Secure Systems (top)

The Desktop Support group supports clients in setting up and maintaining systems that are secure for use with confidential information. Consistent with University policy, all University laptops and all desktop systems with access to IQSS/HMDC file services must be configured securely.

For laptop and desktop systems, the following are required:

  • A password protected screen saver, which activates in 15 minutes or less
  • Complex passwords, which have a combination of letters, numbers, and special characters, and are at least eight characters in length following Harvard’s password complexity rules
  • A host-based firewall
  • Up to date virus scanning software and virus dictionaries, and regular operating system updates
  • Any service that allows remote login or desktop access to the laptop must be disabled
  • PGP Whole Disk Encryption (PGP WDE) and File Vault [this is required for PC & Mac laptops, and optional but recommended for desktops]

To get File Vault and/or PGP WDE installed on your laptop please contact us, or visit http://pgp.fas.harvard.edu/icb/icb.do for instructions.

For any portable storage device, the following is required:

    Any portable media housing confidential information should be encrypted appropriately, either through hardware encryption (such as Ironkey devices) or with software encryption using PGP Desktop or Truecrypt.

Note: No high-risk confidential information (HRCI) should be stored on personal laptops or desktops or portable storage devices. HRCI may be stored on designated and approved servers only.

For assistance with secure system set up, please contact us.