|
COMPUTING SERVICES | No. 2-11 | Rev. |
| Date 4-5-88 | |||
OLD POLICY NUMBER - SEE PPM 10-4
I. DEFINITION AND PURPOSE
Computing Services exists as a University-wide service organization
responsible for providing general access to hardware and software in support
of instructional, research and administrative activities funded by the
University education and general budget. Programs funded through auxiliary
organizations or other external sources may use these resources on a
reimbursement basis.
II. OPERATING PHILOSOPHY
Computing Services aims to provide its users with timely, consistent, high-quality responses to their software and hardware questions. Users work
directly with professional staff who provide a centralized pool of technical
knowledge on a wide range of applications, software and hardware
configurations.
These professionals are responsible for particular software applications and
their dependent hardware. They are backed by contracted support from the
vendors of packaged software and related hardware.
The process of developing or enhancing complex applications is reviewed as
needed by committees of academic and administrative users, as well as by the
central Computer Management Committee (CMC). These groups establish
priorities in accordance with institutional goals and direct Computing
Services to implement them.
III. INSTITUTIONAL DATA
Computing Services provides facilities for the integrity, security and
recovery of electronic institutional data residing on mainframe computers.
Users requesting access to institutional data are referred to the appropriate
office or person for authorization prior to processing the request.
Computing Services personnel do not provide access to data without written
authorization from the person or office responsible for the data.
IV. USER ACCESS TO COMPUTING FACILITIES
Upon notification of authorization to access institutional data or computing
facilities, Computing Services will establish user access based on prescribed
institutional and vendor guidelines for the appropriate application. In
order to maximize their value, effectiveness and efficiency, computing
resources must be used in a legal and ethical manner, respecting the
principles of honesty and integrity upon which the academic community relies.
A. Principles for Ethical Use of Computer Systems
1. Unless noted to the contrary, all files are considered private
and confidential.
2. Computer accounts, user numbers and passwords are provided to
individuals and organizational units and can be utilized only
by such users specifically for the purposes for which they
were originally approved.
3. Users are responsible for all usage of their accounts, user
numbers and passwords.
4. Users should avoid excessive demands on computing resources
that may encroach on others' legitimate access and use. Very
demanding computer projects should be scheduled at other than
prime times.
5. Users are responsible to know regulations concerned with
copying software and may not use University equipment,
materials or software to violate the terms of any software
license agreement or copyright.
6. Users should make appropriate use of system-provided security features and take measures to prevent others' access to their computing resources.
B. Unethical Computer Conduct
The following actions constitute unethical use of computer
facilities:
1. Unauthorized use of computer accounts, user numbers or
passwords.
2. Unauthorized use of computer equipment files, data,
directories, subroutines or services, including searching and
copying.
3. Unauthorized changing of a user's account, user number,
password or data.
4. Abuse of an authorized password or exploitation of a loophole
in the computer operating system to obtain resources not
explicitly granted by Computing Services, depriving other
users of access or damaging system performance in any way.
5. Possession and use of programs capable of fraudulently
simulating system responses; modification of systems control
information, especially that which reflects program state,
status or accounting; attempts to modify or crash the system
or to subvert the restrictions associated with computer
accounts.
6. Unauthorized use of computing resources for commercial
purposes or monetary gain either within or outside the
University.
7. Unauthorized transportation to other computer sites of
programs, subroutines or data obtained by and for Weber State
University computer systems; use of programs not in the public
domain obtained from other sites without written
authorization.
8. Use of University equipment to duplicate materials or software
without proper authorization from the copyright holder.
9. Excessive use of computing resources that interferes with the
ability of others to use those resources.
10. Use of computing resources to send messages that are annoying
or threatening.
C. Administrative Guidelines for Prevention of Computer Abuse
1. Regularly scheduled Electronic Data Processing audits will be
conducted to identify and document potential or actual
problems.
2. Problems identified during audits will be corrected by varying
control mechanisms to the extent technically feasible.
3. The Computer Management Committee will address University-wide
problems as needed; Computing Services will supply reports of
computer usage to this Committee as needed.
4. A statement on ethical use of computing resources will be
distributed to users and incorporated in the Student Rights
and Responsibilities handbook and other appropriate University
publications.
5. Workshops will be conducted for faculty, staff and student
groups to sensitize them to the nature of computer abuse and
its consequences and to elicit their support in solving
problems.
D. Procedures for Dealing with Violations
1. Any user who has allegedly violated University computing
policy or regulations has a right to fair disposition of such
charges.
2. First-time or minor violators will be admonished concerning
the inappropriateness of their behavior by the director of
Computing Services or his/her designee.
3. In emergency situations that threaten system integrity,
Computing Services personnel will take immediate action to
terminate temporarily an alleged violator's privileges.
4. Significant or repeat violators will be referred to the
appropriate University office or agency for action.
5. If a violation is sufficiently complex and damaging to
equipment, facilities or another individual to constitute
criminal behavior, the violator should be referred to Campus
Security for legal action.
V. ACCOUNTING FOR COMPUTER USE
Computing Services is responsible to provide accurate records of mainframe
computer use and to provide billings by cost code for services rendered in
line with resources designated for Computing Services on an annual basis.
Where feasible, these records will be maintained by individual users.
VI. DOCUMENTATION OF SYSTEMS AND SOFTWARE
Computing Services is responsible for providing and maintaining documentation
of software and systems it develops.
VII. TRAINING
Responsible departments will provide training for users of mainframe systems
and software on a periodic basis.
VIII. EXTERNAL USE OF COMPUTING RESOURCES
University computing facilities are provided for the use of students and
employees in academic and administrative work related to the goals and
functions of the University. These facilities may be used by other persons
under the following conditions:
A. Usage must be in connection with a program sponsored by an
organizational unit of the University. The University does not lend nor
rent computers or computer time to external agencies or persons.
B. Usage must not interfere materially with availability of facilities to
enrolled students and University faculty and staff.
C. Programs supported by participant fees will be charged a reasonable rate
determined and regularly reviewed by the provost.
D. Revenue realized from external use will be applied first to defraying
direct costs of such use. Any additional funds realized will be placed
at the disposal of the Academic Resources and Computing Committee for
support of student computing facilities.
The director of each laboratory is responsible to insure compliance with the above conditions. Conditions C and D above apply also to non-credit instructional programs.