Handling

Computer Incident Handling Standard

Computer Incident Handling Standard

RIT has created a process for handling computer incidents to ensure that each incident is appropriately resolved and further preventative measures are implemented.

Who does the standard apply to?

  • The standard primarily applies to administrators of RIT-owned or leased computing devices.
  • The standard also applies to users of personally-owned or leased devices should the incident involve RIT resources.

What is an incident?

Incidents include the following types of events:

  • Physical loss of a computing device (including storage devices)
  • Detection of unauthorized users accessing a computing device
  • Discovery of malware on a computing device
  • Discovery of critical vulnerabilities or improper configuration that could result in a breach of information

What do I have to do?

Group Action Needed
Everyone If the incident involves the loss or theft of a device containing Private, Confidential or Operationally Critical information, you should immediately file a report with Public Safety.
Self-supported users If the device contains Private, Confidential or Operationally Critical information, contact your support organization immediately.
If the device does not contain Private, Confidential or Operationally Critical information, you can attempt to resolve the issue on your own.
Users supported by Systems Administrators Contact the ITS HelpDesk if you cannot resolve the problem on your own. If they discover high risk threats, they will engage the Computer Incident Handling process
Report any suspicious computer activity to your support organization. Anything from a drastic slowdown in computer performance to something as simple as the cursor moving around on its own constitutes suspicious activity.
System Administrators Report the incident to the Information Security Office.
Read and understand the Computer Incident Handling Standard and the process flow chart before an incident occurs! Quick action is essential to minimizing damage, so know what needs to be done ahead of time.
Visit the Systems Administrators Resources page to find tools and additional information

Resources

Computer Incident Handling Standard

 

Information Access & Protection Standard

Information Access & Protection Standard

The Information Access & Protection (IAP) Standard provides requirements for the proper handling of information at RIT.

Information Classifications

The standard classifies information into four categories: Private, Confidential, Internal, and Public.

Private information

Private information is information that is confidential and which could be used for identity theft. Private information also has additional requirements associated with its protection (e.g., state and federal mandates). Examples include:

  • Social Security Numbers (SSNs) or other national identification numbers
  • Driver’s license numbers
  • Financial account information (bank account numbers, checks, credit or debit card numbers), etc.

Confidential information

Confidential information is information that is restricted to a need-to-know basis and due to legal, contractual, ethical, or other constraints may not be accessed or communicated without specific authorization.

Internal information

Internal information is restricted to RIT faculty, staff, students, alumni, contractors, volunteers, and business associates for the conduct of Institute business.

Public information

Public information may be accessed or communicated by anyone without restriction and has no special handling requirements associated with it.

Who do the requirements apply to?

This Standard applies to everyone who accesses RIT Information Resources, whether affiliated with RIT or not, from on campus or from remote locations, including but not limited to: students, faculty, staff, contractors, consultants, temporary employees, alumni, guests, and volunteers.

What are RIT Information Resources?

RIT Information Resources include but are not limited to:

  • RIT-owned or leased transmission lines, networks, wireless networks, servers, exchanges, Internet connections, terminals, applications, and computers
  • Information owned by RIT or used by RIT under license or contract, in any form, including but not limited to:
    • Electronic media
    • Portable media
    • Electronic hardware
    • Software
    • Network communications devices
    • Paper
  • Personal computers, servers, wireless networks, mobile devices, and other devices not owned by RIT but intentionally connected to RIT Information Resources.

What do I have to do?

Everyone who accesses RIT Information Resources should know and understand the four classes of information at RIT and appropriate handling practices for each class. Specific roles and responsibilities are detailed in the Information Access and Protection Standard Plain English Guide.

Information Access & Protection Standard

 

Document Destruction

Document Destruction

Updated January 31, 2013

Why Have Document Destruction Activities?

Document Destruction Activities provide a focused opportunity for RIT faculty and staff to archive securely or dispose of hard copy records that contain private information. Private Information includes financial account numbers, social security numbers, driver’s license numbers and other information that can be used in identity theft. Participation in this activity will enable RIT to secure Private Information that could otherwise be used to facilitate identity theft. Document Destruction Activities are part of the RIT Private Information Management Initiative, but they are managed by your department.  We encourage all departments to schedule Document Destruction Activities.

Why are Document Destruction Activities so important?

With its concentration of student records and private information, Higher Education is often targeted by attackers hoping to harvest private information for use in identity theft.  In addition, careless storage or loss of records often leads to data breaches that require compliance with various state and federal laws requiring notification of affected consumers. For example, DataLoss DB (http://datalossdb.org/) indicates that almost 25% of breaches have been due to the inadvertent loss of private information, in both hardcopy and digital formats.  

Participation in Document Destruction Activities will reduce the likelihood for the RIT community to have their personal information fall victim to malicious attacks or loss. This activity will also provide an opportunity for faculty and staff to adhere to the RIT Records Management Policy (C22.0).  Any questions regarding the appropriate retention period can be addressed to the RIT Office of Legal Affairs.

When are my Document Destruction Activities?

Contact your Private Information Management Initiative representative to find out what activities are being planned in your college or division for document destruction.

What do I need to do for my Document Destruction Activities?

It is important that you keep track of any documents that may leave another person susceptible to identity theft attacks. In preparation for your department’s Document Destruction Activities, please review the files in your office to ensure that you have not retained any private information that is not critical to your current work. Take this opportunity to review files and dispose of them in accordance with the RIT Records Management Policy (C22.0).

We encourage you to review your files now and dispose of those containing Private Information securey. Ensure that any RIT files in your home do not contain any private information.

How do I dispose of portable media and hardcopy documents containing Private Information securely?

Visit our Information Disposal page for recommendations.

What if I have questions?

Contact your division or college's PIMI representative

Subscribe to RSS - Handling