Appendix N: Examples of Reportable Security Incidents
- A laptop computer containing private data is lost or stolen. (Loss)
- A University employee abuses the access they have to private data for their job to look at private data not related to their job, for personal or other reasons or simple curiosity. (Inappropriate Use)
- An instructor posts grades outside his/her classroom in a manner in which a student can be personally identified (i.e., alphabetically) or by a piece of private data (i.e., SSN or student ID number). (Inappropriate disclosure)
- A room that houses computers that store private data is left unattended and unlocked.
- An attacker runs an exploit tool to gain access to a University server's password file. (Unauthorized Access)
- A worm uses open file shares to infect from one to hundreds of desktop and laptop computers within the University. (Malicious Code)
[Policy Library]
[Policies by Process]
Privacy Statement
Comments: process@tc.umn.edu
© 2005 by the Regents of the University of Minnesota.
Policy and Process Development Office. All Rights Reserved.
The University of Minnesota is an equal opportunity educator and employer.
http://www.fpd.finop.umn.edu/groups/ppd/documents/Appendix/UseGuidelines.cfm
Updated:
March 15, 2005