Harvard-MIT Data Center

Except where otherwise stated, HMDC-provided storage services are backed up by default. The schedule and retention policy varies depending on the aplication.

Generally, back ups are retained for 3 months.  The highest chance of success for recovering a file occurs if it exists on disk for 24 hours and HMDC is notified as soon as possible when corruption or deletion occurs.

Regardless of how old or new lost data is, always contact us and we will do our best to recover what we can.

For additional information regarding custom back up solutions or for assistance determining the backup schedule for different storage, please contact us.

The following discloses our information gathering and dissemination practices for this web site (support.hmdc.harvard.edu).

Information Gathering

Our web server software generates logfiles of the IP addresses of computers that access this web site and of what files they access. These web server logs are retained on a temporary basis and then deleted completely from our systems.

Use of Information

We use your IP address and files you access to help diagnose problems with our server and to administer our Web site by identifying (1) which parts of our site are most heavily used, and (2) which portion of our audience comes from within the Harvard network. We also use this information to tailor site content to user needs, and to generate aggregate statistical reports. At no time do we disclose site usage by individual IP addresses.

We do not link IP addresses to anything personally identifiable. This means that user sessions may be analyzed, but the users will remain anonymous.  We also do not use cookies.

Security

This site has security measures in place to protect the loss, misuse and alteration of the information under our control.

Contacting the Homepage

If you have any questions about this privacy statement, the practices of this site, or your dealings with this site, you can contact us by using our form: http://support.hmdc.harvard.edu/contact.

This web site may contain links to other web sites. We are not responsible for the privacy practices or the content of such web sites.

Changes to this Policy

An announcement of any changes to this policy will be posted prominently on the first page of our web site for three months before any changes go into effect.

Effective Date

The effective date of this policy was November 1, 2009.

Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Systems administrators, however, may gain access to users' data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules.

We train our systems administrators with care. We limit all system administration privileges, including the ability to access files, to those administrators who are required to perform maintenance and recovery of the systems for which they are responsible.

We abide by the Faculty of Arts and Sciences (FAS) policies on computer rules and responsibilities, and our users should read and follow these as well. These rules specify that individuals who are provided access to University computer facilities and to the campus-wide communication network assume responsibility for their appropriate use. The University expects individuals to be careful, honest, responsible, and civil in the use of computers and networks.

As system administrators, we also follow the SAGE (System Administrators Guild) expanded code of ethics. This requires system administrators to strive to:

1. Treat everyone fairly.
2. Maintain user privacy and confidentiality.
3. Keep users informed about computing matters that may affect them.
4. Ensure the integrity of the systems.
5. Cooperate with computing professionals.
6. Be honest about their competence.
7. Continue to educate themselves.
8. Enlarge their understanding of social and legal issues that arise in computing environments.
9. Maintain safe, healthy and productive workplace for all users.
10. Maintain a consistently high ethical standard and degree of professionalism in the performance of all duties.

We ask you to read and follow the the FAS policies on computer rules and responsibilities.

In addition:

1. On shared systems, additional information on the use of the system may be intercepted, recorded, audited, inspected, and disclosed to authorized site and law enforcement personnel.
2. If you obtain data from us, you may not redistribute it without written permission. If your affiliation lapses, you must destroy or return any data you obtained from us. You must also abide by any additional restrictions imposed by the data provider, as described by any licenses accompanying the data.
3. If you obtain a login account from or through us, you may not share it with others.
4. Users of public computer labs are expected to:
   • Keep their area tidy in general, and to remove belongings when not logged in to the system.
   • Log out when leaving the lab area for more than a few minutes, but not to reboot or shut down the systems when doing so.
   • Refrain from food, beverages, and smoking.
   • Leave the lab area locked if it was locked when you entered.
   • Be quiet and considerate of others.
   • Refrain from removing documentation or manuals from the lab.
   • Yield to those doing higher priority work (required coursework is higher priority than general work which is higher priority than games and recreation).

Waiver: You recognize that systems and networks are imperfect, and waive any responsibility for lost work or time that might arise from their use. Our staff cannot compensate you for degradation or loss of personal data, software, or hardware as a result of your use of University-owned systems, software, or networks, or as a result of assistance you might seek from our staff.

By using HMDC facilities and services you consent to these policies.

It is the responsibility of IQSS staff and affiliates to be aware of University rules governing the collection, storage, transport, use, and disposal of confidential information, and to follow these rules. Below is a brief summary of these policies, with links to the full details.

