Skip to main content
Eastern Illinois University

Panthertech

Information Technology Security Incident Reporting

Policy Statement

The following procedures establish responsibility for reporting and responding to security incidents involving Eastern Illinois University’s information technology resources, computers, networking systems and data, collectively defined here as "EIU Technology and Services". When information security incidents occur, it is necessary to be aware, document, notify and act quickly.

If a suspected breach or security incident has occurred, individuals should initially attempt to contact IT Security Officer (217)581-1939, Executive Director for ITS (217)581-1942 or EIU ITS Help Desk at (217)581-HELP. If not available, please email ticket_infosec@eiu.edu with the information:

Information Security Incident Response

Information technology security incident is an event that attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in an information system. Security incident also means the loss of data through theft or device misplacement, loss or misplacement of hardcopy documents, or compromise of physical security, all of which may have the potential to put the data at risk of unauthorized access, use, disclosure, modification or destruction.

The following individuals/teams are involved in incident response and may include overlapping members or may be made up of different members that will handle security incidents:

Information Technology Security Incident Reporting

Suspected or actual incidents of loss, inappropriate disclosure, or inappropriate exposure of information whether in printed, verbal, or electronic form including but not limited to those incidents involving the following information, systems, or processes:

Any individual or group who in the course of using EIU Technology and Services observes an information technology security incident shall report that incident. If a suspected breach or security incident has occurred, individuals should initially attempt to contact IT Security Officer (217)581-1939, Executive Director for ITS (217)581-1942 or EIU ITS Help Desk at (217)581-HELP.

Criminal Activity

Suspected criminal activity involving EIU Information Technology Resources and Systems shall be reported to the Eastern Illinois University Police. Such activity includes but is not limited to, computer theft, credit card theft. Criminal activity can be reported in person at EIU Police offices or by telephone (217)581-3213. Notification of crimes in progress or other emergencies dial 9-1-1.

In accordance with the “Illinois Child Online Exploitation Reporting Act” (325 ILCS 47/) any Eastern Illinois University’s employee who in the course of their duties for the University installs, repairs or services information technology resources or systems, discovers any depiction of child pornography shall immediately report that discovery to the EIU Police at (217)-581-3212. EIU Police will contact ITS and other proper channels.

Copyright and Intellectual Property

Suspected violations of copyright and intellectual property rights shall be reported to the University Digital Millennium Copyright Act (DMCA) agent to the IT Security Officer (217)581-1939.

Data Classification

Following the data classification guidelines in policy: https://www.eiu.edu/panthertech/policies_classification.php

If the incident involves data with the classification of “Internal” or “Confidential” do the following:

If the incident involves data with the classification of "Public" and does not seriously impact individuals or the university do the following:

If the classification of the information system or resource is not known, follow the procedures for "Internal".

Last Date Reviewed: 06/13/2024

CONTACT THE DEPARTMENT

Technology Support

217-581-4357
support@eiu.edu