Preventing & Responding to Security Incidents

Roles & Responsibilities

For key Privacy and Security tasks, administrators should clearly define and communicate roles and responsibilities, ensure that they align with Acceptable Use and Security of UBC Electronic Information and Systems, and designate a responsible staff member for overseeing the unit’s privacy and security measures. The unit should know who to contact in the event of security breaches or information loss.

Privacy & Security Incidents

Administrators should ensure that all employees know to contact Arts ISIT and the UBC IT Support Staff responsible for their unit for Privacy and Security incidents. If an issue with physical security arises or if your building has been compromised, the unit should also contact Campus Security.

When Employees Leave

When an employee leaves or changes roles/responsibilities, the administration must ensure that all user accounts are promptly deactivated and that all PII, physical access rights, and UBC-owned devices are returned or destroyed. This includes desktop and laptop computers, tablets, smartphones, USB keys, portable hard drives, email systems, and software applications. See UBC IT’s Guidelines for the Destruction of UBC Electronic Information.