Responsible Use of Technology Resources Policy
Approved by Executive Council on May 3, 2016
|Policy Number||Policy Owner|
|10019.2||Library and Information Technology Services|
The College strives to provide the most current and useful information technology, resources, and networks to faculty, students, and staff. The excellence of our system is dependent on the integrity of our users. Individuals are accountable for their actions and all activity involving the accounts for which they have responsibility.
2.0 Revision History
|c. 2000||1.0||New Document|
|c. 2001||1.1||Minor Revisions|
|c. 2012||1.2||Minor Revisions|
3.0 Units and Persons Affected
All users of college-provided technology services including, but not limited to, faculty, staff, volunteers, students, and employees of the Research Foundation, College Auxiliary Services, and other permitted third-party organizations.
All users accessing the Internet on campus are assigned to or affiliated with public IP addresses. It is the responsibility of the campus to address any violations of responsible use that are impacting services outside the campus network as such violations may damage the reputation of the college.
Users must comply with all applicable federal, state, and local laws, regulations, and College policy, with respect to, but not limited to, computer use, Internet use, network security, and protection of sensitive data.
Users must make best efforts towards maintaining the integrity of their systems so that unintended violations do not occur. This includes virus and malware protection, as well as eliminating any potential back door entry points to the network segment they operate in. Remote access for support purposes may be allowed if coordinated with Network Operations and deemed secure.
In addition to protecting the integrity of the College, users must also not intentionally interfere with, or unintentionally cause interference to, other services and users on the campus network.
It is imperative that each organization and individual understands that any violation will result in termination of network service until the violation has been addressed and sufficient proof is provided that the violation will not occur again.
While using college-provided technology services and equipment in any format, users are expected to:
4.1 Respect the rights of others. For example:
4.1.1 Users will comply with all College policies regarding sexual, racial, and other forms of harassment and disorderly conduct.
4.2 Respect the intended usage of resources. For example:
4.2.1 Users will use only the unique account assigned, users will not share their account with others, and users will abstain from any activity that abuses system resources such as chain letters, flooding/spamming, etc.
4.2.2 Users will not utilize college-provided technology resources to engage in unsanctioned commercial or profit-making enterprises.
4.3 Respect the legal protection provided by copyright and licensing of programs and data. For example:
4.3.1 Users will not make copies of a licensed software program or make multiple copies of information that is protected under copyright law.
4.4 Respect the integrity of system and network resources. For example:
4.4.1 Users will not breach system security through any means, including hacking, viruses, Trojan horses, password grabbing, and disk scavenging or the addition of unauthorized network equipment or provide any means of unauthorized network access.
4.4.2 Users will not view, copy, alter or destroy any data, or connect to a host on the network without explicit permission of the owner.
4.4.3 Users will not tamper with network equipment, wiring, or jacks.
4.4.4 Users will not resell or provide access to the network to anyone not formally affiliated with the College without receiving prior permission.
4.4.5 Users will not use the campus network to circumvent protection schemes or exercise security loopholes in any computer or network component.
4.5 Respect the intended usage of computer systems and networks for electronic exchange (such as e-mail, Internet, World Wide Web, etc.). For example:
4.5.1 Users will not send forged or anonymous e-mail, read another person's electronic mail, send chain letters, conduct commercial activities, violate copyright, etc.
Violations of this policy may result in loss of access to college-provided technology resources and/or referral to other administrative offices for appropriate disciplinary action in accordance with College policies and applicable collective bargaining agreements. Violations of local, state, and federal laws will be referred to other appropriate law enforcement agencies.
5.1 Administrators – Includes LITS System and Network Administrators or others designated by the Dean of Library and Information Technology Services to monitor and manage a college technology resource.
5.2 Unauthorized network equipment – Includes, but are not limited to, wireless routers and access points, switches and hubs, and computers that have connection sharing turned on.
5.3 Unauthorized network access – Access to the network by an individual or group that:
5.3.1 does not comply with this policy, or
5.3.2 circumvents the acceptance of this policy, or
5.3.3 bypasses security measures designed to prevent unauthorized access to the network.
6.1 All members of the SUNY Plattsburgh community will comply with this policy.
6.2 While using college-provided technology services and equipment, users should be aware that there is no expectation of privacy. The College reserves the right to access all college-provided technology services or equipment, including user accounts or logs, for purposes including, but not limited to, troubleshooting technology problems, performing vulnerability scans/penetration tests, investigating violations of College policy, responding to legal mandates, and actual or anticipated litigation.
7.1 Administrators may make immediate (without consultation) changes to the network, systems, and software to address security and performance concerns. Such actions may include, but are not limited to, disabling accounts, removing unauthorized devices, and logging transitory data as evidence.
7.2 If feasible under the circumstances, when such immediate actions are taken, the affected parties will be notified as soon as possible.
7.3 When such actions are taken, the incident will be logged in the LITS System and Network change log.
7.4 Copies of the incident will be sent to the Computer Information Systems Coordinator, Computer Systems and Desktop Support Coordinator, Network Operations Coordinator, Network Manager, the Registrar (if FERPA related), Information Security Analyst, Dean of Library and Information Technology Services, and other offices as deemed appropriate by the Dean of Library and Information Technology Services.