The security functions of commonly used desktops, servers, and communications technologies are often vulnerable, allowing unauthorized access to or viewing of system resources. A security violation on one machine may threaten security of other systems on the network, allowing unauthorized users to disrupt or damage interconnected systems. Because of this, each individual and unit has certain responsibilities to ensure that their systems are reasonably secure. This section describes security-related roles and responsibilities. It also describes circumstances under which iSTORM user data can be collected and examined by an individual managing a LAN, server, or system.

1. Responsibilities of Network Administrators: It is the responsibility of every network administrator to have expertise sufficient to maintain appropriate levels of security and system integrity on local LANs. IT will document best practices and procedures for maintaining network security and integrity, in consultation with the campus community and peers nationally. IT provides training, consulting, and general support to network administrators.

2. Ensuring Integrity of iSTORM: In the event that IT judges a LAN to present an immediate risk to the integrity of iSTORM equipment, software, or data, or presents a risk to the external network (resulting in potential liability for the college), IT may terminate or restrict the LAN's network connection without notice. If there is no immediate risk, IT will bring the matter to the attention of the LAN's network administrator. If IT is unable to resolve the problem at this level, it will contact the unit executive officer or the next level administrator. In addition, if an individual system administrator of a multi-user system determines that an account presents an immediate security risk, he or she may inactivate the computer account without prior notice. The administrator must contact IT in a timely manner to report and discuss the situation. In the course of ensuring the integrity of iSTORM and local LANs, IT and system administrators, respectively, may use tools, monitoring hardware and software, and log information as indicated here:

   1. Security Tools: IT may use tools designed to locate security flaws in equipment connected to the campus network and will take appropriate steps to protect the privacy of data (as provided by this policy) in the process. When IT documents risks to security or network integrity, units are responsible for immediate responses to mitigate or remove the risk. Whether so notified or not, units are responsible for appropriate security with respect to equipment within their LAN.

   2. Network Monitoring Tools: In order to solve network problems, system administrators may employ software or hardware devices from time to time that capture contents of packets traversing the network, including email, Web, and other services. These monitoring tools will be used to monitor and improve the performance or integrity of the network. They will not be used to monitor or track any individual's network activity except under the special authorizations provided for under Section 5.

   3. System Log Files: i) Managers of systems and network services may log connections to their machines and services made via remote access or iSTORM. The information recorded may include the source and destination for a connection, and session start and end times.

      Operators of multi-user systems may keep logs of activities on their systems. The logs may include login name, timestamps and commands issued. Network administrators may not monitor individual users' data or files except under special authorizations provided for under Section 5.

[Back to Top]