Union University

Information Technology

Information Technology

Information Technology > Policies > Acceptable Use Policy

Acceptable Use Policy

Purpose

This policy defines the responsible and appropriate use of the information technology resources at Union University. This policy applies to all clients of Union's information technology resources, whether affiliated with the university or not, and to all clients of these resources, whether on campus or from remote locations.

Scope

Information technology resources at Union University are available to all currently enrolled students, faculty, staff and others who have been authorized by the University for use. Information technology resources include any University-owned software, hardware, wireless and physical networking facilities, telecommunication, computer labs, workstations, storage devices, Internet, e-mail, hosted and on-premise services, academic and administrative computing systems, etc.

Each authorized client assumes responsibility for their own behavior while utilizing these resources. While the use of computers and information technologies does not alter basic codes of behavior in academic and spiritual life, it does place some issues in new contexts.

Responsible, acceptable use is always ethical, reflects academic honesty, shows stewardship in the consumption of shared resources, and is guided by Christian principles. It is important that all users of the information technology facilities conduct their activities in this manner since they have access to many valuable and sensitive resources. One's inappropriate computing practices can adversely affect the work of the University and others.

Compliance

All clients of Union University using the University's information technology resources are expected to comply with this policy. Union reserves the right to amend this policy at any time and without prior notice in order to better provide information technology access to our clients. Union reserves the right to restrict or extend computing privileges and access to University technology resources.

I. CLIENT ACCESS AND PRIVILEGES

A. Client Accounts

Union University provides appropriate access to administrative and academic information technology based on student and employee roles. Information technology services include access to administrative business systems, academic software, computer labs, e-mail, telephone, Internet, and Portal. This access is a privilege, not a right and may be revoked for any reason including non-compliance with Union University Information Technology policies.

B. Client ID

Employee and student clients are each responsible for any and all activity performed with their client IDs. It is the responsibility of each client to protect this ID and login information, and not share this information with others. Any suspected unauthorized use of a client ID should be reported immediately to the Associate Vice President for Information Technology.

C. Password

The password is an important element of Union's computer security. It is the front line of protection for our client accounts and the responsibility of employee and student clients to protect. It is your responsibility to maintain the confidentiality of your password. Never give your client ID and password to another person or use those of another.

Employee password reset utility is available at password.uu.edu. Student password reset utility is currently being developed for future deployment. It is recommended that clients change their password every six months to help ensure a higher level of security.

D. System Privilege Termination

E. Personally Owned Computers, Software, and Mobile Devices

Union University is not responsible for installing, supporting, or maintaining hardware, software or data of any personally-owned information technology equipment of employee and student clients.

To protect the integrity and security of the University's network, employees may not connect or install non-Union owned hardware and/or software onto Union's wired or secure wireless network without prior written approval from the Associate Vice President of Information Technology. Students, faculty, staff, and guests may use the University's open wireless network for personally owned equipment such as laptops, PDAs, and other smart devices.

II. ACCEPTABLE USE

A. Acceptable Uses of Information Technology Resources

Union University's information technology is provided to assist students and employees in creating, acquiring and disseminating information related to the performance of classroom assignments and regularly assigned job duties.

B. Unacceptable Uses of Information Technology Resources

Any information, data, or programs not aligned with the mission of Union University must not be created, stored or transmitted, viewed or manipulated using University-owned technology or information systems.

The following is a list that includes, but is not limited to unacceptable uses of information technology or information systems.