Types of Confidential Information

There are two types of confidential information currently recognized at the University:

• High Risk Confidential Information (HRCI)
  This is data containing a person’s name and state, federal, or financial identifiers.
  Or, research data containing private sensitive information about identifiable individuals.
• Harvard Confidential Information (HCI)
  Business information specifically designated by the School as confidential.
  Or, identifiable business information that puts individuals at risk if disclosed.
  Or, research data containing private information about identifiable individuals.
  Or, student records (such as collections of grades, correspondence).

Harvard and IQSS staff and affiliates are responsible for information that they store, access, or share. These responsibilities include:

• Encrypting all laptops, portable storage, and network connections used with confidential information.
• Protecting systems you use to access confidential information through the use of firewalls, virus scanners, and regular software updates.
• Using individual accounts, not sharing account information, and choosing strong passwords.
• Protecting Harvard information and systems, and complying with specific the policies and procedures for use of those systems.
• Attaching only approved devices to the Harvard network.
• Disposing safely of confidential information through the use of approved, secure file-deletion and disk-cleaning tools
• Not sharing confidential information with people who are not approved to access it.

Approvals

All access to confidential information requires approval and a business or research need. In addition:

• Access to HRCI business information or HCI business information specifically designated by the School as confidential requires individual approval by the Director of Security for that school.
• Access to HRCI research information requires individual approval by the Principal Investigator of the research project managing such information. In addition, it is the responsibility of the Principal Investigator to delegate access in a manner consistent with an IRB-approved research plan.

More Information

For more information see the following resources:

• Harvard Information Security and Privacy web site:
  www.security.harvard.edu
• Harvard Enterprise Security Policy:
  www.security.harvard.edu/enterprise-security-policy
• Harvard policies on human subjects research:
  www.fas.harvard.edu/~research/hum_sub/
• Harvard personnel manual section on information privacy and confidentiality:
  harvie.harvard.edu/docroot/standalone/Policies_Contracts/Staff_Personnel_Manual/Section2/Privacy.shtml
• FAS information security policies and procedures:
  www.fas-it.fas.harvard.edu/services/catalog/browse/39

HMDC/IQSS IT support treats user data as private, but recognizes the need to access data or programs when necessary to maintain systems, consistent with the FAS Computer Rules and Responsibilities, section I, Privacy of Information[1]:

"Information stored on a computer system or sent electronically over a network is the property of the individual who created it. Examination, collection, or dissemination of that information without authorization from the owner is a violation of the owner's rights to control his or her own property. Systems administrators, however, may gain access to users data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules. "

Further, consistent with section II, HMDC/IQSS IT system activity is logged automatically:

"Users understand that timesharing and network-based system activity is automatically logged on a continuous basis. These logs do not include private user text, mail contents, or personal data, but do include a record of user processes that may be examined by authorized system administrators."

and

"The staff of FAS IT consider user accounts to be the private property of individuals who have opened them, and as a result will never ask users to reveal their passwords. However, users who request assistance from FAS IT give the staff implicit permission to view specific data in their accounts that is necessary to investigate, diagnose, or correct the problem."

Similarly, IQSS/HMDC users give HMDC/IQSS IT staff implicit permission to view specific data in their accounts that is necessary to investigate, diagnose or correct a current problem.

HMDC/IQSS IT staff will use minimally invasive means necessary to diagnose and correct reported problems. For example:

• HMDC/IQSS IT staff will never ask users for their passwords.
• HMDC/IQSS IT staff will not use user credentials to access non HMDC/IQSS accounts or files, unless specifically requested by the user in writing.
• HMDC/IQSS IT staff will use pattern matching tools (for example, grep) rather than viewing the content of files that potentially are personal or confidential, wherever feasible; and only when necessary to diagnose or correct reported problems.
• HMDC/IQSS IT staff will never view the content of files identified as HRCI unless authorized explicitly in writing by the FAS Director of Security, and/or IRB-authorized faculty.

[1] Available at http://www.fas-it.fas.harvard.edu/services/facultyStaff/policies/rules_and_responsibilities#privacy.

By use of HMDC electronic mail services (accounts, webmail, mailing lists, and more), you agree to abide by the responsibilities and rules of HMDC, FAS and Harvard University, as well as the rules and regulations of your particular internet service provider (ISP), if not connecting from Harvard. If you have any questions about these policies, please contact us or your ISP for clarification.

