Institute for Quantitative Social Science (IQSS)
Harvard‐MIT Data Center (HMDC)
14 November 2018
Users are responsible for ensuring that they comply with all policies as defined in this section, and with those policies established by FAS and the University.
Usage policies govern who may use the system, what information may be stored, and what uses of the system are permitted. All users must comply with appropriate IQSS/HMDC usage policies as defined at http://projects.iq.harvard.edu/user-services/hmdc-usage-policies, including (1) storage of confidential information and classified information; (2) privacy; (3) proper use of Harvard resources; and (4) dissemination of copyrighted information.
Information related to Sid resource usage will be collected solely for the purpose of security and compliance and retained for less than twelve months. Access to these logs is restricted to only authorized IQSS/HMDC IT Operations staff. No personal data or any confidential information related to the individual will be collected except as needed to maintain account contact information.
Security policies enforce Harvard University, state and federal guidelines to be followed to ensure the availability of IQSS/HMDC resources while protecting the privacy and integrity of confidential and classified information.
All users including members, non-members and vendors of the Harvard community must comply with Harvard computing policies including the Harvard Enterprise Information Security Policy (HEISP) defined at http://www.security.harvard.edu/enterprise-security-policy regarding access, storage and transmission of High Risk Confidential Information (HRCI) and Harvard Confidential Information (HCI).
HRCI must not be stored or processed on IQSS/HMDC systems without prior written approval from IQSS/HMDC, HUIT Security, and/or the Institutional Review Board (IRB) of the school with which the user is affiliated. Harvard Confidential Information (HCI) must only be stored on storage authorized to host Level 3 data. HCI may be processed on Sid. HCI may not be stored on local disks on HCI-managed servers or processed by other IQSS/HMDC services without prior written approval.
Storage and transmission of HRCI or HCI must always be protected by encryption. HRCI or HCI must be transferred only using secure file transfer mechanisms. Use of common systems including normal email for transfer of confidential information must strictly be avoided.
Any possible breach of HRCI or HCI must be promptly reported to IQSS/HMDC whereupon it would be escalated to the OGC, the University CISO, the University CIO and the IRB.
For any questions and assistance regarding the use of Sid facilities, IQSS/HMDC resources and their proper usage per the usage and security policies, please contact us at email@example.com.
Clients are responsible for abiding by licenses for any and all commercial software applications used on a system supported by IQSS/HMDC.
Maintenance of non-supported operating systems and applications, including all vendor-supplied security and bug fix patches are the responsibility of the user.