|
|
ACCEPTABLE USE POLICY | No. 10-2 | Rev. |
| Date: 10-11-05 | |||
I. Preamble. Weber State University provides students, faculty and staff with access to both an internal campus network and to the Internet. Such access, used appropriately, legitimately advances the mission of the university. But there is always the possibility for misuse. This Acceptable Use Policy provides guidelines for the use of network and computing resources that reflect the mission statement of the university, protects WSU community members and others from harm, and helps to preserve the availability of network resources for all WSU community members.
II. Scope of Policy. While this policy deals specifically with issues involving the use of university computing resources and networks, it does not stand alone. All users of university resources are expected to abide by the rules and regulations contained in applicable university handbooks, the Student Code, guidelines and policy and procedure manuals, as well as the laws of the State of Utah and of the United States of America. We remind users that state and federal laws apply to the use of campus networks and the Internet, including but not limited to those dealing with:
- copyright infringement
- defamation
- discrimination
- fraud
- harassment
- identity theft
- obscene materials
This Acceptable Use Policy applies to all individual users of Weber State University's computing and data network facilities. By using these systems, the user agrees to comply with and be subject to this policy. Users accessing Weber State University computing and data network facilities are responsible for maintaining a current understanding of the terms of this policy, which the university reserves the right to change without prior notice. The current version of this policy is available in the university's Policy and Procedures Manual. This policy also covers the use of all devices connected to the university computing and data network facilities whether owned by the university or private individuals.
III. State of Purpose. Weber State University computing facilities and data networks (including the university's Internet connection) are provided for university-related use by Weber State students, faculty, administration and staff in support of the teaching, research, public service and administrative activities of the university. Weber State expects its users to exercise responsible and ethical behavior when using the university's computing and data network facilities.
IV. Implementation and Enforcement.
A. General Guidelines.
1. Use of university computing facilities and data networks must be in keeping with the mission of the university.
2. Use of university computing facilities and data networks is limited to authorized users.
3. University computing facilities and data networks must be used in compliance with applicable state and federal laws and university policies, and may not be used for any illegal purpose.
4. Incidental and occasional personal use of computing resources is permitted as long as the use does not:
a. violate applicable law, rules or policies,
b. disrupt, distract from, or interfere with the conduct of university business (for example, due to nature, volume or frequency), and
c. constitute a regular private business activity.
5. Users are responsible for all actions performed from their network, Internet, eMail and other accounts, as well as from personally owned computers connected to university data networks.
6. The privacy and rights of others must be respected.
7. The ability of legitimate users to utilize the computing facilities and data networks of the university in an efficient and secure manner must be respected.
8. Intellectual property rights, particularly those involving copyrighted material, must be respected.
9. The university reserves the right to take any and all actions necessary to protect the integrity and security of university computing facilities and data networks, including those necessary for law enforcement or other purposes.
10. The use of the university's computing facilities and data networks is a privilege that may be revoked at any time.
11. Disciplinary action in accordance with Weber State University policies and/or appropriate legal action will be taken when warranted.
B. The following are examples of actions which are specifically prohibited under this policy:
1. Use of university computing facilities or data networks for private financial gain in violation of university conflict of interest policies.
2. Sending unsolicited bulk eMail (spam) unrelated to the mission of the university or related bulk eMail without appropriate approval.
3. Sending eMail messages or creating web pages with fraudulent address or header information or containing misrepresentations in authorship or content in an attempt to deceive others.
4. Use of university computing facilities and data networks by unauthorized users.
5. Unauthorized use of another user's account.
6. Providing false or misleading information for the purpose of obtaining access to computing or network facilities.
7. Attempts to access restricted portions of university systems and /or networks without authorization or the unauthorized possession of tools, including software, for such a purpose.
8. Use of university computing facilities and data networks for any illegal purpose or activity.
9. Placing of unlawful information on university systems.
10. Sending or storing public or private eMail message and attachments that violate state or federal law or university policy.
