Eastern Michigan University
Reporting Security Issues and Incidents
Security incidents are those incidents where an EMU security policy has been violated, data has been exposed inappropriately or a system is believed to have been breached. See Reporting Incidents section below to report a security incident. Security issues or vulnerabiliites may also be reported by security researchers. See Reporting Security Issues section below.
Reporting Security Vulnerabilities and Other Issues
Security vulnerabilities or security issues with EMU's systems discovered by security researchers may be reported to I.T. Security. Our process, public encryption key and related information is available on our Reporting Security Issues page.
Eastern Michigan University's computing systems are essential to the institution's academic and financial well-being. A security breach in any one of these systems could have a devastating effect on the entire university. Each user is a stakeholder in the security of these systems and our first line of defense against unauthorized intrusions.
The EMU Incident Response Team (IRT) defines a computer incident as any unauthorized access (physical, remote, or otherwise) to university computer systems as well as malicious attempts to disrupt information technology services such as denial of service attacks. The source of these incidences may be internal or external.
Who to Report an Incident To
If you believe that your EMU NetID account or any EMU owned computer has been compromised, it is best to report the incident to the Help Desk at 734.487.2120 for further evaluation. If you witness a physical crime in progress, such as someone stealing a computer system, you should always alert the Department of Public Safety by calling 911 from a campus phone or 734.487.1222 from a cell phone.
IRT reviews each incident report to determine whether, in fact, there has been an attack. All reports are filed in a secure location and any sensitive information regarding an incident is not released to anyone outside of the team. Should IRT find that a security incident has occurred, they may be obligated to share that information with law enforcement agencies such as the Department of Public Safety.
For more information about IRT, contact:
- Allan Edwards, Chair of IRT, at firstname.lastname@example.org
- Rocky Jenkins, Director of Network and System Services, at email@example.com
Division of Information Technology
118 Pray Harrold
Ypsilanti, MI 48197