Union Institute and University

Technology Resources Acceptable Use Policy

Effective July 1, 2014 as revised

Policy

It is the policy of Union Institute & University that available technological resources be used only as intended—in support of the university’s academic and administrative operations. At Union Institute & University, student and employee access to university-provided technology resources is a privilege, not a right, that may be revoked at any time for misuse. The provisions of this policy apply to all users of Union Institute & University technology resources, whether accessed from on or off campus.

Union Institute & University operates various network, academic, and administrative systems in support of its academic mission and business functions. These systems are maintained and operationally controlled by the Information Technology (IT) department. As used in this policy, the term “user” refers to any person consuming technology resources. The term “IT staff” refers to the staff reporting to the assistant vice president/director of information technology.

This policy is intended to provide a general description of what is expected of users of university-provided technology resources. It is not intended to be an exhaustive list of all allowed/disallowed activities, but a general guide for appropriate and ethical use of the UI&U computing environment. It applies to all technology resources and services provided to or delivered by Union Institute & University.

Scope of Technology Resources

Union Institute & University technology resources (including, but not limited to, computers, laptops, tablets, phones, computer accounts, CampusWeb, printers, networks, network devices, software, email, Web pages, telephones, and telephone long distance and voicemail accounts) may be provided for the use of Union Institute & University employees and students in support of the university’s programs and services. Technology resources are the property of the university and are to be used solely for university related activities. They are not to be used for commercial purposes or non-university activities without prior approval from the IT department.

It is recognized that many Union Institute & University students and faculty will rarely, if ever, use Union Institute & University owned computer equipment, and that many students and faculty access the Internet through their local Internet Service Provider. However, all students and faculty will regularly use technology systems referenced in this policy.

Electronic Communications Policy

Email and CampusWeb are the standard/expected means of internal communication at UI&U. Official electronic communications are sent only to Union Institute & University (myunion) email addresses. The university will consider students and employees to be duly informed and in receipt of notifications and correspondences sent by an administrator, staff, or faculty member delivered to a user’s Union Institute & University email account. It is recommended that users frequently access their Union Institute & University email account for official information and to acknowledge messages in a timely manner. Employees are expected to use the automated out-of-office notification functions in email and voicemail when they are away from the office for an extended period.

Network, Internet, and E-mail

The Union Institute & University network, Internet, and email systems are provided for the benefit of the university and the education process. Individuals accessing these systems are responsible for seeing that they are used in an effective, ethical, and lawful manner. Users may not use UI&U technology systems for purposes that are illegal, unethical, or harmful to the university or others. Some examples of unacceptable use are as follows, although this is not a comprehensive listing:

  • Messages may not be transmitted under an assumed name: all electronically transmitted messages must have the sender’s name attached.
  • Users may not attempt to obscure the origin of any message.
  • Information published on the Internet may not violate or infringe upon the rights of others (including copyright laws).
  • The system may not be used for personal gain or advancement of individual or political views; the use of university technology for solicitation of non-university business, is strictly prohibited.
  • Privacy intrusions, such as unauthorized reading of other user’s e-mail, using another person’s account (including ID or password “cracking”), reading or deleting unprotected files, etc. are prohibited. Data stored in electronic format is to be considered real property.
  • Network connections may not be used for the purposes of making unauthorized connections to, breaking into, or adversely affecting the performance of other systems on the network, whether these systems are university-owned or not.
  • Users must not disrupt the operation of the university network.
  • Spam, chain letters, and unsolicited bulk e-mail or mass-mailings are prohibited, unless initiated by the university.
  • Internet and e-mail use must not interfere with employee productivity.  Interference includes, but is not limited to, use of the Internet to watch non-work related videos and listen to Internet radio.
  • No messages with derogatory or inflammatory remarks about an individual or group’s race, religion, national origin, physical attributes, or sexual preference will be transmitted.
  • Abusive, profane, and/or offensive language may not be transmitted using a UI&U system.

Electronic files (including email, computer files, and voicemail) are presumed to be private and confidential unless they have explicitly been made available by the university. However, users should be aware that equipment made available in computer laboratories is not private; users should not save personal files on computer lab equipment.

