Alabama A&M University Acceptable Use of Information Systems

Alabama A&M University Acceptable Use of Information Systems

Acceptable Use Policy

Procedure 5.1:  Acceptable Use of Computing Resources

Purpose

The University Network incorporates all electronic communication systems and equipment at Alabama A&M University (the “University”).  This Acceptable Use of Computing Resources Procedure (“AUP”) sets forth the standards by which all Users may use the shared University Network.  Electronic communication systems and equipment refers to all computers owned or operated by the University and includes hardware, software, data, and communication networks, printers, network-attached devices, and any other peripherals associated with these systems.

The University Network is provided to support the University and its mission of education, service, and research. Any other uses that jeopardize the integrity of the University Network, the privacy or safety of other Users, or that are otherwise illegal are prohibited.  The use of any University electronic communication systems or the University network is a revocable privilege

By using or accessing the University Network, Users agree to comply with this AUP and other applicable University policies and procedures which may be implemented from time to time, as well as all federal, state, and local laws and regulations.  Only authorized Users are permitted to use and/or access the University Network.

The term “User” refers to any faculty, staff, or student associated with the University, as well as any other individual with access to computers or other network devices that have been approved by the University for connection to the University Network. This definition includes, but is not limited to, contractors, visitors, and temporary affiliates.

Rights and Responsibilities

The rights of academic freedom and freedom of expression apply to the use of university computing resources. So too, however, do the responsibilities and limitations associated with those rights. The university supports a campus and computing environment open to the free expression of ideas, including unpopular points of view. However, the use of university computing resources, like the use of other university-provided resources and activities, is subject to the requirements of legal and ethical behavior. Thus, legitimate use of a computer, computer system or network does not extend to whatever is technically possible.

Principles

Users of university computing resources must comply with federal and state laws, university rules, policies and procedures, and the terms of applicable contracts including software licenses while using university computing resources. Examples of applicable laws, rules and policies include the laws of libel, privacy, copyright, trademark , obscenity and child pornography;  the Alabama Computer Crime Act, the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit “hacking,” “cracking” and similar activities; the university’s Student Code of Conduct; the university’s Sexual Harassment Policy.  Users who engage in electronic communications with persons in other states or countries or on other systems or networks may also be subject to the laws of those jurisdictions and the rules and policies of those other systems and networks. Users with questions as to how the various laws, rules and resolutions may apply to a particular use of university computing resources should contact the Office of the General Counsel for more information.

General requirements for acceptable use of the University Network are based on the following principles:

  • Each User is required to behave responsibly with respect to the University Network and other Users at all times.

  • Each User is required to respect the integrity and the security of the University Network.

  • Each User is required to behave in a manner consistent with University’s mission and comply with all applicable laws, regulations, and University policies and procedures.

  • Each User is required to be considerate of the needs of other Users by making every reasonable effort not to impede the ability of others to use the University Network and show restraint in the consumption of shared resources.

  • Each User is required to respect the rights and property of others, including privacy, confidentiality and intellectual property.

  • Each User is required to cooperate with the University to investigate potential unauthorized and/or illegal use of the University Network.

  • Each User is required to respect the security and integrity of university computer systems and data.

  • Privately-owned computer systems or those owned by collaborative research projects, when attached to, or connected via, the campus data network and/or other campus resources are subject to the same responsibilities and regulations as pertain to University-owned systems. University account holders who use computers belonging to others to connect to the campus network either directly or via Virtual Private Network (VPN) must assure that the computers are in compliance with University regulations before making such connections.

Except for personally owned computers, the University owns, or has responsibility for, all of the computers and the internal computer networks used on campus. The University also has various rights to the software and information residing on, developed on, or licensed for these computers or networks. The University has the responsibility to administer, protect, and monitor this aggregation of computers, software, and networks.

Prohibitions

Without limiting the general guidelines listed above, unless expressly agreed to by the Chief Information Officer, the following are examples of improper use of Computer and Network systems:

  • Prohibited Behavior:  Storing, transmitting or printing any of the following types of Electronic Communications on the Computer System is prohibited: material that infringes upon the rights of another person; material that is obscene; material that consists of any advertisements for commercial enterprises; material or behaviors that violate the Alabama A&M University Code of Student Conduct or other University Policies or Procedures; or material that may injure someone else and/or lead to a lawsuit or criminal charges.

  • Identity Fraud:  Users may not attempt to disguise their identity, the identity of their account or the machine that they are using. Users may not attempt to impersonate another person or organization. Users may likewise not misuse or appropriate the University’s name, network names, or network address spaces.

  • Privacy Infringement: Users may not attempt to intercept, monitor, forge, alter or destroy another User’s communications. Users may not infringe upon the privacy of others’ computer or data. Users may not read, copy, change, or delete another User’s data or communications without the prior express permission of such other User.

