Information Security Group
|
Home > Incident Management

Incident Management System

A security or privacy event is called a Security incident if there is a compromise, or loss or damage to information security assets or information such that it adversely affects or could adversely affect system and data confidentiality, integrity. The incident management system (IMS) is a framework designed to efficiently respond to and resolve unexpected events, disruptions, or emergencies to minimize the impact of incidents on business operations and services. The processlly includes incident identification, reporting, assessment, response coordination, resolution, and post-incident analysis.

Most customer contracts require incidents to be reported to them within 24 hours, to enable them to comply to security laws and privacy regulations. Therefore incidents should be speedily reported to ISG through the Incident management portal. ISG will then own the incident management and resolution. Associates can report a security incident here.

Report Security Incident
When to raise Security queries?
  • Data Loss: Accidental or intentional loss of TechM or Client sensitive /Confidential data
  • Asset Lost: The Loss f assets like laptop or any other device used for business operation.
  • Service Outages: When there is a sudden loss or degradation of a service or system’s functionality.
  • Security Breaches: Any unauthorized access, data breaches, or security incidents should be reported promptly.
  • Hardware/Software Failures: Malfunctions in hardware or software components that impede normal operations.
  • User Complaints: If users report issues that could indicate a broader problem affecting multiple users or systems.
  • Network Issues: Connectivity problems, network outages, or disruptions that impact communication.
  • Unusual Activity: Detection of abnormal or suspicious activity that may indicate a potential security threat.
  • Policy Violations: Instances where actions deviate from established policies or procedures.
  • Environmental Events: Natural disasters, power outages, or other environmental factors affecting operations.
  • Violation of Priviledged rights: Unauthorised Access
  • Password sharing,
  • MSA Clauses
Examples of Information Security Incidents
  • Sending or uploading confidential information to External Non Business domain or with unauthorized persons
  • Uploading information or code on code repository or similar sites without approval and protective measures
  • Unauthorized download or installation of software
  • Downloading or installing cracked versions of software or using unauthorized software such as bit torrent
  • Bringing unauthorized personal devices within TechM premises or restricted areas
  • Sharing of passwords
  • Visiting non-business or unauthorized websites
  • Downloading or storing songs, videos or other personal photographs or material
  • Misuse of client proxy for personal browsing
  • Hosting servers, applications on the internet or cloud without security testing and ISG approval
  • Sending employee personal information to unauthorized persons
  • Keeping personal information of employees at an insecure location without encryption or proper access control
  • Exposure or leakage of customer information related to client project due to application error
Procedure of Incident Management
The CISO or Incident Management Function Owner at the organizational level appoints an Incident Management Lead/Manager. Incidents are documented in the online Incident Management System Portal.The Incident Manager takes charge of managing incidents, notifying stakeholders, organizing calls, identifying root causes, implementing immediate, corrective, and preventive actions, and documenting the incident until closure.
For any queries write to : ISGIncidentManagementGroup@TechMahindra.com
Copyright © Tech Mahindra Limited. All Rights Reserved