Use of University Technology When Traveling or Working Offsite

While traveling, employees are responsible for the safety and security of all university equipment. Personal student and/or employee information (such as social security numbers) may not be stored on any equipment or devices outside of the university network. If university equipment has been issued to work offsite (such as a laptop or wireless Internet connection), the equipment may only be used for university work and may not be used for any personal purposes.

Security and Accounts

All access to technology resources, including the issuing of accounts, must be approved through the IT department. A person to whom UI&U has provided access to one or more of its technology resources may not permit another person to use the system(s) without UI&U’s express consent. A person to whom UI&U has provided access to one or more of its technology resources is responsible for the proper use of the resource, including proper password protection. When a student withdraws from the university, all technology accounts are disabled or removed. All content within those accounts may be removed at that time as well. Files maintained by employees who leave the university are considered to be the property of the university: these files will be archived by the IT department and may be forwarded to another UI&U employee if they contain information that must be retained and/or are important for the continued efficient operation of a department or academic program.

Administrative Systems

In order to properly serve its constituents, UI&U records a large amount of extremely confidential data, transmits the information over extensive networks, and stores the information on numerous computing systems. Any breach in the security of these systems or networks could disrupt the university and/or allow such confidential information to be transmitted quickly, silently, and without geographic or constituency limits.

Recognizing these vulnerabilities and the need for institutions to limit access to such information, the federal government has passed numerous laws concerning personal information. As a result, the university must comply with a complex array of legislation including, but not limited to, the Family Educational Rights and Privacy Act (FERPA). Failure to comply with legislation can have significant adverse consequences on the university. The university is the ultimate owner of all institutional data (information relating to the administration of the university). All institutional data are considered confidential and are intended exclusively for purposes related to the university’s programs. All institutional data and administrative systems may be used only for the legitimate business of the university and not for commercial, personal, and/or political purposes. As such, all employees who access this information is required to adhere to all FERPA guidelines. By accessing these systems, employees acknowledge acceptance of this policy and the FERPA guidelines.

Requests for access to institutional data, including maintenance and/or inquiry, should be initially directed to a user’s supervisor or dean who will determine the validity of the request. System users are to be provided with the minimum access privileges required to perform permitted tasks. Students will rarely, if ever, be granted access to institutional data. Students performing employee tasks (such as work-study employees) are subject to all the policies applicable to all university employees. Each user is responsible for the security, privacy, and confidentiality of the institutional data to which the user has access. Each user is responsible for all transactions occurring during the use of an account. Users must never share their passwords with others. If a user suspects that a personal password has been compromised, the password must be immediately changed. Users should log off or lock any system when leaving equipment unattended.

Harassment

Fraudulent, harassing, offensive or obscene messages, or materials are not to be sent, printed, requested, displayed, or stored on UI&U owned or operated technology resources. Chain letters and other unauthorized forms of mass mailings are not allowed. Information (i.e., pictures and personal information) about a person or business entity is not to be made publicly available, such as on Web pages, without the express consent of the person or business entity. Extreme cases of online harassment may be considered to be stalking behavior, which is a criminal offense.

Monitoring

Special software is installed on university technology resources in order to support resource usage accounting, security, network management, hardware and software inventory, PC back-up systems and software updating functions, and to provide better support. Authorized IT personnel may access others’ files when necessary for the maintenance and security of technology resources. Advance notification of access will be given when possible and time allows. When performing maintenance, every effort will be made to ensure the privacy of a user’s files. However, if violations of policies are discovered, they will be reported to the director of information technology.

In the normal course of managing the campus-based Internet bandwidth and email systems, UI&U may, from time to time, monitor messages created, received, or sent via university email servers. These measures are taken to maintain costs and to ensure usability by UI&U’s widely dispersed constituencies of students, alumni, faculty and staff. Users are expected to refrain from initiating activities that interfere with the work of other users. In doubtful situations, IT staff should be consulted.