  • Hacking or Spamming:  Users may not use the University Network in a way that (a) disrupts, adversely impacts the security of, or interferes with the legitimate use of any computer, the University Network or any network that the University connects to, (b) interferes with the supervisory or accounting functions of any system owned or managed by the University, or (c) take action that is likely to have such effects. Such conduct includes, but is not limited to: hacking or spamming, placing of unlawful information (i.e., non business-related information) on any computer system, transmitting data or programs likely to result in the loss of an individual’s work or result in system downtime, sending “chain letters” or “broadcast” messages to lists or individuals, or any other use that causes congestion of any networks or interferes with the work of others.

  • Harassment:  Harassing others by sending annoying, abusive, profane, threatening, defamatory or offensive messages is prohibited.  Users may not distribute or send unlawful communications of any kind, including but not limited to cyberstalking, cyberbullying, threats of violence, obscenity, child pornography, or other illegal communications (as defined by law). This provision applies to any electronic communication distributed or sent within the University Network or to other networks while using the University Network.

  • Use of Pornography:  Intentional access to or dissemination of pornography by University employees, temporary staff, contractors, or vendors is prohibited unless (1) such use is specific to work-related functions and has been approved by the respective manager or (2) such use is specifically related to an academic discipline or grant/research project. This provision applies to any electronic communication distributed or sent within the University Network or to other networks while using the University Network.

  • Network Security Infringement:  Users may not attempt to bypass network security mechanisms, including those present on the University Network, without the prior express permission of the owner of that system. The unauthorized network scanning (e.g., vulnerabilities, post mapping, etc.) of the University Network is also prohibited. For permission to perform network scans, user must receive prior approval by calling 372-HELP (4357) and submitting a ticket to the Information Security Office.

  • Unauthorized use of data:  Users may not engage in the unauthorized copying, distributing, altering or translating of copyrighted materials, software, music or other media without the express permission of the copyright holder or as otherwise allowed by law. Information on the Digital Millennium Copyright Act can be found at: http://www.copyright.gov/legislation/dmca.pdf and the Copyright Act at: http://www.copyright.gov/title17/.

  • Non University Business/Commercial Use: Users may not use the University Network for private business, commercial or political activities, fundraising, or advertising on behalf of non-University organizations, unlawful activities, or uses that violate other University policies.

  • Illegal access or connecting to the University Network:  Users may not extend or share with public or other users the University Network beyond what has been configured accordingly by Information Technology Services. Users are not permitted to connect any network devices or systems (e.g., switches, routers, wireless access points, VPNs, and firewalls) to the University Network without advance notice to and consultation with Information Technology Services.

  • Destruction, Sabotage:  Intentionally destroying anything stored on the Computer System.  Deliberately performing any act that will seriously impact the operation of the Computer System.  This includes, but is not limited to, tampering with components of a local area network (LAN) or the high-speed backbone network, otherwise blocking communication lines, or interfering with the operational readiness of a computer or peripheral.

  • E-Mail Forgery:  Forging e-Mail, including concealment of the sender’s identity, is prohibited.

  • Program/Software Theft:  Unless specifically authorized, copying computer program(s) from the Computer System or from University purchased media for personal use is prohibited.

  • Violation of Laws or Ordinances:  Users may not violate any laws or ordinances, including, but not limited to, laws related to copyright, discrimination, harassment, threats of violence and/or export controls.

  • Recreational Use:  Recreational use of the Computer System that interferes with the ability of other users to complete their work is prohibited.  In particular, if you are using a machine in a Public Computer Lab for recreational purposes, and others are waiting to use a machine for academic purposes, you are expected to give up your seat.

Review and Penalties

  • Users should have no expectation of privacy as to any communication on or information stored on the University network or University computers.  The University reserves the right to review and/or monitor any transmissions sent or received through the University Network (including e-Mail and voicemail).  This includes access without notice, where warranted. Non-intrusive monitoring of campus network traffic occurs routinely, to assure acceptable performance and to identify and resolve problems. If problem traffic patterns suggest that system or network security, integrity, or performance has been compromised, network systems staff will investigate and protective restrictions may be applied until the condition has been rectified.  Access to other transmissions sent or received through the University Network may occur in the following circumstances:

 

  • In accordance with generally accepted, network-administration practices;

  • To prevent or investigate any actual or potential information security incidents and system misuse, if deemed necessary by authorized personnel;

  • To investigate reports of violation of University policy or local, state, or federal law;

  • To comply with legal requests for information (such as subpoenas and public records requests); and

  • To retrieve information in emergency circumstances where there is a threat to health, safety, or University property involved

B.    Penalties for violating this AUP may include:

  • Restricted access or loss of access to the University Network;

  • Disciplinary actions against personnel and students associated with the University,

  • Termination and/or expulsion from the University, and

  • The University may also refer suspected violations of applicable law to appropriate law enforcement agencies.

The University, in consultation with its legal counsel, may contact local or federal law enforcement authorities to investigate any matter at its sole discretion.

Policy Updates

The University reserves the right to update or revise this AUP or implement additional policies or procedures in the future. Users are responsible for staying informed about University policies and procedures regarding the use of computer and network resources and complying with all applicable policies.  Changes required by university contractual commitments shall be effective and binding to users upon execution of any such contract by the university. A user shall be deemed to have accepted and be bound by any change in University policies, information, requirements or procedures if such user uses computer or network resources at any time following announcement or publication of such change.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s