Guideline for Services

Transcription

1 Guideline for Services Under the Policy on Information Technology, the Vice-President and Provost is authorized to establish guidelines for information technology services at the University of Toronto. The University strives to provide highly-available, functional, and secure service to students, faculty and staff. service is provided institutionally to faculty, staff and students by UTORmail, a service operated by Computing and Networking Services. Other units may elect to offer services to their constituents for reasons such as scale or specialisation. The existence of providers within the University is acceptable as long as the services provided are compliant with institutional standards. The Policy on Official Correspondence with Students requires that students maintain a University-provided account for official communications. For reasons of security and deliverability, such official University services are best provided by internal organisations; that is, organisations whose network and equipment are within the University s domain and under the University s full operational control. Reporting on compliance with institutional standards will be required by 31 March A report confirming compliance is to be submitted to the Vice-President and Provost, or Designate. Subsequent confirmation of compliance is to occur in annual reports. Proposals to enter into arrangements with external service providers must be submitted for approval to the Vice-President and Provost, or Designate. (See Policy on Contracts.) Institutional Service Requirements An service provided to faculty, staff or students must be required to incorporate the following service level information and system specifications: Service Level Information o Access Controls: Documented rules regarding who may use the service, how access is provided and removed. o Appropriate Use Definition and Acceptance: Users must be required to accept the University s Appropriate Use of Information and Communication Guidelines when applying for access. These guidelines and associated policies, such as the Policy on Official Correspondence with Students and the Code of Student Conduct must be referenced on a service acceptance page, and acknowledged prior to gaining access to the service. 1 o Authentication Service: New services must use the University s authentication system, UTORauth, for ID and password. Existing services may 1 If a unit has a concurrent appropriate use policy it should be replaced with the institutional guideline. Units should highlight appropriate use provisos that extend beyond the institutional guideline. Where provisos are in conflict, the institutional guideline shall have precedence. Final Draft 20 February 2008 p. 1

2 continue to deploy local authentication systems, but should consider adopting or interoperating with UTORauth. o Blocklisting: Service consumers are to be notified that services may occasionally be blocked by external providers. At times, the internal provider may not be aware that a block is in place, and the blocking may also be transient. Once notified of a problem, the internal service provider will attempt to contact the external service provider and seek service restoration. As this condition may take some time to resolve, service consumers are to be notified of the expected duration whenever practicable. o Delivery Service Goal: Service providers are to advise on their delivery expectation, e.g., within x seconds under normal circumstances, as well as to note that is not always delivered within that timeframe, especially when leaving the university s network. o Disaster Recovery: Service providers are to develop and test recovery methods to mitigate the risks of service outages due to system failures. Service providers are to communicate their recovery plans and return-to-service expectations. o Naming Conventions: addresses must end with utoronto.ca or toronto.edu to qualify as a University issued electronic mail account required by the Policy on Official Correspondence with Students. o Forwarding Caution: The proliferation of hosted services means that faculty, staff and students may be forwarding their accounts to external providers. Internal providers may provide forwarding options but the option must be accompanied by cautionary text advising that: o forwarded messages may be blocked or experience other delivery problems related to forwarding to an external service provider; o the holder of a University issued electronic account remains responsible for ensuring that all University communications sent to that account are received and read. o Junk Mail Filtering: Services that offer junk mail filtering are to notify users that the function is present, and advise that periodic checking of junk mail folders is advised. Where there are specific file extensions being filtered, these are to be listed. o Legislative Compliance: Periodically, legal situations (e.g., subpoenas, criminal investigations ) may require records to be extracted to support an investigation. Services are to inform users of the existence of processes for providing records to the police, court-authorised recipients, or internal staff. o Procedure for Notification of Alleged Abuses: Services are to provide contact information for concerns regarding cases of alleged abuse or misuse of the e- mail service. Reporting of alleged abusers must comply with privacy rules. Information regarding the length of time that transaction logs are stored (needed for tracing activity) to be included in service description. o Service Compliance: All service providers must be required to verify their continued compliance with institutional standards within an annual accountability report. Final Draft 20 February 2008 p. 2

3 Specifications o Anti-Spam: services must provide anti-spam filtering either through the institutionally-provided system or via another commercial or community-supported alternative. It is the responsibility of the service provider to keep the spam-filters upto-date. o Anti-Virus: services must provide anti-virus scanning for incoming mail. Clear documentation is to be provided as to how attachments are handled when a virus is discovered. o Data Backup: A regular backup process with a stated retention period is required. Limitations to the backup should be noted, for instance, if backups are performed every other day. o Attachment Limit: The maximum attachment size must be stated. Users are to be advised that messages with large (e.g., greater than 10 MB) attachments may not be accepted by recipient services. o Relays: servers should not relay messages from unknown and unauthenticated sources. Open relay are usually discouraged but when special circumstances warrant, relaying should occur with known and trusted hosts only. o Mailbox Quota: Each service is to define a maximum mailbox size. Options for mailbox limit increase may be made available by the service provider. o Outsourced At present, services must be hosted on the University campuses and cannot be outsourced. o Security: services should include the capability for data encryption and digital signatures to allow for the protection of confidential correspondence. o Service Level Definition: Service providers are to provide expectations of availability. Include: o Targeted Uptime: (e.g. This service will target 99.9% availability, or downtime of 8.76 hours/year.) o Scheduled Maintenance: (e.g. There will be no scheduled maintenance during regular business hours, Monday through Friday, 8:45 A.M 5:00 P.M.) o Notice of scheduled maintenance will be provided (e.g. at least 24 hours) prior to outage. o Emergency Maintenance: e.g. In situations that threaten the integrity of the service, the Provider reserves the right to immediately shut the system down to apply repairs or configuration changes. Related Policies and Guidelines o Policy on Information Technology o Policy on Approval and Execution of Contracts and Documents o Policy on Official Correspondence with Students o Appropriate Use of Information and Communication Technology Guidelines Final Draft 20 February 2008 p. 3

