Security Incident
What is a “Security Incident?”
- Attempts to gain unauthorized access to a system or its data.
- The unauthorized use of a system to process or store data.
- Changes to system hardware, firmware, or software without the owner’s knowledge, instruction, or consent.
- Non-electronic Information Security Incident: real or suspected theft, loss, or other inappropriate access to physical content, such as printed documents and files.
- Theft or other loss of laptop, desktop, phone, tablet, or any other device that contains Highly Sensitive information, even if the device is not owned by Clemson University.
Reporting a Security Incident
Anyone who becomes aware of an information security incident should immediately report it to CCIT at ithelp.clemson.edu
My Device Was Lost/Stolen
Report a lost/stolen device by contacting the Clemson University Police Department at 864-656-0433 or go to the campus Police Station between the hours of 8:30 a.m. and 4:30 p.m., Monday through Friday.
I Think I’ve Been Phished
Users can report suspicious emails by using the Report Phishing button in the upper right corner of their outlook client. Or you can forward the e-mail to phishing@clemson.edu. After you report it, we recommend that you delete the email and reset the passwords on any user account that may have been compromised.
My Computer Is Acting Weird
If your computer is not acting as expected, you can contact your local support person to help diagnose the problem or bring it to the CCIT Help Desk located in Cooper Library.
Types of Security Incidents
Incident Category | Definition | Examples |
---|---|---|
Confidentiality | The actual, suspected or potential loss, misdirection or other unauthorized use or disclosure of Protected Information. |
|
Integrity | The corruption of information such that the data is no longer accurate. |
|
Availability | The inability to access data for any reason. |
|
Intrusion | An actual, suspected or attempted system intrusion, system security weakness, or unauthorized access to a computer or system or the identification of a security weakness that may give rise to or facilitate an intrusion. |
|
Policy Violations | Improper usage of network or computing devices which puts information security at risk. Disregard of policies and standards which put information security at risk. Misrepresentation of facts which put information security at risk. |
|
Vulnerability | A vulnerability in a Clemson process, service offering, or software utilized by Clemson in the regular course of business. |
|
For more information, contact Office of Information Security.