General Guidelines

HMDC provides electronic mail services to certain members and affiliates of the Harvard community. All such users have the responsibility to use our services in an efficient, ethical, and legal manner in accordance with our policies. HMDC has the right to terminate access to electronic mail services if a user is determined to have violated said policies. Access to such services is limited to authorized users and cannot be shared to other users without expressed consent from HMDC and your departmental administration unit. Users should not use any accounts assigned to other individuals.

While HMDC electronic mail services operate and are monitored 24 hours per day/7 days per week, we cannot guarantee the availability of services at all times. HMDC will make a best attempt to work expediently when solving service delays or outages. The security of passwords and backup of data are the responsibilities of individual users, not HMDC. Users recognize that electronic mail services are imperfect and waive any responsibility for lost work or time that may arise from their use. The staff at HMDC cannot compensate users for degradation or loss of personal data as a result of use of our electronic mail services, or as a result of assistance they may seek from HMDC IT staff.

HMDC neither sanctions nor censors individual expression of opinion on our electronic mail services. The same standards of behavior, however, are expected in the use of electronic mail as in the use of telephones and written and oral communication. Electronic mail messages must not misrepresent the identity of the sender and should not be sent as chain letters or broadcast indiscriminately to large numbers of individuals. This prohibition includes unauthorized mass electronic mailings. Electronic mail on a given topic that is sent to large numbers of recipients should be directed only to those who have indicated a willingness to receive such mail.

Under federal copyright law, no copyrighted work may be copied, published, disseminated, displayed, performed, or played without permission of the copyright holder. HMDC may terminate the electronic mail services of users who are found to have repeatedly infringed the copyrights of others. Users understand that electronic mail activity is automatically logged on a continuous basis. These logs include a record of user addresses and processes that may be examined by HMDC.

HMDC considers email messages and other electronic documents stored on Harvard-owned computers to be confidential, and will not access them, except in the following circumstances:

1. IT staff may need access to electronic records in order to ensure proper functioning of our computer infrastructure. In performing these services, IT staff members are required to handle private information in a professional and appropriate manner, in accordance with the Harvard Personnel Manual for Administrative and Professional Staff. The failure to do so constitutes grounds for disciplinary action.

2. In extraordinary circumstances such as legal proceedings and internal Harvard investigations, electronic records may be accessed and copied by the administration. Such review requires the approval of the Dean (of School) and the Office of the General Counsel.

Accounts

Requested accounts will be created within a reasonable timeframe after receipt of all requested information. All accounts will be created with the login id of firstinitial+lastname (unless the combination is already in use, in which case, more letters of your first name or your middle initial if provided will be used). Requests to use an abbreviated version of your last name must be made at the time of account creation. All electronic mail accounts will be login id@latte.harvard.edu, unless the department has requested a separate domain for its users (such as loginid@wcfia.harvard.edu). Departmental administrators and faculty may request special account names for specific job positions (such as faculty assistant, front receptionist, or others) if it is anticipated that the position will be filled by temporary employees or will have high turnover.

A default password is created and sent when account creation occurs. Users are expected to change the account password for security reasons. HMDC recommends that all passwords are at least 8 characters in length; have at least one lower-case letter, one upper-case letter, one number and one special symbol character; and are not easily recognizable. Users may change their password under the Account Manager icon in Webmail (https://webmail.hmdc.harvard.edu). HMDC cannot recover forgotten account passwords, but can reset account passwords upon request and verification of identity.

The storage quota for each electronic mail account defaults to enough space for approximately 80,000 plain text messages. Users who need additional storage may request additional space, subject to HMDC approval. Users are responsible for watching the quota used for their accounts. Once an account is at the quota limit, all incoming mail will bounce back to the sender with the error 'Mailbox Full'. HMDC cannot recover messages that are bounced in this manner.

Access and Features

HMDC electronic mail service allows POP, IMAP and web-based connectivity via HMDC Webmail (https://webmail.hmdc.harvard.edu) to mail accounts. The HMDC mail server will support secure (SSL) connections if desired. HMDC does not provide desktop mail client support for departments; unless the department has a desktop support agreement and only for supported electronic mail applications (see Desktop Support Policies for further details).

All incoming messages are scanned for potential viruses. Any incoming message that is found to contain a virus is bounced back to the sender with a virus warning. Intended recipients will not receive any notification of this event. HMDC cannot prevent all computer viruses sent via electronic mail. Users should practice proper virus prevention procedures, such as deleting unsolicited mail, leave attachments from unknown users unopened, and installing a desktop virus prevention software package. HMDC is not responsible for damages caused by electronic mail viruses.

