All faculty and staff should be aware of how to recognize and report an incident that may affect confidential information, especially information protected by federal and/or state laws.

An electronic security incident is defined as: Electronic activity, such as “hacking” or a compromised or abused computer, that results in damage to or misuse of the Drake network or a device or data connected to it. Primary examples are the theft or loss of a computer, communication of confidential information to an unauthorized party, or compromise of an account or system with access to confidential information.

At Drake, electronic security incidents involve University-owned assets such as mobile devices and computers, and/or confidential information, such as passwords, protected health information, FERPA-protected student record information, social security, credit card, bank account, driver’s license, or passport numbers.
If you become aware of a possible electronic security incident, please report it to Peter Lundstedt, information security manager, as quickly as possible at peter.lundstedt@drake.edu or ext. 4173. If Peter can’t be reached, contact your area’s ITS campus technician, or call the ITS Support Center at ext. 3001.

Drake is required to follow the laws in place for reporting, handling, and remediating every breach of information. Additional information about electronic security incidents can be found in the ITS knowledge base, including more information on the reporting and initial investigation process.

—Peter Lundstedt, ITS