  1. Transmitting any material, or engaging in any other activity in violation of any federal, state, or local laws including copyright law.
  2. Transmitting or accessing information containing harassing material. Computer harassment includes, but is not limited to:
    1. Possessing text, images or audio with the intent to harass, terrify, intimidate, threaten, or offend another person.
    2. Intentionally using the computer to contact another person repeatedly with the intent to harass or bother, whether or not an actual message is communicated, and/or where no purpose of legitimate communication exists, and where the recipient has expressed a desire for the communication to cease.
    3. Intentionally using computers or other technology to disrupt or damage administrative, academic or related pursuits of another.
    4. Intentionally using the computer or other technology to invade or threaten to invade, the privacy, academic or otherwise, of another.
  3. Transmitting, receiving, displaying, or viewing offensive content, which includes but is not limited to, sexual comments or images, religious bigotry, racial slurs, gender specific comments or any comments that would offend someone on the basis of their age, sex, national origin or disability. Displaying, sending, printing, or storing sexually explicit, graphically disturbing, obscene, pornographic, fraudulent, harassing, threatening, abusive, racist or discriminatory images, files or messages in any campus facility or campus location is prohibited.
  4. Disseminating or printing copyrighted materials including computer files, articles and software, in violation of copyright laws.
  5. Attempting forgery of e-mail messages.
  6. Authoring SPAM messages.
  7. Clients may not install or use any unauthorized Peer-to-Peer (P2P) file sharing device to share or distribute:
    1. Copyrighted material without authorization from the copyright owner
    2. Privileged, private, or strategic information determined by administrators as vital to the operation of the University
    3. Any viruses, malware, or license keys
    4. Software that threatens or disrupts any Union University's information technology services.
  8. Peer-to-peer file sharing programs may pose opportunities for significant loss to owners of copyrighted material and significant liability to the University. Allowing non-authorized access to computers on the University network may provide access to privileged information. Peer-to-peer programs degrade the speed of the network and they may contain spyware, viruses, or exploits that may allow unauthorized access to the computer hosting the program. These programs may provide backdoors to computer criminals with additional resources to launch attacks.
  9. Any other practice or activity that, in the opinion of the University administration constitutes irresponsible behavior, promotes illegal activities, results in the misuse of computer resources or jeopardizes the operation of computer systems, available technology or network systems.

If, in the interest of authentic academic or administrative work, a need is identified for a student or employee to perform any of the actions specifically prohibited above, a request must be submitted in advance by the student and an employee, or by the employee and his/her supervisor, for approval by the Associate Vice President for Information Technology.

C. Commercial Use of Information Resources

Union University technology resource clients must not use University's information or technology resources for engaging in commercial activities other than those permitted by Union's senior leadership. Clients are expected to be responsible stewards of the limited information technology resources and to limit the use to business and educational activities related to the mission and objective of the University.

III. CAMPUS COMPUTING FACILITIES

A. Acceptable Use of Facilities

Student-computing labs are available for open lab use when academic classes are not scheduled in them. These facilities are made available on a monitored and unmonitored basis. Additional computing resources are available in discipline-specific labs, libraries, and some student areas. All clients are required to use these facilities in a responsible manner.

Clients using campus information technology facilities must not cause noise, display abusive or inappropriate behavior towards other clients, or create other disturbances in any computing area.

Clients using campus-computing facilities must not destroy or remove data other than their own.

B. Computer Configurations

Client machines, whether a student lab or library machine or a faculty or staff machine, has a standard software image installed by Union's Information Technology staff. Clients using the campus computing facilities must not attempt to change the set-up on these computers unless authorized in advance by Information Technology to do so. Damage to computer resources should be reported immediately to Information Technology staff, student workers responsible for monitoring the facilities, or Information Technology's Help Desk.

IV. PRIVACY AND INFORMATION TECHNOLOGY RESOURCES

A. Legal Ownership of Information Systems Files and Messages

Unless specific ownership of intellectual property rights have been establish in accordance with Union University's Copyright and Intellectual Property Policies, the University retains legal ownership of the contents of all files stored on computer and network systems as well as all messages transmitted via these systems. Union reserves the right to access all such information without prior notice whenever there is a genuine business need to do so.

Union University institutional data will not be released to internal, external, graduate or undergraduate students at this time. - Senior Leadership Team - October 2, 2012

B. Responsibility for Monitoring Content of Information Systems

Union University reserves the right to remove any message, file, database, graphic or other material from its information systems. Union has no obligation to monitor information content residing on or flowing thru the University's information systems.

C. Privacy Expectations for Internet, University Network and Files

  1. At any time and without prior notice, Union reserves the right to examine archived e-mail, voicemail, personal file directories, hard disk drive files and other information stored on Union information systems.
  2. At any time and without prior notice, Union reserves the right to examine or monitor for any reason any device attached to the University's network.
  3. At any time and without prior notice, Union reserves the right to examine or monitor the Internet usage of clients using the University's network.
  4. These examinations are performed to assure compliance with internal policies to support the performance of internal investigations, to comply with legal requirements such as a subpoena or court order, and to assist with the management of Union's information systems.

