The full security incident reporting policy can be reviewed online at https://www.depts.ttu.edu/infotech/security/docs/incident_management.php.

A wide variety of data security incidents must be reported, including malware infections, unauthorized use of computer accounts and systems, complaints of improper use of information resources, data theft and fraud, and computer system compromises. Should you become aware of a data security issue, there are two fundamental steps that you or your departmental/college technology professional should take:

1) Immediately report the incident as outlined below:

a) For malware infections, compromised systems, or improper use complaints, contact the Enterprise IT Security team at security@ttu.edu or 806-742-0840.

b) To report an IT-related incident that may be a criminal act (data theft, fraud, etc.), the exposure of confidential information, or a threat to personal or homeland security, directly contact the TTU chief information security officer (CISO), Jeff Barrington (jeff.barrington@ttu.edu), at 806-834-2941.

2) Perform appropriate remedial action only in accordance with the CISO's instructions and IT guidelines.

Some incidents will require investigation to assess the severity and to determine whether further forensics are required. Please contact the security staff above before altering the computing system or attempting to "fix the problem". Typically, once the security staff provides direction, malware infections can be cleaned up without further investigation, and IT Help Central can provide assistance.