Report a Security Incident
What is a Security Event?
Information Security’s (Security) sole responsibility is preventing unauthorized access to SIU networks, systems, and devices. Security is also responsible for protecting the sensitive information stored in University devices and systems, and shared between them. For this reason, most security events are detected by our Security team or by a diligent LAN Administrator.
A “security event” occurs when a student, faculty, or staff member recognizes that a technology device or system is functioning in a way that seems “out of the norm”—enough so that our security team is notified. Our security team may observe the situation and resolve the problem, or do a more thorough investigation to identify if there has been an attempt to break through the security mechanisms the University has in place to protect our systems; our students, faculty, and staff; our sensitive information; and our financial assets. If analysis by the security team determines that an event is a threat to, breach of, or damage created by malicious software or hackers, we escalate the event status to a security breach.
The following are examples of security breaches:
- Intrusion into any University system without authorization.
- Access to or theft of confidential or sensitive data.
- Access or damage to data using malicious software such as virus or malware.
- Loss of a University-owned device. Devices include: computers, laptops, phones, tablets, external drives, and memory sticks.
Depending on the device and/or information involved, one or more University and regulatory entities may require prompt notification.
What should be reported?
- Personal Devices
- University Devices
|What Happened||Report to||Contact Information|
|Received or suspect a scam email||Information Securityfirstname.lastname@example.org|
|Clicked a suspicious link or provided personal information
via email, website, or phone
|Information Securityemail@example.com or call SalukiTech at (618) 453-5155|
|Had a personal device stolen||SIU Department of Public Safety||If you have any personal information on the device you may need to contact all of your SIU and outside account holders.|
|Lost a personal device, external drive, or memory stick||SIU Lost and Found||If you have any personal information on the device you may need to contact all of your SIU and outside account holders.|
Security events at SIU should be reported and investigated to determine if an event requires an official “notification of exposure” as determined by SIU policy; contract agreements; state or federal law; or regulations such as FERPA, HIPAA, PCI. It is important to report suspected events promptly, so Security can determine if the event is a problem that needs to be resolved, or if the event is an actual security breach. Urgency in reporting and in taking action is essential, as a major security breach will certainly result in a loss of trust in the University by our students, faculty, staff, vendors, and community. Failure to report an event may result in disciplinary action, legal action, and/or fines from regulatory entities.