Information Technology Services - nav image

7.4 Network Take-down and Vulnerability Scanning

Harvard Enterprise Security Policy:

Policy Excerpt
Network managers are authorized by the University to run vulnerability scans in order to identify security risks and to protect computing and networking resources. Network operators should monitor network activity for signs of attack and take action in the absence of action by the operators of a compromised computer.

HLS Policy:

HLS performs network vulnerability scanning on a regular basis. These scans may be random (i.e. not announced to systems owners) or scheduled (i.e. system owners are informed of the date and time of the vulnerability scan).

After the discovery of a vulnerability HLS ITS will work with the system owner or business owner to develop a plan to remediate the vulnerability. However, if HLS ITS determines there is a substantial risk to the system or institution, access to the system will be denied until appropriate controls can be implemented.

Frequently Asked Questions:

Q: What is the process that ITS follows to remove a system from the network (quarantine)?
A: HLS has some automated systems in place that will automatically quarantine (i.e. removed network access) systems on the HLS network if the affected system is actively attempting to infect or compromise other systems on the HLS network. Before a machine can be removed from quarantine it malware or viruses must be removed from the system.

Q: What happens if my application is hacked?
A: HLS ITS has a standard operating procedure in place to inform the business owner and Office of the General Counsel. HLS ITS can not guarantee the business owner will be notified before a system is taken off-line. HLS ITS reserves the right to prevent system access if it is deemed to be a substantial risk to the HLS community.

Last modified: November 06, 2008

© 2014 The President and Fellows of Harvard College. All rights reserved.