Overall Considerations for Employee Remote Access to Harvard Services

Protecting confidential information:
All employees who have access to Harvard confidential information whether at Harvard or remotely must understand their responsibility to only access information that they need to do their job, and to properly protect the confidentiality of the information they do access. Such employees must also annually sign a confidentiality agreement acknowledging these responsibilities. https://www.uis.harvard.edu/staff/policies/hrpolicies.php (PIN enabled). Harvard confidential information must not be stored on any computer not owned and managed by Harvard. It is the user's responsibility to ensure that no files containing Harvard confidential information (including temporary files produced by applications such as Word) remain on a non-Harvard computer after any use of such a computer with Harvard confidential information.

Anti-Virus Protection software and personal firewalls.
All computers used to access Harvard confidential data must run up to date anti-virus software and the virus definition files must be updated regularly. The personal firewall on the computer must also be enabled and be configured to block unneeded applications. Norton Internet Security 2005 is recommended for Windows computers. http://www.symantec.com/sabu/nis/nis_pe/. Norton Internet Security 3.0 for Macintosh is recommended for Macintosh computers. Anti-spyware protection software is also recommended.

Remote access to Harvard desktop computers.
Remote access to desktop or laptop computers at Harvard is prohibited unless specific permission has been granted by an employee's supervisor and IT Support group, or if the access is performed by a help desk as part of the process of assisting an employee with a problem. Thus, applications such as PC Anywhere or Timbuktu are not to be installed on any Harvard computer without specific permission by an employee's supervisor.