RFC 2350 (BCP 21)
Description of University of Oxford Computer Emergency Response Team (OxCERT)
This is the RFC 2350 for the University of OxCERT Computer Emergency Response Team (OxCERT).
<section intentionally blank>
3: Information, Policies and Procedures
3.1: Obtaining the Document
Date of last update:
Locations where this Document May Be Found:
3.2: Contact Information
University of Oxford Computer Emergency Response Team
University of Oxford Information Security
16 Wellington Square
OX1 2HY Oxford
GMT/UTC (GMT/UTC+0100 in Summer Time)
+44 1865 282222 (OxCERT) (Primary Contact)
+44 1865 612345 (IT Services Service Desk) (Secondary Contact)
Electronic Mail Address:
oxcert [AT] infosec . ox . ac . uk
Public keys and encryption:
For confidential email correspondence please use GnuPG encrypting to
OxCERT's current public key
Fingerprint: A8E1 FD4B 9770 C77A 75F0 5273 CE28 F2F2 5F88 68AF
Emails are monitored on working days in England (UK), 9.00 to 17.00
3.3.1: Mission Statement
The main areas of responsibility of OxCERT are:
* Detection, response, and prevention of information security incidents
that are within the University of Oxford.
* Serving as a single point of contact for third party incident
response teams (CERTs/CSIRTs).
* Co-ordinating the response in case of incident escalation.
IT infrastructure and services located on the University of Oxford's
3.3.3: Sponsoring Organization / Affiliation
OxCERT is the central computer security function for the University of
OxCERT has the authority to act on all incidents that cause, or could
cause, detriment to the confidentiality, integrity and availability of
University of Oxford ICT and information assets.
OxCERT works closely with UK and EU institutions & law enforcement
agencies. All relevant UK Data Protection Laws apply. In the case of
criminal action, these will be reported to the appropriate authorities.
Alerts & warnings
Information security education, training, and awareness building
Security consulting to members of the University
3.6: Incident Reporting Forms
Incident reporting forms are not used.
This document is provided on an "as is" basis and does not imply any
kind of guarantee of service provided by the University of Oxford.
While every precaution will be taken in preparation & dissemination of
information and security alerts, OxCERT assumes no responsibility to
external (Non-University of Oxford organisations and users) for errors,
omissions, or for damages resulting from the use of the information
provided within this document or our security communications.