Incident Response Protocol Addresses Information Security

NUIT's Information and Systems Security/Compliance (ISS/C) department announces the formal adoption of the Information Security Incident Response Protocol (IRP).

One of the more important aspects of this security plan is that anyone who knows of or suspects a security breach must notify the University immediately. Once a report is received, the IRP does "damage control" to determine if a security incident has occurred. It defines tasks and identifies personnel required to investigate and help mitigate the problem.

The protocol, a defined set of activities, primarily focuses on those incidents of high severity, where sensitive data is compromised, or where there is significant adverse impact to users or the University.

There are several regulations that require the University to have such a protocol to address the potential or actual loss or exposure of sensitive data. Sensitive information includes items such as names, Social Security numbers (SSNs), financial data, credit card numbers, NetID/passwords, and any other University information declared to be Highly Confidential, Confidential or Restricted by University policy.

Additionally, the Illinois Personal Information Privacy Act requires anyone handling personal data to notify individuals if their personal data has been subject to unauthorized access or acquisition through a breach of security measures. Examples of a breach include:

• A laptop holding unencrypted files of names and SSNs is lost or stolen
• A computer holding medical research data, including personally identifiable information, is accessed or otherwise compromised by a hacker or other unauthorized party
• Printed copies of student loan applications are discovered in a publicly accessible dumpster

You're The Key

This protocol is designed to involve the entire NU Community in data security, as it relies on individuals to report security incidents. The IRP ensures that once an incident report is received, it is investigated, documented and dealt with in a University-appropriate manner.

Using a standardized protocol for responding to incidents improves the security of all users' personal information and other sensitive University data.

If you suspect or know of a security breach, contact NUIT immediately. Our staff is trained to analyze events, determine if an incident has occurred, and take steps to contain and resolve the incident.

Call NUIT's Network Operations Center at 847-467-NNOC (6662) or Support Center at 847-491-HELP (4357). You may also e-mail noc@northwestern.edu or security@northwestern.edu. Include your contact information and a brief description of the incident. A staff member will respond and follow up on your report.

If you have questions about the IRP, contact Dave Kovarik, director of NUIT Information and Systems Security/Compliance, at 847-467-5930 or e-mail david-kovarik@northwestern.edu.