3.3 Sponsorship and/or Affiliation
Basefarm SIRT is an initiative of the Basefarm Group. Funding is provided by the Basefarm Group.
Basefarm SIRT’s main purpose in incident handling is to take part handling incident response and being proactive in security work at Basefarm Group.
4.1 Types of Incidents and Level of Support
Basefarm SIRT is authorized to address all types of computer security incidents which occur, or threaten to occur, in our Constituency (see 3.2) and which require cross-organizational coordination.
The level of support given by Basefarm SIRT will vary depending on the type and severity of the incident or issue, the type of constituent, the size of the user community affected, and Basefarm SIRT’s resources at the time. Special attention will be give to issues affecting critical infrastructure.
Note that no direct support will be given to end users; they are expected to contact Basefarm Support. Basefarm SIRT will support the latter people.
Basefarm SIRT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.
4.2 Co-operation, Interaction and Disclosure of Information
Basefarm SIRT will cooperate with other Organizations in the Field of Computer Security. This Cooperation also includes and often requires the exchange of vital information regarding security incidents and vulnerabilities. Nevertheless Basefarm SIRT will protect the privacy of their customers, and therefore (under normal circumstances) pass on information in an anonymous manner unless other contractual agreements apply.
Basefarm SIRT operates under the restrictions imposed by Swedish, Norwegian or Dutch law depending on where the incident occurs. This involves careful handling of personal data as required by the respective country’s Data Protection law, but it is also possible that – according to the law – Basefarm SIRT may be forced to disclose information due to a Court’s order.
4.3 Communication and Authentication
For normal communication not containing sensitive information, Basefarm SIRT will use conventional methods like unencrypted e-mail or fax.
For secure communication, PGP-Encrypted e-mail or telephone will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing webs of trust (e.g. FIRST) or by other methods like call-back, mail-back, or even face-to-face meeting if necessary.
5.1 Incident Response
Basefarm SIRT will assist the Basefarm Group in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:
5.1.1. Incident Triage
Determining whether an incident is authentic.
Assessing and prioritizing the incident.
5.1.2. Incident Coordination
Determine the involved customers.
Contact the involved customers to investigate the incident and take the appropriate steps. Facilitate contact to other parties which can help resolve the incident.
Send reports to customer teams.
5.1.3. Incident Resolution
Advise customer teams on appropriate actions.
Follow up on the progress of the concerned customer teams.
Ask for reports.
Basefarm SIRT will also collect statistics about incidents within its constituency.
5.2 Proactive Activities
Basefarm SIRT tries to raise security awareness in its constituency.
Publish announcements concerning serious security threats.
Observe current trends in technology and distribute relevant knowledge to the constituency.
Provide for a for community building and information exchange within the constituency.
Data mining early warning systems
Researching new zero-day vulnerabilities and attacks, discovery and disclosure of newly identified vulnerabilities to software and hardware vendors Perform other security-related work.
6. Incident Reporting Forms
If possible, please make use of the Incident Reporting Form.
While every precaution will be taken in the preparation of information, notifications, and alerts, Basefarm SIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.