RESPOND

How might we work together—IT Security, department IT support, the service desk, and all end users—to contain and mitigate security incidents?

A swift and coordinated response to security incidents helps minimize impact. IT Security, department IT support, and the service desk work together to investigate and mitigate threats, but end users play a key role by reporting issues quickly and following guidance during incidents.

Best Practices

  • Report suspicious activity (e.g., phishing emails, unexpected MFA prompts, unauthorized system access).
  • If your system is compromised, disconnect from the network and notify IT Security immediately.
  • Follow IT Security’s instructions for containment and mitigation steps.
  • Do not attempt to “fix” security incidents on your own— MyTech, IT support, and IT Security are here to help.
warning sign

Call To Action

If you see something suspicious, report it immediately—even small signs can indicate a larger attack.

Work with your MyTech team if you’re affected by an incident to contain and resolve it.

Follow response guidance from IT Security during an active security event to help limit damage.

Be transparent—accidents happen, and reporting them early can prevent bigger issues.

Key Questions Answered

What should I do if I suspect my account has been compromised?

Report it immediately to IT Security and change your password at myid.usu.edu.

Who is responsible for responding to security incidents?

IT Security leads the response, but department IT, the service desk, and end users all play a role.

Available Tools & Resources

  • Department IT Support and the Service Desk – Contact for immediate help.

  • Incident Response Playbooks – Step-by-step guidance for IT teams on handling security events.

  • Security Orchestration, Automation, and Response (SOAR) tools – IT Security uses automation to contain threats quickly.

  • Incident Reporting Mechanisms – IT Security provides reporting channels to escalate threats.