Information Technology Policy Roundup 2002

Gathering of Existing MIT Policies, Rules and Guidelines related to Information Technology

MIT Policy The policies and procedures set forth in this document are those that affect faculty and staff in a way basic to the conduct of Institute affairs or that are applicable to major or critical areas of Institute activity. Another important resource is the MIT Personnel Policy Manual, and is also available in department headquarters or the Personnel Office. Policies directly affecting students can be found in The MIT Bulletin.
MIT Computing Policy One of MIT's Policies, Section 13.2, the Policy on the Use of Information Technology covers the privacy of Institute records; information security and preservation; responsible use of MIT computers, networks, and telephones; privacy of electronic communications; and the acquisition and use of third-party products and services. The Cal Tech statement of Computer Ethics is very similar to the MIT Computing Policy.
MITnet (Rules of Use) MITnet is the set of MIT-owned network devices a) connecting the MIT campus to the global Internet, and b) providing access to almost all MIT departments, offices, research labs and centers. The MIT community's use of this network are governed by the MITnet Rules of Use. In addition, there are specific rules which apply to Residential Networking. So, if you have have an MITnet connection in your living space -- dorm, or otherwise, you should look at Residential Network @ MIT: Network Policies. Likewise, if you have questions about local area networking, you should look at Departmental Computing @ MIT Network Policies. MITnet Rules of Use are comprised of rules on: acceptable (intended) uses password sharing privacy copyrights harassment communications	Athena (Rules of Use) Athena is MIT's campus-wide distributed computing environment. Most visibly, Athena is seen in some eighteen public workstation clusters, as well as nn departmental clusters, and the thousands of residential locations, and via dialup services, to any authorized member of the MIT community off-campus as well. All authorized users of an MIT account must abide by the Athena Rules of Use. Athena Rules of Use are comprised of rules on: acceptable (intended) uses food and beverages workstation power on/off workstation configuration workstation priorities unattended workstation/multiple workstation noise in clusters printer use
Copyright Copyright is a constitutional concept... The Congress shall have Power ...To promote the Progress of Science and useful Arts,by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries (United States Constitution, Article I, Section 8) ... interpreted via the US Federal Copyright Law (aka Title 17 of the US Code) reflecting the amendments resulting from the Digital Millennium Copyright Act of 1998. ... and reflected in the MIT copyright policy, MITnet copyright rules, and MIT's Copyright Notification Procedures.	WWW Authoring Much of MIT's information traffic today flows through web pages. Many of these web pages are authored here on campus, many more are produced under contract to MIT. All of these works should abide by the Web Authoring Guidelines, which promote usefulness and accessibility to the widest possible audience. Web Site Management Legal and Policy Requirements Web Site Authoring The Guidelines
Accessibility / Disability MIT is committed to providing an information technology environment accessible to people with disabilities. This conforms with the 1990 Americans with Disabilities Act, as interpreted in MIT's Policy on Access and Accommodations for Employees and Students with Disabilities, and more recently interpreted in a set of Software Procurement Rules.	Security Security here means network and system security. The Infrastructure requirements do a good job of explaining the motivation for this area of interest. In addition, there are other Network Security Rules of Use & Internal Policies
Systems & Infrastructure Many DLC's produce their own systems for their work -- be it research, academic or administrative in nature. If these systems are intended to be connected to MITnet, there are a set of requirements provided for interoperation with the MIT computing infrastructure in Infrastructure Rules of Use.	Access This concerns who and how one may gain access to a specific computer system. It begins with how one gets an account. There are several answers to this, one of which is about central MITnet / Athena Accounts, The policy for such accounts is detailed in Accounts Procedures. Accounts on departmental systems may have different rules -- consult local system administrators for help on this. Then there's something else here: Something Most accounts are protected in some way with a password. As such, it is important to educate users about responsible password practices. This is reflected in the MITnet Rule of Use on Passwords. We need to say something about certificates, I think!
Information Policy This area concerns data (information) that is collected by, stored in and disseminated from automated systems, as well as the traffic that is carried by MITnet. The most important of these policies is the Student Information Policy, which governs the collection, management and dissemination of student records of MIT students. MIT's Student Information Policy governs the circumstances under which, and the persons to whom, student information may be disclosed, as well as students' rights to access their own records and to challenge their accuracy. As required by federal law, this policy includes the rights and privacy protections provided by the Family Educational Rights and Privacy Act (Title 20, U.S. Code, section 1232g, often referred to as "FERPA" or the "Buckley Amendment"). See the important distinction that MIT makes between student information and educational records. And how one may gain access to a specific computer system. It begins with Account policy... In addition, there are other Accounts Procedures	Remote (was Dial-in) Access This concerns the rules under which someone without a direct MITnet connection can access MIT computing facilities. The pieces of this are Rules about dialup access to Athena Dialup access to MIT's Administrative Applications Preparing your system for remote access Using cable model or DSL from home Accounts Procedures
Privacy MIT has a long-standing tradition of being on the forefront of concerns about individual privacy. The MIT Policy on Privacy reflects this tradition. Beyond MIT, there are ongoing debates about what privacy is, what it means in various contexts, and how it might be enforced, or ensured. We would recommend to anyone Privacy International's thoroughly documented site on this topic. For our purposes, we feel that one definition that has stood the test of time is this one written in 1967 by Alan Westin in this seminal work "Privacy and Freedom:" "...privacy is the desire of people to choose freely under what circumstances and to what extent they will expose themselves, their attitudes and their behavior to others." These MIT policies are reflected in the MITnet Rule of Use on Privacy.
General Catchall There are a wealth of quasi-policy and rule-like statements in the Stock Answer facility. If you don't find what you were looking for, take a look in Stock Answers first, and if you don't find it, drop us an e-mail message to < netpolicy at mit.edu >.

Ask a question or send a comment about this web page Last modified: 6/10/2002