11. Monitoring (or attempting to monitor) another user's communications outside the scope of one's duties.
12. Obtaining (or attempting to obtain) another user's password without their consent.
13. Reading, copying, changing, or deleting (or attempting to read, copy, change or delete) another user's files or software without the prior permission of the owner.
14. Accessing or attempting to access computer systems through the university network, including those external to the university, without authorization of the owner of that system. (This includes port scanning, system exploits, or other techniques designed to gain unauthorized access to a system.)
15. Use of any device or software that interferes with the ability of others to access university networks or systems. (This includes unauthorized networking devices such as routers, and implementations of DHCP, DNS, NNTP, POP, IMAP, SMTP, and WINS servers or implementations of servers that provide uncontrolled access to copyrighted media such as music, video and computer software.)
16. Use of unauthorized wireless networking devices.
17. Damaging (or attempting to damage) any portion of university computing or data network facilities.
18. Use of university facilities for non-university related eMail, browsing the Internet or games or other such activities when computing facilities are crowded thereby depriving other authorized users of access to computing.
19. Use of peer-to-peer networking, or other file-sharing technology in such a manner as to place an undue burden on university resources, or to download or share copyrighted materials in violation of university policy or in violation of local, state, or federal law.
20. Deliberate introduction of computer viruses/worms into university facilities, as well as attempts to create or disseminate such programs.
21. Deliberate misuse of software or other techniques to degrade system or network performance or otherwise deprive authorized personnel of resources or access to university systems or networks, including techniques to disguise or obscure the source of data network traffic.
22. Dissemination of copyrighted materials, outside of the provisions of "fair use," without permission of the copyright holder, including music, movies, games, software, etc.
23. Copying computer software protected by copyright into or by university computing facilities, except as permitted by law. (The use of illegally copied software is a violation of copyright law and will be treated as such.)
24. Use of the university's official web site or eMail for partisan political purposes (with the exception of announcements of general public interest by university political clubs).
25. Public release of confidential or proprietary information.
26. Misuse of trademarks in web pages and eMail, including university-owned marks such as the official logo or seal and trademarks owned by other entities.
27. Other activities of a similar nature not mentioned specifically herein but which violate the general guidelines above.
C. University Actions. The university reserves the right to take appropriate actions reasonably necessary to protect the integrity and security of university computing facilities and data networks. This includes the right to log and monitor network traffic and immediately disconnect any computer disrupting the university's data network, or being used for any activity in violation of this policy. Electronic information on university networks or equipment, including but not limited to electronic mail, is subject to copy and examination by the university where:
- It is necessary to maintain or improve the functioning of university computing resources
- Where there is reasonable cause for suspicion of misconduct under university policies or violation of state or federal laws
- It is necessary to comply with or verify compliance with federal or state law, including but not limited to software licensing agreements
- The requirements of maintaining a safe and secure network dictate the deployment of automatic security systems such as host and network intrusion detection systems, and active protection firewall systems designed to intercept, examine and block data that threatens the university or external networks
The system administrator will keep confidential the contents of files copied and read, unless misconduct is suspected, in which case a copy of the file(s) will be given to the appropriate authorities.
The system administrator has the right to delete any file(s) belonging to faculty or staff who are no longer employed by the organization.
The university makes no warranties of any kind, whether express or implied, with respect to the information technology services it provides; this includes but is not limited to the accuracy or quality of information obtained through its electronic communication facilities and services except material specifically represented as official university records.
The university will not be responsible for damages resulting from the use or misuse of university computing and data network facilities and services, including, but not limited to, loss of data resulting from delays, non-deliveries, missed deliveries, hacking, or service interruptions caused by the negligence of an organization employee, or by the user's error or omissions.
D. Enforcement. The university may suspend without notice, the network access privileges of any user who is believed to be in violation of this policy, pending investigation and review. Violation of this policy may result in denial of access to university computing resources, as well as appropriate disciplinary actions authorized by university policies up to and including termination or expulsion.