Have you ever wondered, “What would I do if I discovered a data breach at Stanford?” Or, “What would I do if my device gets stolen?”
These are great questions to ask!
Being prepared to encounter an IT security or privacy concern will help you take the right steps if and when you’re facing a real-life problem.
The best way to be prepared: Stay calm and report immediately.
To learn more or make a report, go to the Report an Incident page at: uit.stanford.edu/report
On the Report an Incident page, you’ll find out what to do if you’re not sure what kind of incident you’re facing, plus specific protocols for these incidents:
- A vulnerability with a Stanford computer/networking resource
- Unauthorized exposure of sensitive data (especially High Risk Data)
- Lost or stolen electronic device with Stanford data
- Suspected phishing email
- Electronic threat to a person’s safety
- Incidents involving UK Biobank data*
*Note: For any incidents involving UK Biobank data, reporting is contractually required in an extremely short timeframe. View the full details for UK Biobank reporting protocols.
Why should I report concerns?
Reporting a data or IT compromise (or risk) quickly is critical to keeping you and our entire Stanford community safe.
This allows the right experts to quickly take steps to 1) respond to and contain the specific vulnerability and 2) prevent more harm.
Not reporting can have serious consequences. In fact, for certain situations, there are even legal consequences for not reporting known issues.
How do I report?
There are different protocols that work best for specific types of issues. And while you don’t have to memorize all of the specific protocols, you’ll need to know where to confirm the best protocol quickly, which is the Report an Incident page.
To make it easier to find, we’ve recently updated several ways to get to the page.
The quickest way to get to the Report an Incident page is uit.stanford.edu/report
Other ways to get this page are:
- Search “report” on uit.stanford.edu
- From the “Get support” dropdown on the uit.stanford.edu site, click “Report a security incident”
- Search Service Now knowledge articles for “report an incident”
- Google “report an IT incident at Stanford”
- Go to stanford.edu, click Search, and search “report an incident”
What should I do when I report?
First, try to stay calm. Discovering a security incident can be unsettling, but panicking might hinder your ability to respond effectively. Remember, our teams at the Information Security Office (ISO) and University Privacy Office (UPO) here at Stanford will help you navigate through the situation.
Also, safely document as much relevant information as possible about the incident. Documentation might include:
- Screenshots
- Timestamps
- Error logs
- Emails
However, documentation does not include contacting a suspicious person or organization to try to “get them.” This could put you in danger.
And remember, don’t delay in reporting. Time is critical in many types of IT security/privacy attacks.