All incoming messages are scanned for SPAM (unsolicited, junk electronic messages). Each message is compared to a database of known SPAM attributes and assigned point values for each contained attribute. Once a message reaches a certain point threshold, the text SPAM is added to the beginning of the subject line and delivered to the recipient. HMDC cannot guarantee all incoming messages will be properly identified as SPAM or non-SPAM.

HMDC provides vacation messaging and account forwarding for all electronic mail accounts. Users are responsible for activation/deactivation of vacation messaging and/or account forwarding for their account. HMDC is not responsible for lost messages due to improper settings. A personal account will be deleted when a person is no longer covered under a HMDC electronic mail service agreement. Account extensions requests are approved only by the departmental administrator with HMDC and must be arranged before the account has been terminated. Once an account has been deleted, all mail forwarding will cease and messages sent to that account will bounce back to sender.

Mailing Lists

All staff and faculty from departments with an electronic mail services agreement with HMDC may apply for a mailing list. All requested information must be complete before a new mailing list will be created. For mailing lists intended for departments (or sub-departments), approval from the departmental administrator is required.

All mailing lists must have at least one designated person to administer the list. The list administrator is responsible for adding and removing addresses from the list, as well as any other list duties including moderation of messages. The list administrator is responsible for setting all list parameters, including archival settings. HMDC does not provide any list maintenance services for users.

All mailing lists are subject to the same rules and regulations of any electronic messages sent from the HMDC mail servers. HMDC reserves the right to remove any list recipient or mailing list.

All users of our accounts and public machines agree to abide by all rules and regulations enumerated by our personnel, which can be communicated to you via written, email, publically posted, or verbal communcations. These rules specify that individuals who are provided access to University computer facilities and to the campus-wide communication network assume responsibility for their appropriate use. The University expects individuals to be careful, honest, responsible, and civil in the use of computers and networks.

In addition:

• On shared systems, additional information on the use of the system may be intercepted, recorded, audited, inspected, and disclosed to authorized site and law enforcement personnel.
• If you obtain data from us, you may not redistribute it without written permission. If your affiliation lapses, you must destroy or return any data you obtained from us. You must also abide by any additional restrictions imposed by the data provider, as described by any licenses accompanying the data.
• If you obtain a login account from or through us, you may not share it with others.

Users of public computer labs are expected to:

• Keep their area tidy in general, and to remove belongings when not logged in to the system
• Refrain from food and beverages
• Be quiet and considerate of others
• Refrain from removing documentation or manuals from the lab

Waiver

Users recognize that systems and networks are imperfect and waive any responsibility for lost work or time that may arise from their use. Our staff cannot compensate users for degradation or loss of personal data, software, or hardware as a result of their use of University-owned systems, software, or networks, or as a result of assistance they may seek from our staff.

By using our facilities and services the user consents to the above policies, as well as FAS and UIS policies.

Faculty of Arts and Sciences (FAS) IT Rules and Regulations

For faculty and staff:
    http://www.fas-it.fas.harvard.edu/services/facultyStaff/policies/rules_a...

For students:
    http://www.fas-it.fas.harvard.edu/services/student/policies/rules_and_re...

University Information Systems (UIS) IT Rules and Regulations

For all Harvard persons:
    http://www.universitycio.harvard.edu/information_technology_policies/

We provide and service three types of accounts, available to all IQSS affiliates:

• CGIS accounts - Provides access to network drives and networked printing resources
• Email accounts - Includes personal or group email accounts, as well as mailing lists
• Research Computing Environment (RCE) accounts - Provides access to the following resources:
  • RCE desktop
  • Other HMDC-managed login and computer servers
  • Concurrent Versioning System (CVS) repositories
  • Hosted website access through Secure File Transfer Protocol (SFTP) or Server Message Block (SMB) protocol

We are happy to provide accounts to qualified requesters; however, for purposes of accounting and administration, these accounts must conform to the policies described on this site. These policies are enforced programmatically during the account creation process and cannot be overridden by administrators.

Definition of Affiliates

Affiliates are defined as members of the following groups:

• Institute for Quantitative Social Science (IQSS)
• Center for Government and International Studies (CGIS)
• Faculty members of FAS social science departments and research centers
• Faculty members from Harvard's other schools in social science research
• Sponsored, approved MIT faculty and their graduate students
• Sponsored visitors

If you are a member of an affiliated group but are pursuing research in a field outside of the social sciences, and are interested in using our services, please contact us. We can work with you to determine whether we can meet your research needs.