4 o o o Network Security Policy Code of Student Conduct Policy on Access to Student Academic Records Final Draft 20 February 2008 p. 4

5 Service Information Template (Sample) A service template is to be completed by each of the university s service providers. The service description is to be available as a link from the service s login page. The text displayed below is generic. Service providers are to tailor the content as appropriate to their service details. Service Level Declaration: This service targets 99.5% uptime under normal circumstances. 99.5% equates to 216 minutes of scheduled outage per month. Element Access Anti-Spam Anti-Virus Appropriate Use Authentication Service Business Continuity Delivery Service Goal Attachment Limit Naming Service Definition (examples) This service is available to active faculty and graduate students of the Department of Relativity. [Name of Application] or none [Name of Application] or none This service follows the University s Appropriate Use of Information and Communication Technology Guidelines. See: UTORid or other Sample Text: This service deploys a redundant disk array (RAID 10) to protect against data loss due to damaged disks. Backups are performed daily and stored for two weeks. In the event of a local system or network outage, every effort will be made to get the system running again as quickly as possible. Status reports will be made provided via available services such as a departmental or institutional Web site or phone tree. Messages sent between users of this service, and other services provided by the University community will normally be delivered well within 30 minutes, unless there are network problems locally or across the university. Delivery times may xx MB For reference, UTORmail has a 50 MB limit. UTOR_Webmail has a 10 MB limit. Please avoid distributing multiple copies of an attachment via . Large files may be posted to your Portal Content Area, a departmental shared folder, or Sharepoint. Files may also be placed in an ftp site. Contact the System Administrator for assistance. Accounts on this service will follow the structure of Final Draft 20 February 2008 p. 5

6 Element Conventions Encryption and Digital Signatures Forwarding Junk Mail Filtering Message Recovery Procedure for Notification of Alleged Abuses Quota (Mailbox) Service Definition (examples) Departmental addresses may be established without the dot e.g., This service provides encryption and digital signature capabilities. These functions should be deployed when sending personal or confidential information. Please note that this service does not offer forwarding in order to increase the likelihood of delivery. External service providers do periodically block dept.utoronto.ca messages. This service uses the [Name of Application] to filter spam and viruses. Suspicious messages are automatically redirected to your Junk folder. Please review the folder if you have not received an expected message. The Junk mail folder purges tagged messages on a 30-day basis. Messages ending in.exe,.zip, and.virus are automatically filtered. Do not open these attachments if found in the junk folder unless you know the sender and about the attached file. This service will store messages for N days after entering your Inbox. If you accidentally delete a message, notify your system administrator immediately to request message retrieval. Beyond N days, the message will be irretrievable from internal storage. Note: Recovery applies to protocols, such as IMAP, that leave messages on the server. 2 This service respects the quality of your experience. If you are concerned about the security of your for example, you think someone may be accessing your mailbox, or you are receiving an unusual number of offensive messages contact your system administrator (Pat Smith ) in confidence. ### MB on the server. Note that you may store additional on your local or network drive. For configuration assistance contact the System Administrator. Additional Comments and Recommendations for Follow-up 2 COMMENT: Remember, this is a template in which you define the service provided. It may be that you will not/cannot provide message recovery. In that case state This service will not provide recovery of deleted messages. Or, This service will make a best effort to recover a message and a labour and materials charge will be applied. Final Draft 20 February 2008 p. 6

7 All mail sent between Exchange users is inherently encrypted. Mail sent from Exchange to another non-exchange environment is clear text. If end-to-end message security is required with users outside the Exchange service, the use of certificates and/or digital signatures is advised. Long-term archiving: o backups are made specifically for the purpose of system recovery; o backups will not be kept for a period of longer than 1 month; o c) users are solely responsible for organizing and archiving their own data, and for meeting any FIPPA requirements that may be applicable to them. Would it be wise for the University to make some kind of wider statement about the limited responsibilities that the managers of systems have to be responsible for the archiving and organizing of their user's data? Implementing UTORauth authentication should also require that encryption be enabled in order to safeguard the users' credentials. Normally servers do not encrypt any traffic, so users passwords are sent over the network in plain text and are therefore subject to theft Final Draft 20 February 2008 p. 7