tablets may be successfully attacked with malware and automated attack tools. Even when kept current with security software, these devices may not be able to thwart such an attack.
Below is a checklist drafted to help you prepare for your trip abroad, including tasks to complete when you return to ensure you've done the best job of protecting yourself and your data against malicious activity. Even though these guidelines apply to business travel using SLU devices, adopting these best practices for your personal travel is recommended.