Security Violations (suspected or confirmed) should be reported right away. If Sensisitve Data is associated with any computer involved in the incident, please call Information Security immediately at 940-369-7800.
Please refrain from accessing or further interacting with the computer in question. This will help preserve evidence integrity before the Information Security team can collect an image for forensic analysis.
For further explanation of what UNT institutions consider "sensitive", the Sensitive Information Brochure provides additional guidance.
Incident Reporting Steps:
- Notify your IT support staff
- Notify your immediate supervisor
- If you are an IT Manager, contact Information Security directly at firstname.lastname@example.org or 940-369-7800. We also accept Remedy trouble tickets, but please do not include any sensitive or confidential data in the ticket. After an incident has been closed, please fill out an incident report.
- If you require immediate phone assistance after hours, contact your campus Helpdesk
- If you wish to report criminal activity, contact your campus Police Department
- Do not allow any changes to be made to the computer or related system.
Information To Provide When Reporting a Security Incident
- Your name, phone number, email address, and department (if applicable)
- Contact information for anyone else directly involved, especially if someone else reported this incident to you
- Date, time, and location of incident
- Description of the incident, including as much technical detail as possible
- Any relevant documentation or logs
Examples of Suspicious Activity
- Unknown activity related to your account or computing services
- Log discrepancies
- Social Engineering Attempts
- Unfamiliar user accounts or or files
- Unexpected system ports or processes
- Modification or deletion of data
- Changes in file or directory permissions
- Denial of service without obvious explanation
- Threats or harassment via email