D. Disclaimer of Responsibility for Damage to Data and Programs

Union uses access controls and other security measures to protect confidentiality, integrity, and availability of the information handled by the University's information systems. In keeping with these objectives, the University's administration maintains the authority to: (1) restrict or revoke any client's privilege, (2) inspect, copy, remove, or otherwise alter any data, program or other information technology resource that may undermine these objectives, and (3) take any other steps deemed necessary to manage and protect its information systems. This authority may be exercised with or without notice to the involved clients. Union disclaims any responsibility for loss or damage to data or software that results from its efforts to meet these security objectives.

V. INTELLECTUAL PROPERTY

A. Copyright Laws

Clients are expected to adhere to Union University's Copyright and Intellectual Property Policies which strictly adheres to the laws regulating the use, distribution and reproduction of copyrighted works and provides clear guidelines of the bounds of permissible copying under the fair use doctrine, while maximizing the educational benefits of using copyrighted materials in the classroom and in other educational settings.

Clients are also expected to adhere to the provisions of Public Law 96-517, Section 7(b) which amends Section 117 of Title 17 of theUnited States Code to allow for making of back-up copy of computer programs. The public law states that " … it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of the computer program provided:

  1. A new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that is used in no other manner, or
  2. A new copy or adaptation is for archival purposes only that all archival copies are destroyed in the event that continued possession of the computer program should cease to be within policy."

Works protected by copyright may not be accessed or distributed by file sharing, peer-to-peer technology, or any other method violating Title 17 of the United States Code 501-513.

B. Software

Respect for the intellectual work and property of others is essential to the mission of Union University. Union strongly supports strict adherence to software vendor's license agreements and copyright holders' notices. It is illegal to duplicate, copy or distribute software or the software documentation without the permission of the copyright owner.

If Internet users or other system clients make unauthorized copies of software, the clients are doing so on their own behalf, since all such copying is strictly prohibited by Union University.

Only software that supports the educational and administrative mission of the University will be installed on the University's computers. That software is normally limited to:

  1. Software purchased and installed by IT staff under a site agreement.
  2. Software purchased under a single copy purchase and installed by IT staff on a single machine.
  3. Software developed by employees and students.
  4. Public domain software and software contributed to the University.
  5. Freely available software that may not be public domain; Software licensed under General Public License (GPL) as an example.

Illegal copies of copyrighted computer programs may not be made or used on University equipment.

The legal or insurance protection of Union University and its Trustees will not be extended to employees or students who violate copyright laws.

Software not acquired by Union University by an officially sanctioned means as stated above will not be installed or operated on the University computer resources.

C. Trial Licenses for Software

Freeware, shareware and trial-ware are covered by copyright and are subject to the terms and conditions defined by the holder of the copyright and copyright policies of Union University.

D. Fair Use

Unless permission from the copyright owner(s) is first obtained, making multiple copies of materials from magazines, journals, newsletters, software documentation and other publications is prohibited unless it is both reasonable and customary. This notice of "fair use" is in keeping with international copyright laws.

VI. INFORMATION TECHNOLOGY and ADMINISTRATIVE STAFF

A. Handling of Third Party Confidential and Proprietary Information

Unless specified otherwise by contract all confidential or proprietary information, including software written by a third party, that has been entrusted to Union by a third party must be protected as though it were Union's confidential information.

B. Confidentiality of Computer Related Software or Documentation

All Union University generated programs, codes and related documentation are confidential and must not be taken elsewhere when an employee, consultant, or contractor leaves the employ of the University.

C. Storage of Sensitive Information on Portable, Networked, or Remote Resources

Portable data devices can provide University employees easy remote data access to Union's data storage and retrieval capabilities for business purposes. These devices include laptops, PDAs, cell and smart phones, CD/DVDs, thumb drives and removable hard drives.

Protect any sensitive and personal identification information stored on portable data devices from unauthorized access through the use of all available measures, including, but not limited to:

  1. Encryption
  2. Password protection
  3. Up-to-date virus protection and malicious software detection and removal products
  4. Use of data destruction procedures when information is no longer needed
  5. Use of practices for purging, overwriting, or degaussing equipment when ownership changes
  6. Other reasonable safeguards to prevent theft of the device and/or viewing of protected information.
  7. Limit protected data and personal identification information stored on the device to the "minimum necessary" to accomplish the purpose.
  8. Individuals granted extracted data receive proper training in the use of personally identifiable information (PII) through his or her immediate supervisor, Information Technology, or Human Resources when they are hired.

