Technology Resources Acceptable Use Policy
Effective August 31, 2009
At Union Institute & University, use of university-provided technology resources is a privilege, not a right that may be revoked at any time for misuse. The provisions of this policy statement apply to all users of UI&U technology resources, including those who access these resources from off campus.
Union Institute & University (UI&U) operates various network, academic, and administrative systems in support of its academic mission and business functions. These systems are maintained and operationally controlled by the Information Technology (IT) department. As used in this policy, the term "user" refers to any person consuming technology resources. The term “IT staff" refers to the staff reporting to the director of the Information Technology department.
This policy statement is intended to provide general description of what is expected of users of university-provided technology resources. It is not intended to be an exhaustive list of all allowed/disallowed activities, but rather a policy for the ethical use of the UI&U computing environment. It applies to all technology resources and services provided to or delivered by UI&U.
Scope of Technology Resources
UI&U technology resources (including computers, laptops, handheld computers, computer accounts, MyUnion Login, printers, networks, network devices, software, e-mail, Web pages, telephones, and telephone long distance and voicemail accounts) are provided for the use of UI&U students, faculty, and staff in support of the programs of the university. Technology resources are owned by the university and are to be used solely for university related activities; they are not to be used for commercial purposes or non-university activities without prior approval from the IT department.
It is recognized that a many UI&U students and faculty will rarely, if ever, use UI&U owned computer equipment, and that many students and faculty access the Internet through their local Internet Service Provider.
Electronic Communications Policy
E-mail is the standard, and often preferred, means of internal communication at UI&U. Official electronic communications are sent only to UI&U e-mail addresses; they may not be forwarded to external e-mail addresses. The university will consider students, faculty and staff to be duly informed and in receipt of notifications and correspondences sent by an administrator, staff, or faculty member delivered to a user’s UI&U e-mail account. It is recommended that users frequently access their UI&U e-mail account for official information and to acknowledge messages in a timely manner.
Faculty and staff are expected to use the automated out-of-office notification functions in e-mail and voicemail when they are away from the office for an extended period.
Network, Internet, and E-mail
The UI&U network, Internet and e-mail systems are provided for the benefit of the university and the education process. Users are responsible for seeing that the Internet is used in an effective, ethical and lawful manner. Users may not use the UI&U technology system for purposes that are illegal, unethical or harmful to the university or others. Examples of unacceptable use are as follows:
- Messages may not be transmitted under an assumed name: all electronically transmitted messages must have the sender’s name attached.
- Users may not attempt to obscure the origin of any message.
- Information published on the Internet may not violate or infringe upon the rights of others (including copyright laws).
- The system may not be used for personal gain or advancement of individual or political views; the use of university technology for solicitation of non-university business, is strictly prohibited.
- Privacy intrusions, such as unauthorized reading of other user's e-mail, using another person’s account (including ID or password "cracking"), reading or deleting unprotected files, etc. are prohibited. Data stored in electronic format is to be considered real property.
- Network connections may not be used for the purposes of making unauthorized connections to, breaking into, or adversely affecting the performance of other systems on the network, whether these systems are university-owned or not.
- Users must not disrupt the operation of the university network.
- Spam, chain letters, and unsolicited bulk e-mail or mass-mailings are prohibited, unless initiated by the university.
- Internet and e-mail use must not interfere with employee productivity. Interference includes, but is not limited to, use of the Internet to watch non-work related videos and listen to Internet radio.
- No messages with derogatory or inflammatory remarks about an individual or group’s race, religion, national origin, physical attributes, or sexual preference will be transmitted.
- Abusive, profane, and/or offensive language may not be transmitted using a UI&U system.
Security and Accounts
All access to technology resources, including the issuing of accounts, must be approved through the IT department. A person to whom UI&U has provided access to one or more of its technology resources may not permit another person to use the system(s) without UI&U's express consent. A person to whom UI&U has provided access to one or more of its technology resources is responsible for the proper use of the resource, including proper password protection. Student technology accounts that expire, along with the files in the expired accounts (including e-mail), will be deleted. Faculty and staff files will be archived prior to deletion.
In order to properly serve its constituents, UI&U records a large amount of extremely confidential data, transmits the information over extensive networks, and stores the information on numerous computing systems. Any breach in the security of these systems or networks could disrupt the university and/or allow such confidential information to be transmitted quickly, silently and without geographic or constituency limits.
Recognizing these vulnerabilities and the need for institutions to limit access to such information, the Federal Government has passed numerous laws concerning personal information. As a result, the university must comply with a complex array of legislation including, but not limited to, the Family Educational Rights and Privacy Act (FERPA). Failure to comply with legislation can have significant adverse consequences on the university. The university is the ultimate owner of all institutional data (information relating to the administration of the university). All institutional data are considered confidential and are intended exclusively for purposes related to the university’s programs. All institutional data and administrative systems may be used only for the legitimate business of the university and not for commercial, personal and/or political purposes.
Requests for access to institutional data, including maintenance and/or inquiry, should be initially directed to a user’s supervisor or dean who will determine the validity of the request. System users are to be provided with the minimum access privileges required to perform permitted tasks. Students will rarely, if ever, be granted access to institutional data. Each systems user is responsible for the security, privacy and confidentiality of the institutional data to which he or she has access. Each system user is responsible for all transactions occurring during the use of his or her account. Users must never share their passwords with others. If a system user suspects that his or her password has been compromised, the password must be immediately changed. System users should log off or lock any system when leaving equipment unattended.
