Skip to main content
Apply

Enterprise Information Technology

Open Main MenuClose Main Menu

The Information Security Services (ISS) Office can assist in incident handling for computer systems owned by the university. Staff of the ISS Office can work with system administrators and others to respond to an incident, identify the cause of an incident, contain an incident, prevent an incident from occurring in the future, and recover from an incident. Some incidents may require the ISS Office work with local law enforcement for a resolution. Two common incidents the ISS Office assists in handling are credential compromises and system compromises.

 

Available to

Employees

 

FAQ

  • I think my credentials have been compromised, what do I need to do?

    If you believe your credentials have been compromised due to a security incident, we recommend you immediately change your account password and then report this to the Information Security Services (ISS) group. You can report this to the ISS Group by taking one of these actions:

    • Visit the Report Credential Compromise Form.

    • Start a support ticket by using this link: Request Help

      • Provide the following information in the Issue field:

        • The Banner ID/of the individual reporting their credentials have been compromised.

        • A brief description of what the account is doing, why it is believed the credentials have been compromised, etc.

  • I think my system has been compromised, what do I need to do?

    If you believe your system has been compromised due to a security incident, we recommend you report this to the Information Security Services (ISS) group. You can report this to the ISS Group by taking one of these actions:

    • Visit the Report System Compromise Form.

    • Start a support ticket by using this link: Request Help

      • Provide the following information in the Issue field:

        • The name of the department which owns the device. If you are a student, just type student.

        • The date and time when the incident occurred.

        • The type of incident which caused the system compromise (malware, virus, etc.)

        • A brief description of the incident. What is the machine doing, how did you find out, etc.

        • The full computer hostname of the device (ex. Pistolpete.ad.okstate.edu)

        • The IPv4 address currently assigned to the device when connected. (ex. 10.202.215.54.)

        • Does the machine contain sensitive data?

        • The actions that you have taken to restore the system.

MENUCLOSE