Eastern Michigan University
What is the Incident Response Team (IRT)?
The Incident Response Team (IRT) was created to safeguard information technology systems and the sensitive client data they support. IRT works with university legal counsel, law enforcement, system administrators, human resources, and management to offer an immediate response to I.T. security incidents from both internal and external sources. IRT reports to the Technical Security Team which is headed by the Information Security Officer.
What is considered a computer incident?
IRT defines a computer incident as any unauthorized access (physical, remote, or otherwise) to university computer systems as well as malicious attempts to disrupt information technology services such as denial of service attacks. The source of these incidences may be internal or external.
How do I know that my system has been attacked?
For end users, system intrusion can be difficult to detect. If you believe that your computer system has been comprised in any way, it is best to report the incident to the Help Desk at 734.487.2120 for further evaluation.
How do I report an incident to IRT?
To report incidents, contact the Help Desk at 734.487.2120. You will be asked to provide information about the incident, such as where and when it occurred, what symptoms you experienced, and the like. You will also be asked to provide contact information because the IRT may wish to contact you for additional information.
If you witness a physical crime in progress, such as someone stealing a computer system, you should always alert the Department of Public Safety by calling 911 from a campus phone or 734.487.1222 from a cell phone.
Why should I report incidents to IRT?
Eastern Michigan University's computing systems are essential to the institution's academic and financial well being. A security breach in any one of these systems could have a devastating effect on the entire university. Each user is a stakeholder in the security of these systems and our first line of defense against unauthorized intrusions.
Who gets my incident report?
IRT reviews each incident report to determine whether, in fact, there has been an attack. All reports are filed in a secure location and any sensitive information regarding an incident is not released to anyone outside of the team. Should IRT find that a security incident has occurred, they may be obligated to share that information with law enforcement agencies such as the Department of Public Safety.
How can I get more information from IRT?
For more information about IRT,contact:
Scot Putney, Interim Chair of IRT, at firstname.lastname@example.org
Steve Edwards, Interim Deputy Chair or IRT, at email@example.com
Rocky Jenkins, Director of Network and System Services, at firstname.lastname@example.org
Division of Information Technology
118 Pray Harrold
Ypsilanti, MI 48197