Is your workstation or laptop running slow? Does it take forever for an application to start? Do you return to your desk following short breaks and often find that your computer has restarted and is displaying some sort of cryptic message about a problem? These are all signs that your machine may be compromised or infected.

Security incidents come in all varieties. We are constantly under attack through web applications, emails, and infected media (even new thumb drives, fresh out of the package). It’s important that you report any of the symptoms (like those listed above) to your departmental IT staff or the OIT HelpDesk, and it’s especially vital if you routinely work with or have access to sensitive information like social security numbers, credit cards, or student information. Federal law may require that the compromised information be reported.

What if you don’t work with sensitive information or have access to the type of information listed above? You should still inform your departmental IT person about any peculiar behavior or call the OIT HelpDesk for guidance. Remember that we are all at risk when a device or NetID is compromised.

If it lookslike a duck, walks like a duck, and sounds like a duck, it just might be a compromised machine.

What if you suspect a problem with your machine?

• DO let someone know!
• DON’T turn off your computer (if you can avoid it).
• Departmental IT: DON’T just “slick” the drive and rebuild the machine.
  Crucial information about the compromise could be lost.
• DON’T rebuild a machine until you’re instructed to do so.
• DO keep your devices patched to the latest versions and keep your anti-virus updated.
  UT Policy IT0110 requires that ALL UT-Owned devices MUST be running the latest, supported operating system and patches. Exceptions must be approved by the Chief Information Officer.