Who is the BU IS&T Incident Response Team?

Information Services & Technology’s Incident Response Team (IRT) is a subunit of the Information Security Group made up of full time employees. The group reports to the Executive Director of Information Security.

What does the Incident Response Team do?

The Incident Response Team identifies and responds to security issues that are actively being exploited on campus, notifies administrators of security breaches, and provides the university with forensic and auditing capabilities. The team actively coordinates with IS&T Management to effect policy changes and enforcement, and works with campus systems administrators to mitigate risks and respond to emerging security issues. The team also develops tools and hones techniques for incident handling, develops strategies to increase the University’s detection and response capabilities, and maintains contacts with other universities and law enforcement.

When should I contact the Incident Response Team?

You should contact the Incident Response Team at any time that you think you may have observed a security breach in a BU computer account or system.  If you are uncertain, we have provided some examples of security incidents.

Since quick response is essential in limiting the damage caused by a security incident, we encourage all our clients to report information to us that may help identify breaches in our security.  If you are a member of the Boston University community and an incident likely involves the loss of protected or sensitive data you must report the incident.

How do I contact the BU IS&T Incident Response Team?

You may contact us one of two ways:

Please be aware that Boston University has over 20,000 computer systems operating on its network at any time. In order to process your complaint we need as much detail as possible. At a minimum, we need you to provide us with:

  • Your contact information, email and/or phone number so we can follow up if we need more information.
  • The hostname, IP address, or MAC (hardware) address of the BU system involved in the incident.
  • The time the incident occured, including your timezone. Boston University is in the US/Eastern timezone

When leaving a message by either means please be sure to leave names and phone numbers of people who we can contact to obtain access to the system.