Technology users at Williams College have a right to privacy. OIT respects and protects your privacy, but may be required to release information if we receive a legal subpoena or we are contacted by Senior Staff that you have violated College policy. In order to help ensure privacy for all users, the Office for Information Technology (OIT) employs passwords associated with user accounts. As users of technology at Williams, you also have a responsibility to guard your account and keep your password to yourself.
The secrecy of your password is critical to the integrity of the campus computing environment. If an intruder is able to gain access to one account on a system because that account’s password was simple to guess, the intruder can then often determine other users’ passwords. For this reason you must keep your password secure.
No computer system can protect you if you do not conceal your password. Leaving a terminal without logging off is like leaving the door of your home unlocked and open. Using an obvious password, such as your first name or a nickname, is like hiding your door key under the doormat. Use a combination of 12 or more letters (at least one uppercase) and numbers to confound anyone seeking access to your data. . If you are unsure about how to change your password, please contact the Help Desk (413-597-4090 for faculty/staff, 413-597-3088 for students) for assistance.
Activity logs are maintained on all systems managed by OIT. Information that is logged includes at minimum the login and logout time of every user. Additional information may be logged on specific systems. For example web-server logs record what pages are visited and the referring link. (This is not special to Williams’s web-servers; all web-servers on the Internet log this information). Email logs record the fact that a message was sent, the submission time and the delivery time, and the addresses of sender and recipient. Content of email is NOT logged.
System logs are not routinely monitored, but are used for troubleshooting purposes when a problem has occurred. Reports may be generated of aggregated information without reference to specific users.
System level privileges are granted to OIT staff who need them to perform their jobs. These staff are responsible for safeguarding the system and the information within it. They respect the privacy of personal files and mail within the system. The Office for Information Technology makes a concerted effort to protect user privacy and to prevent unauthorized use of the Williams system.
Systems may be monitored if there are suspected abuses or violations of college policy and individuals may be identified. When there is reason to believe that illegal activities or significant infractions of college rules have occurred or are continuing, OIT may monitor a suspected individual’s computer files and activities. Such action may be taken at the request of Security or Human Resources, but must in all cases have the consent of a member of the college’s Senior Staff.
If OIT staff receive a subpoena or are contacted about violations of the PATRIOT Act, the Chief Information Officer will contact the appropriate Senior Staff member and seek legal confirmation that the requests are valid. Although ordinarily Williams does not track Internet use, users should be aware that activity on the Internet can be tracked at other Internet locations through IP addresses and traced back to their machines.
Any attempt to interfere with or to alter the integrity of any computer system is unacceptable. Such actions include, but are not limited to:
- unauthorized use of accounts
- impersonation of other individuals in communications
- attempts to capture or crack passwords
- attempts to break encryption protocols
- causing unreasonable network bandwidth congestion
- compromising privacy
- destruction or alteration of data or programs belonging to other users
Members of the Williams community should respect the security and access policies of other systems as well as the desire of other institutions to safeguard themselves against intrusions.
Violation of Williams policies or procedures may result in the revocation of your computing privileges and/or other disciplinary action.
Public Computer Monitoring
Public kiosk, lectern, lab, and classroom computers have monitoring software running on them. This software records who logs in where, for how long, and what applications are used, but not what is done with those applications. E.g. the system records would show that the Firefox web browser was in use for 35 minutes, but NOT what sites were visited during that time.
The data collected is primarily used in an anonymous fashion for support purposes (e.g. what applications are most commonly used, which labs receive the most use and therefore might need more computers, etc.), but in the event of a subpoena, security breach, hacking from one of our computers, or other such special circumstance individual sessions may be examined in detail.