ITS Summer 2022 Updates

The purpose of the technology incident response policy is to provide a standard response process in the event of an cybersecurity incident in order to protect the institution’s data, systems, and reputation.

Scope

The scope includes computing systems and network infrastructure owned or managed by Middlebury.

Reporting Procedure

To report an actual or suspected information security incident, email infosec@middlebury.edu

Technology Incident Classifications and General Characteristics

Major Incidents

  • impact the majority of our community (ie. everyone)
  • and prevent Middlebury from being able to conduct normal operations for more than 24hrs
  • and may have a major impact to the reputation of the institution

Significant Incidents

  • impact a significant portion of our community (ie. teaching/learning)
  • can have a significant impact on Middlebury’s ability to be able to conduct normal operations
  • and may have a significant impact to the reputation of the institution

Minor Incidents

  • impact a small portion of our community (ie. a department or small group)
  • can have a minor impact on Middlebury’s ability to be able to conduct normal operations
  • and may have a minor impact to the reputation of the institution

Isolated Incidents

  • impact a single community member 
  • have little or no impact on Middlebury’s ability to be able to conduct normal operations
  • do not impact the reputation of the institution

Policy

In the event of a major information security incident, Middlebury will activate a Technology Incident Response Team (TIRT).  Generally, a major information security incident:

  • impacts the majority of our community (ie. everyone)
  • and prevents Middlebury from being able to conduct normal operations
  • and may have a major impact to the reputation of the institution

The TIRT is responsible for facilitating communication and resolution of the incident. The TIRT is also responsible for formulating and enacting a mitigation plan.

  • The TIRT has representatives from ITS, Human Resources, Student Life, Academic Affairs, Finance, and Public Safety. Depending on the nature of the incident, not all members may be required to be involved. Representatives from other areas may be called upon to join the TIRT, if needed.
  • During a major incident, the TIRT has the authority to access any relevant institution-owned system and to remove any system or user account from the network.
  • The TIRT may only be activated by the institution’s senior management.

This policy does not preclude Middlebury ITS from taking prompt action to mitigate a known technology risk while a longer-term resolution is being developed.

Information Technology Services
Davis Family Library 202
Middlebury, VT 05753