Reporting Electronic Security Incidents: Responsibilities
Users must report actual or suspected electronic security incidents to local support providers. If a local support provider is unavailable, a user must disconnect the affected IT device from the network and notify the Network Operations Center (NOC) at security@cornell.edu or (607) 255-9900.
Local support providers must collect appropriate information about the devices that were compromised, disconnect affected IT devices from the network (where appropriate), and notify security personnel about the incident and the action taken.
Security personnel must open and maintain problem reports for electronic security incidents, contact users and local support providers for the compromised devices about any actions needed, the reasons why, and how to reestablish service. Security must also eliminate problem sources of traffic for the Cornell network and initiate escalation procedures to the unit head, Judicial Administrator, or Cornell Police.
How is this policy enforced?
The security director will contact the following offices if violations occur:
- Faculty violations will be sent to the Provost
- Staff violations will be sent to the Office of Human Resources
- Student violations will be sent to the Judicial Administrator
In this section
- Summary
- Procedures
- Responsibilities