Information Technology Services - nav image

2.2 Protecting Confidential Information on Networks

Harvard Enterprise Security Policy:

Policy Excerpt
All confidential information must be encrypted when transported across any network.
Users should clearly understand that many common systems such as normal email cannot be considered a secure way to transport confidential information.

HLS Policy:

HLS strictly prohibits sending HRCI (see Section 1) via email or FTP. Both email and FTP are equivalent to sending a post card through the mail. Any party passing the information can read the content of the message.

Approved Solution:

When sharing HRCI between departments at HLS the approved method is the M: drive. If HRCI needs to be shared between members of the same group HLS ITS recommends using the shared drive for your group.

Frequently Asked Questions:

Q: Can I use the M: drive to share HRCI with someone outside of HLS?
A: No, the M: drive is only available to HLS users on the HLS Domain, for more information about the M: drive click here.

Q: I have HRCI that I need to transfer to another party what should I do?
A: The HLS ITS approved mechanism for transferring HRCI to other parts of Harvard or Harvard vendor is Secure File Transfer Protocol (SFTP). It is a violation of HLS and Harvard Policies to transfer HRCI via File Transfer Protocol (FTP) or Email. If you have questions regarding this please contact Security(@law.harvard.edu).

Last modified: December 08, 2008

© 2014 The President and Fellows of Harvard College. All rights reserved.