Fraudulent, harassing, offensive or obscene messages or materials are not to be sent, printed, requested, displayed, or stored on UI&U-owned or operated technology resources. Chain letters and other unauthorized forms of mass mailings are not allowed. Information (i.e. pictures and personal information) about a person or business entity is not to be made publicly available, such as on Web pages, without the express consent of the person or business entity.
Special software is installed on university technology resources in order to support resource usage accounting, security, network management, hardware and software inventory, PC back-up systems and software updating functions, and to provide better support to personnel. Authorized IT staff may access others' files when necessary for the maintenance and security of technology resources. Advanced notification of access will be given when possible and time allows. When performing maintenance, every effort will be made to insure the privacy of a user's files. However, if violations of policies are discovered, they will be reported to the director of IT.
In the normal course of managing the campus-based Internet bandwidth and e-mail systems, UI&U may, from time to time, monitor messages created, received or sent via university E-mail servers. These measures are taken to maintain costs, and to ensure usability by UI&U’s widely dispersed constituencies of students, alumni, faculty and staff. Users are expected to refrain from initiating activities that interfere with the work of other users. In doubtful situations, IT staff should be consulted.
Copyright and Software Licenses
University standards regarding academic integrity and academic dishonesty apply to software just as they do to other forms of published work. Users are not permitted to copy, transfer, rename, add or delete information or programs belonging to other users unless given express permission to do so by the owner. Failure to observe copyright or license agreements may result in disciplinary action from the university or legal action by the copyright owner. Using peer-to-peer file sharing applications (such as Kazaa, Morpheus, Grokster, or similar applications) as a tool to download copyrighted music, videos and applications is a violation of Federal copyright law. Allowing other computers to gain access to copyrighted files on user systems via the UI&U computer network is prohibited.
Loading unauthorized applications or operating systems on any computer is prohibited. This applies to any program not explicitly licensed to the end-user or workstation by the IT department regardless of source (i.e., purchased by the user or obtained through public domain/shareware sources).
Deleting, copying, or altering programs without specific instructions from the IT department is prohibited. Federal Copyright Law prohibits the use of unauthorized copies of computer software; this includes copying software belonging to the university for personal use. UI&U does not condone illegal copying of software under any circumstances. Users are expected to strictly adhere to software license terms.
To prevent computer viruses from being transmitted through the system there will be no unauthorized downloading of any software to university-owned and operated computer systems. In the event that software needs to be downloaded and installed on individual staff workstations, contact the IT Help Desk to coordinate the installation. The IT department may uninstall any unauthorized software without prior notice or, if necessary, reload all standard software to university owned equipment.
A user’s technology resources privilege may be suspended immediately upon the discovery of a possible violation of this policy. Suspected violations will be confidentially reported to the appropriate administrator.
The director of IT will initially judge a violation of this policy as either major or minor. A first minor offense will normally be dealt with by the director. An additional minor offense will then be regarded as a major offense; major offenses will be dealt with by the appropriate administrator under the provisions of the university’s personnel policy manual and/or Student Code of Conduct.
A violation of this policy will be dealt with in the same manner as a violation of other university policies and may result in a disciplinary review. The full range of disciplinary sanctions is available, including revocation of technology resources usage privileges, dismissal from the university, and/or legal action.
Other Technology-Related Standards
- The IT department is responsible for all equipment purchases, installations, disconnections, modifications, and relocations. Employees are not to perform these activities without prior authorization from IT staff.
- Users who, with prior consent, borrow hardware, software, or documentation from UI&U, are responsible for its proper care, and for returning it in a timely fashion.
- Users who are provided UI&U equipment may NOT allow anyone else to use the provided equipment (including laptops, cameras, etc.). Sharing of UI&U equipment will result in forfeiture of use of the equipment.
- Many UI&U systems are made available on an unmonitored basis. It is the responsibility of every user to act in such a manner as to not cause damage to physical equipment. Accidental damage, or damage caused by other parties, should be reported to the IT help desk as soon as possible so that corrective action can be taken.
- Modifying the configuration of any university computer, printer, or network device without prior approval of the IT department is prohibited. Deliberate alteration of system files will be considered malicious destruction of university property.
- All users are responsible for using technology resources in an effective, ethical, and lawful manner. Many resources, such as disk space, CPU cycles, printer queues, batch queues, login, and software licenses, are shared by all users. No user may monopolize these resources.
- The university has installed firewalls to assure the safety and security of the university’s networks.
- Users are responsible for picking up their printed output in a timely fashion to avoid theft or disposal.
- Other organizations operating computing and network facilities that are reachable via UI&U technology resources systems may have their own policies governing the use of those resources. Users are responsible for abiding by both the policies set forth in this document and the policies of the other organizations.
Every effort is made by the IT department to prevent the loss of data in the event of hardware or software failure or through human error. Backups are regularly made of administrative systems and system servers. (Backups are not made of data stored on personal computers, therefore all data should be stored on an individual user’s network drive). It must be recognized that in rare cases it may not be possible to restore the latest version of every data file from these backups and some data loss may occur. Because these cases are outside the IT department’s control, IT staff cannot be held liable for any loss of data arising directly or indirectly from failure of hardware, software or from human error.
The IT department has the responsibility to provide advance notice of system shut downs for maintenance, upgrades, or changes so users may plan around periods of system unavailability. However, in the event of an emergency, the department may shut down a system with little or no advance notification. Every effort will be made to give users a chance to save their work before the system is taken out of service.