All members of the Harvard University and approved members from MIT with valid ID cards are eligible to register for a CGIS account. Student, staff, and faculty ID cards with a future expiration date are considered valid. Other Harvard or MIT ID cards that are issued for specific activities, such as a Special Borrowers Card from the Harvard libraries, are not valid IDs. Valid ID cards must be presented at the time of account creation so that the new user's identity can be confirmed.

We reserve the right to deny accounts to any individual. All staff and faculty from departments with a support agreement with us may apply for an account. All requested information must be complete and the user must agree to abide by HMDC Policies before a new account is created.

Sponsored Accounts

Temporary logins are not available in our computer labs. People without valid Harvard or MIT IDs can be sponsored by a senior staff or faculty member.  Sponsors must be either senior administrative staff or faculty for a department, center, or school. Sponsors must be present at the time of account creation.

For additional information on sponsored accounts, please contact us.

New Account Form

If you are a new affiliate, see your Program Coordinator or IT contact to obtain your CGIS account.

If you are a Program Coordinator or an IT contact, please contact us for account creation.

To apply for a CGIS account, please print and complete the attached form and submit it to the Lab Help Desk located in room K026 of the CGIS Knafel building.

Our electronic mail accounts are available for affiliated departmental personnel. Account creation is subject to the approval of the appropriate program coordinator.

We reserve the right to deny email accounts to any individual. All staff and faculty from departments that have an email services agreement with HMDC may apply for an account. All requested information must be complete and the user must agree to abide by HMDC Policies before a new account is created.

Department administrators and faculty may sponsor accounts for nonstaff affiliates, subject to HMDC and departmental administrative review. In general, students with Harvard school mail accounts (FAS, KSG, HLS, and others) should utilize those email services.

New Account Requests

If you are a new affiliate, see your Program Coordinator or IT contact to obtain your email account.

If you are a Program Coordinator or an IT contact, please contact us for account creation.

When you request an RCE account, usernames will conform to the following specifications:

• Composed of the first initial followed by the first seven characters of the last name
• No more than eight characters in length
• No nonalphabetic characters
• No spaces
• All lowercase

RCE account passwords must conform to the following restrictions:

• At least eight characters in length
• Not based on any common dictionary word
• No spaces
• Contains at least two numbers
• Contains at least two special (nonalphanumeric) characters

The Harvard PIN Service has helpful guidelines for picking a strong password.

New Account Requests

Please contact us for more information.

If you received a message informing you that your account is up for renewal or that you must change your password, please read the following paragraphs. Our policies differ depending on the account in question. In all circumstances, we attempt to provide ample forewarning of any change in account status.

CGIS Accounts

Accounts are good until the start of the following semester. We send out an account renewal notice near the beginning of each new semester explaining that your CGIS account is up for renewal, and include instructions on how to extend your access. Accounts that are not renewed are archived and deleted. We are not responsible for any data lost for archived accounts.

CGIS accounts are available for as long as a user maintains an affiliation with the sponsoring group. Only in special circumstances do we extend access for your account; otherwise at the time when the affiliation ends, the account will be disabled.

To change your CGIS account password, please refer to Changing Your CGIS Account Password.

Email Accounts

Hosted email accounts are valid for as long as the user maintains an affiliation with the sponsoring group. At the time when the affiliation ends, we disable the email account. In this event, it is your responsibility to notify correspondents of the change in address. One way to do this is to set up a vacation message that specifies a forwarding address. See Managing Vacation Messages for more information.

To change your email password, please refer to Changing Email Password.

RCE Accounts

All RCE accounts have a renewal date; this is required by administrative and security best practices. Renewal dates are selected based on the estimated end times of users' projects. These can be adjusted as schedules change, though as a general rule accounts are up for renewal at least once every year. When you see an account renewal message, please respond to it. HMDC staff need to know whether you will require continued use of your account after the expiration date, and if so, for roughly how long.

Passwords to RCE accounts also have expiration dates, which are separate from the account renewal dates. Passwords expire every six months and must be changed to ensure uninterrupted access. When you see a password expiration message, please use the included link to change your password, or refer to Setting Your Password.

If you are unable to do so, please contact us and ask that your password be reset.

Attached is a PDF describing the service agreement for all HMDC Desktop Support services. Please print and read this document before you initiate use of these services.

Attached is a PDF describing the service agreement for all CGIS computer lab account services. Please print and read this document before you initiate use of these services.

Attached is a PDF describing the service agreement for all HMDC Server Hosting services. Please print, read, and sign this document before you initiate use of these services.

Attached is a PDF describing the service agreement for all HMDC RCE services. Please print and read this document before you initiate use of these services.