Skip to main content
Luddy School of Informatics, Computing, and Engineering Indiana University Indianapolis
Faculty & Staff Intranet

Incident Response Policy

Last updated: November 2017

Purpose

The purpose of this policy is to outline the different responsibilities of the Technology Staff with regards to reacting and responding to various types of network and information security incidents that may occur within Luddy Indianapolis.

Scope

This policy applies to all employees and faculty of Luddy Indianapolis; as well as vendors, contractors, partners, students, collaborators and any others doing business or research with the Luddy Indianapolis will be subject to the provisions of this policy. Any other parties, who use, work on, or provide services involving Luddy Indianapolis computers, technology systems, and/or data will also be subject to the provisions of this policy. Luddy Indianapolis computing resources have been developed to encourage widespread access and distribution of data and information for the purpose of accomplishing the educational and research missions of the school. This policy will not supersede any Indiana University developed policies but may introduce more stringent requirements than the university policy.

Definitions

Security incidents can generally be defined as “the act of violating an explicit or implied security policy” (Definition taken from the Carnegie Mellon Computer Emergency Response Team Coordination Center Incident Reporting System Guidelines.) An Luddy Indianapolis security incident is defined as an event that exposes Luddy Indianapolis-held data to unauthorized individuals and impacts or has the potential to impact negatively either student safety or privacy, Luddy Indianapolis employee safety or privacy, or the reputation of Luddy Indianapolis or Indiana University. The Core incident response team consists of those members of various Luddy Indianapolis offices who will assist in the conduct of a major incident investigation. The incident response team will be activated at the discretion of the Executive Associate Dean. The core Luddy Indianapolis incident response team members will be the Director of Technology Services, the Computer Support Specialist, the Technology Coordinator, a Legal Office representative, and a Media Relations Office representative. Adjunct incident response team members are those members of various Luddy Indianapolis offices who have specific skills needed at times during incident investigations.

Policy

The Director of Technology Services is granted authority to take actions necessary to protect Luddy Indianapolis people, resources, data and/or communications in the event of a security incident.

The Computer Support Specialist serves as the investigative and operational lead for the conduct of all Luddy Indianapolis security incident investigations. The Computer Support Specialist will be the primary authority for invoking incident response procedures.

Various Luddy Indianapolis offices will provide core and adjunct members of the incident response team to assist the Computer Support Specialist and Technology Coordinator during security incident investigations. All incident response team members will be assigned duties based on the circumstances of the incident. Specific members and their respective roles are outlined in Luddy Indianapolis incident response procedures.

Luddy Indianapolis personnel must immediately report: a. a security incident that involves unauthorized physical access to a building or secure location, physical threat, imminent danger, or personal safety issue to the IU Indianapolis Police Department. b. an actual or suspected security incident that involves unauthorized access to electronic systems owned or operated by IU and/or Luddy Indianapolis; malicious alteration or destruction of data, information, or communications; unauthorized interception or monitoring of communications; and any deliberate and unauthorized destruction or damage of IT resources to the Indiana University IT Security Office (ITSO) as outlined in IT Policy Office (ITPO) incident reporting procedures.

All communications with the media regarding an incident will be coordinated through the Luddy Indianapolis Communications Manager.

Violation of Policy

If it is suspected that this policy is not being followed, report the incident to the Executive Associate Dean or Director of Technology Services. Any exceptions to this policy must be approved in advance by both the Executive Associate Dean and Director of Technology Services.

Enforcement

Any person found to have violated this policy will be subject to appropriate disciplinary action as defined by the provisions of Indiana University Policy IT-02, Policy on Sanctions for Misuse or Abuse of Indiana University Technology Resources.