Service | Compromised Account Management |
|---|
Service Manager | Information Security Officer |
|---|
Department | Information Security Office |
|---|
Contact |
|
|---|
Service Owner | AVP/CIO - Stephen RieksChief Information Officer |
|---|
Description | Manage and monitor alerts that identify at-risk or breached accounts. Function 1: InvestigationInvestigation Function 2: RemediationRemediation Function 3: IT IT Service Center Notification |
|---|
Service Users | Any Google Apps user. |
|---|
User Services | Like other security measures, this service is “behind the scenes”. And its value lies in the fact that, once compromised accounts occur, it is dealt with swiftly. User are immediately contacted if there is a suspected security breach. User are advised to change their password. And if need be, the account is (temporarily) removed from the system to mitigate any cascading effect. |
|---|
Business Services | Security breaches can occur in many different forms, thus, all departments and units can expect containment of the damage to protect users’ data and identify the root of the problem in a timely manner. |
|---|
Technical Services |
|
|---|
Requirements | The requirement for using this service is to be any Google Apps user. |
|---|
Rates / Cost of Use | There are no fees associated with using these services. |
|---|
Getting Started | A user does not request access to this service. |
|---|
Availability | This service is performed during normal or standard business hours of operation. |
|---|
Getting Help | All requests for assistance are completed using FredQuest: https://fredquest.fredonia.edu/ |
|---|
SLA Notes |
|
|---|
Business Procedures | The business procedure is located with the Primary responsible person on the RACI form and also, see Appendix A. |
|---|
Change Procedures | Changes to the service (transition, additions, and discontinuations) must be reviewed by TAC and approved by the Service Manager (CIO) and Cabinet. The following procedures are used for changes to the software, hardware or business procedures. |
|---|
Assigned Primary Support |
|
|---|
Assigned Secondary Support |
|
|---|
RACI Chart | Function 1 Name: Investigation Description: Level | Responsible | Accountable | Consulted | Informed |
|---|
Primary | Idalia Torres | Fred Ullman | Trusted external sources, IT Service Center | Google Apps user | Secondary | Scott Grien | Fred Ullman | Trusted external sources, IT Service Center | Google Apps user | Tertiary |
|
|
|
|
Function 2 Name: Remediation Description: Level | Responsible | Accountable | Consulted | Informed |
|---|
Primary | Idalia Torres | Fred Ullman | Users | Google Apps user | Secondary | Scott Grien | Fred Ullman | Users | Google Apps user | Tertiary | Mike Gerholdt | Fred Ullman | Users | Google Apps user |
Function Name: IT Service Center Notification Description: Level | Responsible | Accountable | Consulted | Informed |
|---|
Primary | Idalia Torres | Fred Ullman | Not Applicable | IT Service Center | Secondary | Scott Grien | Fred Ullman | Not Applicable | IT Service Center | Tertiary | Mike Gerholdt | Fred Ullman | Not Applicable | IT Service Center |
|
|---|
Date Last Modified | |
|---|
| Status | Active |
|---|