”TigerSecurity Incident

Two people looking at a computer screen and one of them is pointing at the screen.

What is a “Security Incident?”

 

  • Attempts to gain unauthorized access to a system or its data. 
  • The unauthorized use of a system to process or store data. 
  • Changes to system hardware, firmware, or software without the owner’s knowledge, instruction, or consent. 
  • Non-electronic Information Security Incident: real or suspected theft, loss, or other inappropriate access to physical content, such as printed documents and files. 
  • Theft or other loss of laptop, desktop, phone, tablet, or any other device that contains Highly Sensitive information, even if the device is not owned by Clemson University. 

Reporting a Security Incident

Anyone who becomes aware of an information security incident should immediately report it to CCIT at ithelp.clemson.edu

 

My Device Was Lost/Stolen

Report a lost/stolen device by contacting the Clemson University Police Department at 864-656-0433 or go to the campus Police Station between the hours of 8:30 a.m. and 4:30 p.m., Monday through Friday.

 

I Think I’ve Been Phished

Users can report suspicious emails by using the Report Phishing button in the upper right corner of their outlook client. Or you can forward the e-mail to phishing@clemson.edu. After you report it, we recommend that you delete the email and reset the passwords on any user account that may have been compromised.

 

My Computer Is Acting Weird

If your computer is not acting as expected, you can contact your local support person to help diagnose the problem or bring it to the CCIT Help Desk located in Cooper Library.

 

Types of Security Incidents

Incident Category Definition Examples
Confidentiality The actual, suspected or potential loss, misdirection or other unauthorized use or disclosure of Protected Information.
  • Misuse of, access to, or disclosure of information to, an individual without a need to know or for an unauthorized purpose
  • Theft or Loss of an unencrypted device which stores data
  • Improper classification of information
  • Improper data or media disposal
  • Theft of documents or information, whether in hard copy or electronic form
Integrity The corruption of information such that the data is no longer accurate.
  • Intentional or unintentional data corruption
  • Unauthorized change to or destruction of production data or of a production system
  • Website defacement
Availability The inability to access data for any reason.
  • A denial of service attack
  • Malware that has “locked out” users of a system, service or application
  • A service outage or degradation of a system
  • Unauthorized destruction of data
  • Physical damage to or destruction of Clemson infrastructure that impacts Clemson’s ability to provide a service
Intrusion An actual, suspected or attempted system intrusion, system security weakness, or unauthorized access to a computer or system or the identification of a security weakness that may give rise to or facilitate an intrusion.
  • Hacking events not resulting in data compromise, including malware, viruses, Trojans, remote access software or other malicious code
  • Port scanning; attempts to engage in unauthorized network sniffing, data capture, reverse engineering, or process trace
  • Physical intrusion for the purpose of compromising information security
Policy Violations Improper usage of network or computing devices which puts information security at risk. Disregard of policies and standards which put information security at risk. Misrepresentation of facts which put information security at risk.
  • Falsifying network credentials to gain access to data or services
  • Adding backdoors or non-standard access controls to systems
  • Uploading or publishing Restricted or Confidential information to non-advocated services and systems such as Dropbox and Pastebin
Vulnerability A vulnerability in a Clemson process, service offering, or software utilized by Clemson in the regular course of business.
  • Susceptibility to SQL injection
  • Susceptibility to Cross Site Scripting
  • Susceptibility to Buffer Overflow
  • Lack of password protection

 

For more information, contact Office of Information Security.