Information Security Incident Identification and Reporting

Information Security Incident Identification

An information security incident is an event, or series of events, that exploits McMaster University computing resource, service, or account that results in unauthorized disclosure, modification, or destruction of data, information, or disruption to computing services. Such events may include:

  • Inappropriate use of, or access to, a University computing resource, service, or account that results in unauthorized disclosure, modification or destruction of information or data;
  • Inappropriate use of a McMaster University computing resource, service, or account resulting in unauthorized modification, destruction or disruption of service to a service or resource;
  • Violation of University policies, including but not limited to the Information Security Policy, whether intentional or unintentional.
  • Use of University computing resources, services, or accounts in the commission of activities that violate municipal, provincial, federal or international laws and regulations, or applicable industry regulations.

Reporting an Information Security Incident

University constituents are required to report confirmed information security incidents, and encouraged to report suspected information security incidents to the University Technology Services Client Service Desk.

University Technology Services

uts@mcmaster.ca

OR (905) 525-9140 x24357 (2HELP)

If the incident involves an active physical threat such as theft, report this immediately to:

McMaster Security Services

905-525-9140 ext 24281, or 905-522-4135

Dial “88″ from any University phone

Upon detection of a PCI related information security incident, merchants and/or staff are instructed to:

If the incident involves an active physical threat, including theft or tampering with a POS device, report this immediately to:

McMaster Security Services

905-525-9140 ext 24281, or 905-522-4135

Dial “88″ from any University phone

DO NOT logoff or power off the affected system.

DO take note of pertinent information, including:

  • the time that the suspected incident occurred
  • the condition of the affected system
  • your merchant number

DO report PCI Related incidents, including the information detailed above, directly to the IT Security team:

c-it-security@mcmaster.ca

OR

(905) 525-9140 x24281

Reporting Malicious Emails

Malicious emails, including SPAM and Phishing messages, should be forwarded as an attachment to is-spam@mcmaster.ca

Please report only one malicious message per report.

NOTE: If you can’t forward the message as an attachment, please forward it to us anyway. We would still like to have a look.

Forwarding as an Attachment

Create a new message

  • To: is-spam@mcmaster.ca
  • Subject: Phishing samples

Drag the suspicious messages from your inbox into the new message

To forward a message as an attachment using Microsoft Outlook:

  • Highlight the suspicious message in your inbox
  • Open the “Home” ribbon
  • In the “Respond” are, select the “More” button
  • Select “Forward as an Attachment” from the menu

To forward a message as an attachment using Apple OsX Mail:

  • Select the message
  • Choose Message > Forward as Attachment.

OR

  • Drag messages you want to forward one at a time into a message.