Copyright and Software Licenses

University standards regarding academic integrity and academic dishonesty apply to software just as they do to other forms of published work. Users are not permitted to copy, transfer, rename, add or delete information or programs belonging to other users unless given express permission to do so by the owner. Failure to observe copyright or license agreements may result in disciplinary action from the university or legal action by the copyright owner. Using peer-to-peer file sharing applications (such as Torrent software or similar applications) as a tool to download copyrighted music, videos, and applications is a violation of federal copyright law. Allowing other computers to gain access to copyrighted files on user systems via the UI&U computer network is prohibited.

Loading unauthorized applications or operating systems on any computer is prohibited. This applies to any program not explicitly licensed to the end-user or workstation by the IT department regardless of source (i.e., purchased by the user or obtained through public domain/ shareware sources).

Deleting, copying, or altering programs without specific instructions from the IT department is prohibited. Federal copyright law prohibits the use of unauthorized copies of computer software; this law includes copying for personal use software belonging to the university. UI&U does not condone illegal copying of software under any circumstances. Users are expected to strictly adhere to software license terms.

Downloads

To prevent computer viruses from being transmitted through the system, there will be no unauthorized downloading of any software to university owned and operated computer systems. In the event that software needs to be downloaded and installed on individual staff workstations, contact the IT help desk to coordinate the installation. The IT department may uninstall any unauthorized software without prior notice or, if necessary, reload all standard software to university owned equipment.

Violations

A user’s technology resource privileges may be suspended immediately upon the discovery of a possible violation of this policy. Suspected violations will be confidentially reported to the appropriate administrator.

The director of IT will initially judge a violation of this policy as unintentional, minor, or major. Unintentional offenses and first minor offenses will normally be dealt with by the IT head. Any subsequent minor offense will be regarded as a major offense; major offenses will be dealt with by the appropriate administrator under the provisions of the university’s human resources policies and/or Student Code of Conduct.

Violations of this policy will be dealt with in the same manner as violations of other university policies and may result in disciplinary action. The full range of disciplinary sanctions is available, including revocation of technology resources usage privileges, dismissal from the university, and/or legal action.

Other Technology-Related Standards

  • The IT department is responsible for all equipment purchases, installations, disconnections, modifications, and relocations. Employees are not to perform these activities without prior authorization from IT staff.
  • Users who, with prior consent, borrow hardware, software, or documentation from UI&U, are responsible for its proper care, and for returning it in a timely fashion.
  • Users who are provided UI&U equipment may NOT allow anyone else to use the provided equipment (including laptops, cameras, etc.). Sharing of UI&U equipment will result in forfeiture of use of the equipment.
  • Many UI&U systems are made available on an unmonitored basis. It is the responsibility of every user to act in such a manner as to not cause damage to physical equipment. Accidental damage, or damage caused by other parties, should be reported to the IT help desk as soon as possible so that corrective action can be taken.
  • Modifying the configuration of any university computer, printer, or network device without prior approval of the IT department is prohibited. Deliberate alteration of system files will be considered malicious destruction of university property.
  • All users are responsible for using technology resources in an effective, ethical, and lawful manner. Many resources, such as disk space, CPU cycles, printer queues, batch queues, login, and software licenses, are shared by all users. No user may monopolize these resources.
  • The university has installed firewalls to assure the safety and security of the university’s networks.
  • Users are responsible for picking up their printed output in a timely fashion to avoid theft or disposal.
  • Other organizations operating computing and network facilities that are reachable via UI&U technology resources systems may have their own policies governing the use of those resources. Users are responsible for abiding by both the policies set forth in this document and the policies of the other organizations.

Advisories

Every effort is made by the IT department to prevent the loss of data in the event of hardware or software failure or through human error. Backups are regularly made of administrative systems and system servers. (Backups are not made of data stored on personal computers; therefore, all data should be stored on an individual user’s network drive). It must be recognized that in rare cases, it may not be possible to restore the latest version of every data file from these backups and some data loss may occur. Because these cases are outside the IT department’s control, IT staff cannot be held liable for any loss of data arising directly or indirectly from failure of hardware, software, or from human error.

The IT department has the responsibility to provide advance notice of system shutdowns for maintenance, upgrades, or changes so that users can plan around periods of system unavailability. However, in the event of an emergency, the department may shut down a system with little or no advance notification. Every effort will be made to give users a chance to save their work before the system is taken out of service.