Recommendation 10: The University, with leadership from the OVPIT, must continue to develop policies and implement procedures that protect the security of IU's information technology resources and institutional data, safeguard personal privacy, and respect intellectual property rights, while at the same time promoting two traditional university values associated with academic freedom: access to information and freedom of discourse.
Action 66. The University should develop clear and forceful policies to address the management and protection of information and the security of IT resources.
The University Data Administration unit has been created and staffed within the IT Policy Office (ITPO). This new area, which is lead by a University Data Administrator, is working with data management committees, University business areas, University archivists, library staff, technicians, and others to develop policies, procedures, and education programs related to appropriate protection, use, and retention of institutional data. This office is responsible for the Global Directory Services (GDS) project. The initial phase of the GDS project, which was completed in December 2000, created unique computer and network usernames for users on all University campuses. The next phases of this project are being given high priority, and involve redesigning and modernizing the information systems and procedures supporting identification, authentication, authorization, and directory services related to users of IU technology resources on all campuses. Information about the University Data Administration unit and the GDS project can be found at the University ITPO Web site (www.itpo.iu.edu/).
Action 67. UITS, with the Committee on Institutional Data and others in the University community, should develop security mechanisms that properly enact institutional policy. Implementation of these security mechanisms should include risk assessment, audit and controls, and education and awareness. UITS should focus special attention on providing reliable authentication and access management systems.
Technologies to support security services, such as computer system vulnerabilities scanning, incident response, and security information resources, have been upgraded, and are available for use by all members of the University community. Services can be found at the University Information Technology Security Office Web site (www.itso.iu.edu).
Action 68. UITS should collaborate with the Copyright Management Center on developing policies and programs that advance the use of information technology and information resources, especially in areas of teaching and research, while limiting the University's liability exposure regarding intellectual property rights.
The University IT Policy Office (ITPO) continues to work in collaboration with the Copyright Management Center and University Counsel on matters related to intellectual property and copyright. The University IT Policy Officer serves as the IU agent registered with the US Copyright Office and, as such, is the single point of contact for all IU campuses, receiving and coordinating the resolution of alleged copyright infringements. University Counsel continues to work to develop specific University procedures regarding intellectual property and copyright which are scheduled to be published by mid-2001.
IX. Digital Libraries | Table of Contents | Contacts
March 2001
http://www.indiana.edu/~uits/cpo/accomplish/l.html
Comments to ovpit@indiana.edu
Copyright © 2001, the Trustees of Indiana University