Recognize and Report Information Security Incidents
In recent years, technology has made storing and sharing information easier than ever before. Unfortunately, information security threats have also increased at an exponential rate.
Although the Saint Louis University Information Security Policies stipulate how information on campus should be accessed and used, many students, staff and faculty have questions about how to recognize and report information security incidents on campus.
There are three types of information security incidents:
- Malicious: Providing information to an unauthorized individual or company; initiating or perpetrating the spread of a computer virus, malware or spyware; receiving or sending inappropriate e-mail. For example, if you are aware of someone providing information to others without the proper authorization, it is your responsibility to report this incident.
- Misuse: Using unapproved or unlicensed software, using someone else's login credentials to access a system, application or data; falsifying data; improperly storing, printing or copying restricted or sensitive data. For example, if someone asks for your SLU Net ID and password, you should report this security incident right away.
- Theft/Loss: Exposing restricted or sensitive data to inappropriate individuals or companies; loss or theft of any device used to store restricted or sensitive data. For example, if you misplace a mobile device used to store Saint Louis University restricted or sensitive data, please report this incident.
Report any known or suspected information security incidents to the Information Technology Service Desk at 314-977-4000 or firstname.lastname@example.org. All reported information security incidents will be investigated under the direction of the University Information Security Officer and you will be guaranteed anonymity both during the investigation and afterwards.
For general questions about information security, please contact the Office of Quality Assurance directly at email@example.com. Information security is a shared responsibility. Let's work together to protect the integrity and security of our information.