LISTSERV 16.0 - MSUNAG Archives

MessageWhat happens if we wish to write a departmental AUP of sorts? Well,
more like a signed "computer support agreement" between the user and the IT
staffed that, for example, stated (paraphrased), "I the user give the IT
staff of Department X permission to view any and all system logs at their
leisure." Would this written and signed permission then satisfy the AUP
requirements?

- Peter
  -----Original Message-----
  From: MSU Network Administrators Group [mailto:[log in to unmask]]On
Behalf Of Linda Losik
  Sent: Tuesday, March 29, 2005 4:43 PM
  To: [log in to unmask]
  Subject: Re: [MSUNAG] Virtual Network Computing


  As a member of the AUP rewrite committee, here are some thoughts.



  If the end user agrees to allow you to access the desktop, you will be
able to access the desktop and only the desktop. You can only access what
you are given permission to access, and only enough that will allow the
current technical issue to be resolved. And you cannot access anything else
without the user's permission.  This means that the user should not have to
look for the color change from blue to green.  The user should know
immediately when IT logs on and logs off.  The user should be able to
terminate the process at any time.



  Under the current AUP and upcoming Statement of Acceptable Use, accessing
private files, emails, logs, etc. are still inaccessible to IT.  The only
time IT is allowed to access systems logs and/or files is either having
written approval from the Vice-Provost or by responding to a search warrant.
The right to privacy is still paramount within both documents.  For
troubleshooting, the process has been described as "peeling an onion" on
order to preserve privacy.



  I would have real concerns as to whether this app is approved by either
the AUP or the SAU.  Perhaps others of the rewrite committee would care to
address this as well



  Linda Losik

  Health Information Technology




----------------------------------------------------------------------------
--

  From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Jesse Howard
  Sent: Tuesday, March 29, 2005 3:47 PM
  To: [log in to unmask]
  Subject: Re: [MSUNAG] Virtual Network Computing



  Troy,

  Thanks for the reply. In the email that was sent out describing UltraVNC
and what it does, the staffer who wrote the email used screen captures of
both the features that you mention, the pop-up permission window and the
system tray icon changing from blue to green.

  Okay, so there's at least one department that uses VNC. Any others? Anyone
want to address whether or not VNC is legal under the AUP?

  And what about the privacy issue? Anyone care to make an interpretation of
the AUP on where the IT admin's responsibilities end and the users rights
begin at the workstation?

  Jesse Howard
  _______________________

  IT Administrator
  Michigan State University Press
  [log in to unmask]
  www.msupress.msu.edu

    -----Original Message-----
    From: MSU Network Administrators Group [mailto:[log in to unmask]]On
Behalf Of Samone E. Jones
    Sent: Tuesday, March 29, 2005 3:34 PM
    To: [log in to unmask]
    Subject: Re: [MSUNAG] Virtual Network Computing

    Years ago when I used PCAnywhere for the same purpose, we had the same
issue.

    PCAnywhere had a visual indicator - I think it was a little pc that
turned green when someone

    else connected to the machine. So to soothe the users that were leery,
we taught them how to identify when

    one of the IT staff were connected to the PC by using the visual
indicator in the task bar.



    My point is maybe UltraVNC has a visual indicator like PCAnywhere - I
think that would be a good way to get the

    users to put their guards down.




    SJ





    Samone E. Jones

    Information Technologist

    Family Consumer Sciences

    Phone: 517.432.4552

    Email: [log in to unmask]

      -----Original Message-----
      From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Jesse Howard
      Sent: Tuesday, March 29, 2005 2:10 PM
      To: [log in to unmask]
      Subject: [MSUNAG] Virtual Network Computing

      I want to start using UltraVNC in our office domain, for tech support
and helpdesk purposes at the workstation level. A few of our users have
gotten the idea that we are going to use it to spy on them, and look at
their email. It's become a bit of a PR problem for the IT Admin staff.

      So I am wondering, is it legal to use software like this at MSU, under
the AUP? If so, who here is using it? Have you run into issues with users
like this, where they interpret something you are doing as an attack on
their privacy? If so, how did you handle it? We have sent out an email
describing the software, what it does, and the fact that we won't use it
without their permission. It doesn't seem to have helped much.

      Any ideas?



      Jesse Howard
      _______________________

      IT Administrator
      Michigan State University Press
      [log in to unmask]
      www.msupress.msu.edu