It is the responsibiliy of all MADEC Australia users to ensure that any Information Security Incidents are reported to the IT Helpdesk as soon as they occur or are discovered.
This enables the IT Helpdesk to investigate and repsond to incidents promptly and effectively.
Events which may be assessed as an Incident include (but are not limited to):
- Unauthorised accesss to systems or information
- Unauthroised use of systems or information
- Breach or spill of data
- Loss/Theft of devices
- Successful scam of user by email
- Spam email links clicked
- Virus/Malware/Ransomware outbreak
- Incorrect privileges or permissions
Examples of events which are not considered Information Security Incidents:
- Power outages
- Hardware failures
- Non IT Incidents, eg. physical injuries
All events should be reported the same way. IT Helpdesk staff will assess tickets and mark them as Information Security Incidents where neccessary.
If you believe you are submitting an Information Security Incident, you can mark tickets submitted via the Helpdesk Portal with the Ticket Type. Select "Information Security Incident Report".
If submitting via Phone or Email, you aren't able to select this type, it will be done by the Helpdesk Agent.
You should ensure the following information is included when submitting an incident:
- Where did the incident occur?
- What areas of the business are affected?
- What devices are affected?
- What information may be affected?
This information will assist Helpdesk staff to priorities and investigate events.