Gallaudet University
Who We Are
Our Work
Overview
News & Stories
Nov 28, 2023
Nov 27, 2023
Upcoming Events
November 29, 2023
November 30, 2023
University Wide Events
No Communication Compromises
Areas of Study
Schools
Programs
Changing the world
Research
Community & Innovation
Research Experiences & Services
Our Global Presence
Global at Home
Global Learning For All
Global Engagement
Your Journey Starts Here
Admissions
Financial Aid
Explore Our Campus
Connect
Discover
Influence
Directories
Popular Keywords
Explore
Quick Links
GU
/
Technology Services
Technology Policy
Incident Response Framework
Merrill Learning Center 1120
(202) 250-2507
(202) 651-5494
Email Us
Last Revised: January 10, 2019
Refer Questions to: Executive Director, Gallaudet Technology Services
The following policy details the Gallaudet Technology Services (GTS) Incident Response Framework that governs how GTS responds to major IT security incidents on campus.
The following table defines the roles and responsibilities of Incident Response Framework stakeholders and participants who form the Incident Response Team that responds to computer security incidents:
Information Security at Gallaudet University is a team effort with GTS Information Security and system owners both actively involved and responsible for the overall health, security and functionality of the Gallaudet University hosts and services.
GTS Information Security is responsible for overall network health, security and functionality. They continuously monitor connections to the internal, external and wireless networks and review them daily in accordance with established log retention and management protocols.
Upon the identification of a potential or confirmed vulnerability, GTS Information Security takes action to define a scope and impact of the incident and inform the Executive Director of GTS and the GTS Information Security Officer (ISO), as well as the System Owner and Support Providers as appropriate and necessary. The Manager of the Office of Risk Management should also be informed in cases of confirmed vulnerabilities. For the purposes of this framework and procedures, system owners are defined to include both Data Stewards (those responsible for the data in the system) and Data Custodians (those responsible for administrating the system in which the data resides).
The System Owner monitors and reviews access to and utilization of system functions in accordance with established log retention and management protocols. Upon detection of a realized or potential security incident, the System Owner will take action to define the scope and impact of the incident and notify the Executive Director of GTS and the GTS Information Security Officer (ISO). If the incident has potentially jeopardized the security of confidential, proprietary or sensitive University data, the Incident Response Team convenes.
Support Providers are responsible for identifying end-user workstation security risks and incidents. Upon confirmation of a security incident, the Service Provider will inform the GTS Security team and Director of Network Operations. Such incidents include, but are not limited to, viruses, worms, denial of service attacks, local attacks or and realized or potential disclosure or loss of confidential, proprietary or sensitive University data.
Users are responsible for the appropriate use of services and maintenance of data that they have been authorized to access to include the proper handling, storage and dissemination of confidential, proprietary and sensitive University information. In the event that locally stored data is misplaced or improperly distributed to unauthorized audiences, users must inform their manager, GTS Information Security Officer and Executive Director of GTS immediately. If a User detects a suspected or realized Computer Security Incident, they will report this situation to their Support Provider or department manager for escalation.
Upon report of a Information Security incident, GTS Information Security Officer (ISO) and System Owners and other needed GTS personnel will convene to assess, investigate, mitigate and ultimately remediate the security vulnerability.
In the event of a Data Security Incident, the GTS Information Security Officer (ISO) convenes the Incident Response Team with the Executive Director of GTS and representatives from the affected University departments to coordinate response actions and communications with the parties affected by the loss or dissemination of this data.
The Incident Response Team, and/or the Executive Director of GTS and GTS Information Security Officer (ISO) will consult with appropriate individuals as deemed necessary, including the University legal team, or law enforcement personnel when the need surfaces.
The Incident Response Team prioritizes the incident based upon the realized or potential threat and impact to Gallaudet University systems, services or data in the following order:
The Incident Response Team documents all reported security incidents, findings and remediation actions with GTS Information Security producing an annual summary of security incidents.
Last Reviewed: 11/04/2019
(202) 651-5213