D. Privacy Expectations for Administrative Data

It is imperative that all administrative data is received, stored and maintained by Union employees in a secure and confidential manner. This information is stored in a variety of formats including printed reports, electronic databases, and document images. Union University is responsible for the accuracy, integrity and confidentiality of this data. Data must be treated as confidential unless designated as approved for public release. By law, certain electronic institutional data are confidential and may not be released without proper authorization to the appropriate requestor. Employees are required to be aware that their conduct either on or off the job could affect or threaten the security and confidentiality of this information. All employees accessing Union's administrative systems, i.e. Ellucian Colleague and other systems, are required to adhere to the following:

  1. Unauthorized use of any information in files maintained, stored or processed by any Union information system is prohibited.
  2. No one is permitted to seek personal benefit, allow others to benefit personally or to divulge, in any way, the contents of any record or report to any person except in the conduct of his/her assignment.
  3. No one shall knowingly include, or cause to be included, in any record or report, a false, inaccurate, or misleading entry. No one shall knowingly change or delete or cause to be changed or deleted an entry in any record or report, unless expressly authorized to do so and in accordance with Union's Staff Handbook and other related policies and procedures.
  4. nformation that is downloaded should not be altered in spreadsheets or word processing documents in a way that misrepresents the information derived from this data. Downloaded information should be used and represented responsibly.
  5. No official record or report, or copy thereof, shall be removed from the office where it is maintained or copied or printed via electronic means except in the authorized performance of a person's duties and in accordance with any kind of established procedures of the University. Copies made for the performance of a person's duties shall not be released to third parties except when required by a work assignment.
  6. Office computers as well as portable data devices such as smart phones and PDAs must be locked by standard operating system, keypad or other password locking mechanism.
  7. No one is to aid, abet, or act in conspiracy with another to violate any part of these terms and conditions.
  8. Any knowledge of a violation of these terms and conditions must be immediately report to the employee's supervisor and the Associate Vice President for Information Technology or his/her designee.

VII. DISCIPLINARY ACTION

A. Disciplinary Action for Violation

If a University employee reasonably believes that a client is engaged in activities which may pose an imminent threat to: (1) the health or safety of others, (2) the integrity of data, (3) information technology resources which may adversely affect system operations, or (4) copyrights, the employee may request through their dean or vice president that the Associate Vice President for Information Technology suspend the client's access until the issue is investigated.

Disciplinary action shall follow existing Union University policy and procedures governed by the applicable provisions of the student handbook, faculty and staff handbooks and the applicable State and Federal laws.

The following disciplinary sanctions outline some, but are not limited to, actions that may be taken either singularly or in combination, by the University against violators of this policy.

  1. Restitution to reimburse Union University for damage to or misuse of information technology facilities.
  2. Warning to notify the individual that continuation or repetition of a specified conduct may be cause for other disciplinary action.
  3. Reprimand in writing indicating further violation may result in more serious penalties.
  4. Restriction of information technology privileges for a specified period of time.
  5. Probation status, with the associated implications, imposed on the individual.
  6. Suspension of the individual from the University.
  7. Expulsion of the individual from the University.
  8. Interim or summary suspension until a final determination has been made in regard to the charges made against the individual.

In the event that other University regulations are violated, additional penalties may be imposed.

Unauthorized use of information technology resources may be turned over to local law enforcement offices. This activity may be adjudged a felony and the individual(s) involved may be liable to legal prosecution.

VIII. META POLICY

A. Additions and Deletions

Suggested information policy additions, deletions or alterations must be submitted to the Associate Vice President for Information Technology, or his/her designee in order to be implemented.

B. Policy Review Process

This policy will be reviewed annually by the Information Technology Committee which is responsible for developing the Information Technology Master Plan in accordance with Union University policies and strategic goals at the University.

Any member of this committee may request additional review by others, but policy recommendations will advance to the University's senior leadership for approval when each of the members comprising this committee have signed in recommending its unanimous approval. Policy specifically designated for Information Technology staff will be approved by the Associate Vice President for Information Technology and the Provost.

C. Policy File

A file will be kept in the office of the Associate Vice President for Information Technology maintaining this policy and the approval documents for at least 5 years.

D. Policy Communication

Union University Information Technology policies will be available on the Information Technology web and portal sites.

E. Policy Summaries

Condensed versions of this policy or client-specified synopses of these policies may be distributed as needed to adequately implement the policies. Condensed versions or synopses must include information about how to obtain the complete policy or policies.

A-Z Services Catalog
Student Resources
Employee Resources
Information Technology