Report a Security Incident

icon_securityIncidentAn information security incident is an event that compromises the confidentiality, integrity, or availability of an information asset such as a file or the data elements within, or a workstation, server, or application. An incident can occur through a variety of means, potential indicators include:

  • Alerts and warnings from anti-malware software,
  • Web page pop-ups that will not close or allow you perform other actions on your computer,
  • The computer is running extremely slow or experiencing unusual behavior,
  • Unexpected or suspicious log entries are present in your computer’s log files,
  • Someone, internal or external to the college, is reporting suspicious activity that has originated from your computer.

What to do if you think your data or device has been compromised.

STEP 1: Start documenting.

It is imperative to gather as much information as possible if your system or data has been compromised.

Examples include:

  • What were the indicator you noticed?
  • Did the indicators appear after visiting a specific website, opening an email or document?
  • If it is a mobile device, where were you when it started?
  • Are/were you connected to public or campus Wi-Fi?

STEP 2: Stop using the device.

Do not unplug the power or network connection, as vital information that can assist during an investigation may be lost. Someone at the Service Desk will assist you on the best course of action based on the details given. This leads to…

STEP 3: Contact the GPC Service Desk.

The Service Desk, through the proper routing of the service ticket, will engage the Information Security Department, Desktop Support group. The Desktop Support administrators will be able to assist in determining if your device or data has been compromised and will assist in the process of mitigating the effects of a potential compromise.

Please follow any steps directed to you by the service desk and desktop support person, answer all questions and provide as much detail as possible, as that detailed information can help prevent and mitigate the effect the compromise might have on other users.

When you talk to the service desk please indicate if the event involves sensitive information such as:

  • Credit Card Numbers
  • Social Security Numbers
  • HIPAA-protected data
  • FERPA-protected data

If you believe a crime has been committed, contact local law enforcement directly.

What to do if you think your data or device has been compromised.

STEP 1: Immediately contact the GPC Public Safety at 770-274-5511 and file a report

STEP 2: Contact the GPC Service Desk at 678-891-3460 or email at servicedesk@gpc.edu

STEP 3: Change your passwords…without delay.

Even if you think the data is encrypted or you are using a strong password, best practices are to change your passwords for all accounts you access with the compromised device.

STEP 4: Locate the device. If you have activated a location or tracking service or function on your device, attemppt to locate the device and provide the information to Public Safety. All GPC laptops have tracking software already installed. The Service Desk will facilitate the initiation of the tracking process one reported.

STEP 5: Wipe the device.

Work with you carrier, for devices like tablets with data plans and smartphones, to remotely wipe the data on the device. The Service Desk will facilitate this action for GPC owned devices.

Policy Violations

If you suspect a potential violation of institute policy or regulatory compliance, contact the GPC anonymous abuse alert line at: https://gpc.alertline.com or by calling 877-516-3444.

General Inquiries

For general inquiries on this or any other information security concerns, please email infosecurity@gpc.edu.