Skip over global navigation links

Security Incident Response

Getting Started

To order or inquire about this service, please contact the NIH IT Service Desk.

Service Hours: Monday through Friday, 8AM - 5PM

More Info

Related Services

The CIT Information Systems Security Office is responsible for ensuring all security incidents are reported and handled in accordance with the NIH Incident Response Policy, NIH Incident Handling Guidelines, and the NIH Incident Reporting Guidelines.  CIT customers (system administrators or desktops or servers) are responsible for ensuring all security incidents are reported and handled in accordance with the CIT Systems Security Incident Response Policy, CIT Systems Security Incident Handling and Reporting Procedures.

 

Customer Benefits

Security Incident Response ensures HHS, NIST, NIH and OMB regulations and guidelines are followed with regard to security handling.

Customer Market

Currently available to CIT only.

Frequently Asked Questions

 

Q: What do I do if portable NIH-owned equipment in my custody has been lost or stolen?
A: First, contact the NIH Service Desk within 1 hour at (301) 496-4357 and report the device as being lost or stolen. Second, contact your Supervisor and your Division Property Custodial Officer (DPCO). If the property was stolen from the workplace, contact your Administrative Management Office (AMO).

Q: Can I use peer-to-peer technology, such as Skype or BitTorrent on NIH-owned equipment or while connected to NIHnet either directly or by VPN?
A: No. Use of P2P technologies such as Skype, BitTorrent, Gnutella, etc. without a documented business need approved by the NIH Chief Information Security Officer (CISO) are strictly prohibited per the NIH Policy on the Use of Peer-to-Peer Software, dated 29 November 2011, at http://oma.od.nih.gov/manualchapters/management/2815/. Unauthorized use of P2P software is automatically detected and reported to the CIT ISSO and the user’s supervisor or contracting officer.
Q: What do I do if my VPN account is blocked?
A: Contact the NIH Service Desk at (301) 496-4357.

Q: What should I do if I have a security incident to report?
A: Please contact the CIT ISSO by telephone at (301) 402-4449 or Alternate ISSO at (301) 496-4922; or email citisso@mail.nih.gov during normal business hours. Outside of standard business hours, please contact the NIH Incident Response Team (IRT) at (301) 881-9726.

 

Up to Top

This page last reviewed: March 09, 2011