Martinos Center for Biomedical Imaging

Martinos Center Computer And Network
Acceptable Use Policy
And
Systems Staff Responsibilities

Educational and research facilities, and the NMR Center in particular, are not the corporate world. This is understood. However, NMR Center facilities must be restricted to the legitimate use of NMR Center researchers and staff, our user community, or there would be nothing for the user community to use due to the slightly wild and wooly nature of the Internet. Systems and network personnel will do their best to restrict such access and to maintain the operational status and system integrity of NMR Center computer, network and related facilities for the NMR Center user community. To that end, there must be a few rules by which all users of NMR Center computer and network facilities must abide.

Users Agree To The Following

The computer and network resources of MGH Information Services and the NMR Center are to be used for NMR Center research and equivalent collaborative efforts. Since the NMR Center is not the corporate world we realize that other uses do happen from time to time. Remember that resources, while possibly extensive, are limited. Please remember also that this is primarily a research facility, act accordingly and maintain proper professional decorum in electronic correspondence (e-mail, news, mailing lists, etc).

Accounts issued to the users of the NMR Center computer and network facilities are for individual use only by those users unless explicitly designated for shared use by NMR Center Systems Staff. Individual users are responsible for not giving out access to accounts issued to them for any purpose. Users of the NMR Center’s computer and network facilities to whom accounts have been issued by NMR Center Systems Staff are authorized users. Authorized users will use only those accounts and system services allocated to them and for which they have been authorized. All other users or uses are unauthorized and inappropriate and are considered malicious.

Neither authorized nor unauthorized users will act in a malicious manner to damage or alter system files, data, other document files, the data collection systems, the network, or any NMR Center computer or network facility. Malicious behavior will be determined by NMR Center Systems Staff. Malicious acts may be punishable by anything from loss of account, to legal action, especially in the case of HIPAA violations. Malicious behavior includes but is not limited to system break-ins, harassment of any kind, e-mail bombs or other denials of service, deliberately crashing one or more systems, deleting or altering files that do not belong to you, reading other people’s files for which authorization has not been given, etc.

Users are encouraged to report suspicious activity or occurrences, as soon as possible, to the Systems Staff. Suspicious activity includes but is not limited to system service reports of spoofing (typically via SSH), login reports of your account having been logged in when you were not using it, logging in and being immediately logged out under circumstances when this would not normally occur, general system behavior not considered to be within the realm of normal system operation, other persons using NMR Center computer and network facilities in a wholly inappropriate manner (trashing other user’s accounts etc.). There may only be a broken system service but there may also be a serious security problem.

[Top Of Page]

To ensure the operational integrity of NMR Center computer and network systems and services, and keeping in mind that NMR Center Systems Staff do not want to behave, either by choice or necessity, in a Big Brother like capacity (we have other things to do), the following should be noted.

Systems Staff Will Do The Following

The NMR Center Systems Staff reserve the right to modify or update these policies without notice to resolve or clarify specific issues. Please keep this page book marked and refer to it often.
NMR Center Systems Staff regularly monitors system service logs for problems. Problems include but are not limited to system faults as well as authorized and unauthorized user access, system integrity changes, etc.
Such fault monitoring may include reading or even modifying user e-mail, local user configuration files or other local user files when there is a problem. We will inform users of such actions.
NMR Center Systems Staff reserve the right to monitor any part of any NMR Center computer system we have installed or configured for any member of the user community if problems are either reported to or discovered by us in the normal course of our jobs.
If either an authorized or unauthorized user is discovered to be acting in a malicious fashion, NMR Center System Staff reserve the right to determine the extent of such malicious behavior and a course of action. Such action may include anything from notification through loss of account to informing law enforcement officials, especially in the case of HIPAA violations.

Our job is to maintain the operational status and integrity of NMR Center computer and network facilities. We take it very seriously and will spare no effort to find a malicious user of our systems and services and deal with such. Malicious acts against NMR Center computer or network facilities or against any member of the user community through these facilities will not be tolerated.

[Top Of Page]

Author: Chris Johnson
Version: 1.0.1

		Contact the Webmaster	Copyright 2005, Martinos Center for Biomedical Imaging