Security Breach Response

In the event of a breach or suspected breach of security, the Merchant Department must immediately execute each of the relevant steps detailed below:

  • The MDRP or any individual suspecting a security breach must immediately notify the Incident Response Team at infosec@middlebury.edu, in accordance with the Technical Incident Response Policy, http://go.middlebury.edu/tirp, of an actual breach or suspected breach of payment card information.  Email should be used for the initial notification and to provide a telephone number for the Incident Response Team to respond to.  Details of the breach should not be disclosed in email correspondence.

  • The MDRP or any individual suspecting a security breach involving ecommerce also must immediately ensure that the following steps, where relevant, are taken to contain and limit the exposure of the breach:

    • Prevent any further access to or alteration of the compromised system(s).  (i.e., do not log on at all to the machine and/or change passwords)
    • Do not switch off the compromised machine; instead, isolate the compromised system(s) from the network by unplugging the network connection cable.
    • Preserve logs and electronic evidence.
    • Log all actions taken.
    • Document all conditions, personnel, and events around system at time of and leading up to suspected breach.
    • Be on HIGH alert and monitor all ecommerce applications.

Investment & Treasury Operations Office

152 Maple Street
Marble Works, Suite 102
Middlebury College
Middlebury, VT 05753
Phone: 802-443-5751