Incident Response#

Security Incidents#

All security incidents and suspected security incidents that occur in your AWS account must be reported to both OIT Security and Cloud Foundations.

Important

If you become aware of, or suspect, a security incident has occurred in your AWS account, please report it immediately directly to the CU Boulder OIT Security office and by emailing Cloud Foundations at rc-help@colorado.edu.

Information to include in the incident report#

Please provide the following information when reporting an incident (as specified on Reporting an Incident):

  1. Contact information

  2. AWS account alias

  3. College or department involved

  4. Brief description of what happened

  5. General description of the type of information involved. Was it sensitive university information? Was it shared with or accessed by unauthorized people?

  6. General description of the impact of the incident, if known

  7. Any other known resources affected

Operational Incidents#

If Cloud Foundations-supported infrastructure in your AWS account is not behaving as you expect, please let us know by mailing rc-help@colorado.edu. We’ll do our best to get it corrected as soon as possible. Cloud Foundations provides support during official CU business hours.

Note

While we may be able to advise, support is limited for AWS resources not managed by Cloud Foundations. We are not able to assist with issues specific to customer-managed applications.