The Information Technology Security Computing Incident Response Team (CIRT) is the emergency response team for all IT security events at Brown University, and is critical to protecting Brown University's electronic communications infrastructure. With support from all areas of the University, the CIRT responds to a variety of incidents which could involve virus, spam, malicious software, phishing attacks, and social engineering.
It is critical that you immediately notify Brown when you become aware of an event that could result in a breach of personally identifiable information (PII).
- Any information or network security incident should be reported immediately to email@example.com.
- Lost or stolen electronic media or a computing device:
- Personal information: If you need to report lost or stolen electronic media or a computing device, please file a report with the Department of Public Safety (863-3103).
- University-issued devices: If the device was University-issued, notify the Telecommunications Office immediately (firstname.lastname@example.org, 401-863-2007). Telecom will suspend voice services and issue a remote wipe of the device, if applicable.
If a personal device is lost or stolen, the Help Desk may be able to remotely wipe your device. In addition, once all data has been securely removed, contact your service provider to cancel service for your personal phone.
- Personally identifiable, restricted, regulated, or confidential information: If the lost of stolen electronic media or a computing device was used to store personally identifiable, restricted, regulated, or confidential information, please notify the Information Security Group immediately. ISG will work with you to determine the next steps, and whether the event requires notification.
- Computer/information intrusion:
If you suspect that someone has broken into your computer, please disconnect it from the network and contact the Information Security Group as soon as possible. We will investigate the incident and help you recover your system.
- Protected Health Information (PHI):
If any PHI might have been lost, stolen, compromised, misdirected, etc., please notify the Information Security Group at ISG@brown.edu, who will work with you to determine the next steps, and whether the event requires notification.
- File an Incident Ticket:
In the event of a serious incident, log onto the trouble tracking system, Remedy, and create a new CIRT ticket.
When reporting a possible intrusion, it is helpful if you can provide us with the following information:
- A description of the problem (what happened and when)
- The computers that were affected (names and IP addresses)
- The actions that have been taken to address this incident
- Any other information or log files that you have