Saint Louis University appreciates your assistance in helping us provide a stable and secure computing environment.
Computer and Information Security Incident Quick Reference Guide
All users of SLU IT resources are responsible for reporting suspected and confirmed incidents. When an incident occurs, follow these tips:
- Stay calm. The information security team has a process in place to address these issues.
- Immediately document the event (i.e. time, date, file name, application name, how discovered, type of data loss or exposure).
- Don't act hastily. The accuracy of the information is more important than how quickly it is addressed and resolved.
- Do not modify or make any changes to the system. This could impact file logs or contaminate system evidence.
- Involve senior management early. Remind them that details of the incident are to be kept confidential especially in the early stages as data is being collected.
- Don't withhold information. All details, no matter how insignificant it may seem, should be shared so informed decisions can be made.
Report a Computer or Information Security Incident
- Email the information security team at firstname.lastname@example.org or call the ITS Help Desk at 314-977-4000
- To report a compliance issue, call 877-525-KNOW(5669).
What to Report
Serious incidents are those that meet one or more of the following criteria:
- Involves unauthorized access to, loss or theft of a device known to store, process or transmit sensitive information.
- Involves the suspected compromise of a critical enterprise security device, such as a data center firewall, border firewall, or authentication service.
- Involves compromise of an ITS-managed networking device, such as a router or switch.
- Causes the extended unavailability of a service critical to the University's mission.
Involves a significant number of University systems, indicating a widespread attack.
In the judgment of the CIO or ISO, poses a high severity risk to University systems or information.
Compromised user or email accounts associated with sensitive data should also be reported. Sensitive Data is a blanket term used to designate classes of data with a high level of sensitivity that the University is legally or contractually required to protect. At Saint Louis University, sensitive data refers to personally identifiable information (PII) such as:
- Social security number
- Credit card number
- Driver's license number
- Student records
- Protected health information (PHI)
- Human subject research
- Never e-mail sensitive or restricted data (such as your social security number or credit card information) to anyone. Email is not a secure form of communication. Instead, consider using the phone, fax machine or United States Postal Service. Never e-mail HIPAA or FERPA sensitive data.
- Use caution when storing sensitive or restricted information on readily mobile electronic storage devices such as CDs/DVDs, thumb drives, laptops, etc. These devices are easy to lose and make good targets for thieves because they are easy to sell and often valuable.
- Always confirm the identity of anyone who asks for your personal information whether over the phone or through email. "Social engineering" is when someone lies to you to get you to reveal your own confidential information and is often used with great success by identity thieves.
- SLU will never ask you to provide any sensitive or restricted information (full social security numbers, passwords, etc.) via e-mail or phone. When you call 314-977-4000 or e-mail a service desk you will be asked to verify your information with the last four digits of your social security number, your date of birth and your Banner ID if you are resetting your password.
- Maintain situational awareness when viewing sensitive or restricted data or talking about private matters when others are present.
- Always shred any documents that contain sensitive or restricted information (full social security numbers, credit card numbers, Banner ID numbers, medical records, purchase orders, etc.) instead of simply discarding them.
Email is one of the most effective tools in the cybercriminals arsenal. Spam filters stop much of the bad email that would otherwise end up in your inbox, but crafty cybercriminals know how to design their emails in a way that can circumvent your these filters.
Even though an email may seem to be real, the easiest and fastest way to spot a scam is if it asks you to confirm your passwords. SLU will never ask for a password in an email. Any email that asks for such personal information should be considered a phishing scam and reported to email@example.com, and then deleted.
Protecting SLU's data is everyone's responsibility. Whether sharing business data across the hall or traveling for business across the world, we must keep in mind information security best practices. Encryption can be used as one way to maintain the confidentiality of SLU's sensitive data.
What is Encryption?
Encryption is a method of encoding information from a plain text format into unreadable text.
Full Disk Encryption for Computers
SLU-managed computers undergo full disk encryption with the Symantec Drive Encryption software, also commonly referred to by the software name, PGP. Symantec Drive Encryption encrypts the hard drive of your computer. It is recommended that you use full disk encryption if:
- You handle sensitive data
- You regularly travel with your laptop
- You have a security requirement for encryption
Encrypting documents for storage (locally or on removable devices) or transmit (in email) adds a layer of protection to your sensitive information. Once you encrypt your documents using one of the methods listed below, the document cannot be opened by anyone without the password. ITS cannot help you recover passwords for documents you encrypt, so follow these guidelines before you encrypt:
- Have a backup of the document - If you lose the password it is not recoverable, so the information will be lost
- Store your passwords in a safe place - Each document will require a password, so this could amount to managing many passwords. Using a password manager tool such as password safe is recommended.
- Communicate the password for the document wisely - Sending the password in the same email as the encrypted document is not a good practice.
- If you have Symantec Drive Encryption, you can use Symantec PGP Zip that is included with that SDE license. However, this type of file cannot be emailed in our current mail system so you will need to use Send This File (available via the mySLU Tools tab).
External Drive Encryption Tools
There are many other options regarding tools you can use. You can purchase an encrypted external hard drive or thumb drive any place that sells computer supplies; 256-bit AES encryption is recommended for meeting most compliance standards.
Please contact ITS at firstname.lastname@example.org if there are additional types of encryption needed in your area.
It is important to be aware of current regulations, laws and safety tips to consider when traveling abroad. Additionally, the U.S. federal government has strict policies around export controls which can include technology and some data. More information about this can be found at SLU's Export Controls webpage.
To explore various countries travel restrictions, visit https://travel.state.gov.
To maintain contact with work, family and friends, most people who are traveling abroad prefer to use mobile electronic communication devices. Mobile electronic devices such as laptops, cell phones, and tablets, when taken abroad, may be successfully attacked with malware and automated attack tools. These devices, even when kept current with security software, may not be able to thwart such an attack.
Below is a checklist drafted in order to help you prepare for your trip abroad, including tasks to complete when you return to ensure you've done the best job of protecting yourself and your data against malicious activity. Even though these guidelines apply to business travel using SLU devices, adopting these best practices for your personal travel is recommended.