Harvard University is committed to providing a safe and reliable computing environment for students, faculty and staff. The purpose of this page is to describe some of the methods and protocols used by Harvard Information Security to deliver on that commitment.
Information Security Protocols
Last Updated: 3/2/2016
Information Security staff at Harvard adhere to the Policy on Access to Electronic Information. These protocols explain how we apply the policy to our operations and guide information security staff when they must take immediate steps to protect the overall safety of the network and systems. They build upon the concepts in the Harvard IT Professional Code of Conduct to Protect Electronic Information.
- We block access to internet servers and sites only when they are being used to attack University resources
- We lock non-privileged end user accounts without prior notice only when there is clear evidence that an unauthorized party is using them
- We remove systems from the network without prior notice only when we have clear evidence that they are compromised and they house or could provide access to Harvard confidential information or they are being used to attack other systems
- We block the delivery of emails only when we have a high degree of confidence that the email contains malicious software, directs users to install malicious software or is being used to harvest passwords or other confidential information
- We remove emails from Harvard email servers only when they meet the criteria above and represent a critical risk to the University
- We view aggregate log data only in fulfilling our responsibility to protect data and systems
- We view log data about individuals (whenever possible, separate from an actual person’s name) only in fulfilling our responsibility to protect data and systems, when authorized by University personnel as defined under the Policy on Access to Electronic Information or, as included in that policy, when the health, life or safety of a person or people may be at stake
- We notify users as soon as possible when we take an action that impacts their specific account or system
If you have questions about security practices that are not addressed on this page, we encourage you to contact us.
|Crowdstrike FAQ||41 KB|