What is an IT security incident
IT security incidents can be everything from malicious code (like viruses, worms or trojans) to password abuse and impersonating someone else on the Internet.
IT security breaches can be discovered by noticing small abnormalities on your everyday life, for example:
- Your user account has been used at a time you were not logged in
- E-mail has been sent from your e-mail account without your knowledge
- You have been logged in from an unknown location
IT security breaches are also about breach of integrity (credibility of data) and confidentiality (data astray). If data, which originally is protected, is published without your approval, or if it is sent to places that is not viewed as secure in ways that are not considered secure, this may be an IT security breach.
Other examples of security breaches
- Your computer, mobile unit or memory stick was lost or stolen. Depending on the information stored on the unit, this can be defined as a security breach.
- The police contacts you about your data use. Whatever the reason, this is always to be considered an IT security breach.
Security events should always be reported because:
- we can minimize damage
- we want to protect our users and your data
- fresh data makes it easier to find the origin of the security event
- we want an overview over who uses UiO's resources
- we do not want to hinder a possible police investigation.