Home

Technology Acceptable Use Policy



APPENDIX B
MMC Technology Acceptable Use Policy

Summary
The computing resources at the College support the administrative, instructional, and research activities of the College.  Examples of these computing resources include, but are not limited to, the central computing facilities, the campus-wide network, local-area networks, electronic mail, access to the Internet, and related services.  It is appropriate for all users to act in a responsible, ethical and legal manner when using these resources.  In general, appropriate use means respecting the rights of other computer users, the integrity of the physical facilities and all pertinent license and contractual agreements. Access to the College's computing facilities is a privilege granted to College students and employees.

The College vests the responsibility for ensuring the integrity and performance of the campus computing systems with Information Technology Support Services (ITSS).  While respecting the rights of all users, when the integrity of the system is threatened, systems administrators are authorized to take those actions necessary to maintain the system and are fully accountable for their actions.

Authorized Use
These guidelines apply to all of the computing resources owned by the College and managed by ITSS and to the users of these resources.

Rights, Privileges & Responsibilities

  1. Access to Computing Resources - Faculty, staff, and students may use the campus computing facilities for activities related to College administration, communication, research or instruction.
  2. Computer Software Licensing Policy
    1. The College recognizes that it is against the law to duplicate software programs, and for this reason issues the following directives for compliance with software use and licensing requirements. 
    2. No employee of the College will make unauthorized copies of any software under any circumstances.  Anyone who does so is subject to termination, as well as civil and federal criminal penalties, including fines and imprisonment. 
    3. Legitimate software will be provided to all employees, as authorized by department managers. 
    4. All software on personal computers and local area networks will be used in accordance with the manufacturer's license agreements and the terms stated in the MMC Guidelines for Responsible Computing.  
    5. All software used for work purposes must be purchased through the MMC Purchasing Department after review by ITSS using standard procedures. 
    6. All PC and local area network software at MMC (Yankton campus) must be installed by ITSS.  Software from outside sources (including personally purchased software) may be installed only with prior written approval of ITSS. 
    7. Employees cannot give or distribute software protected under federal copyright law to anyone, including co-workers, clients, family members or others.
    8. Any employee who determines there may be a misuse of software within the College shall notify either his or her department manager or ITSS in order to ensure protection of the company's assets.
    9. ITSS may audit all personal computers and local area networks on a regular basis to ensure the College is in compliance with all software license agreements and copyright laws. All College PCs are also subject to periodic random audits.
    10. The College has made available many programs and data which have been obtained under contracts or licenses saying they may be used, but not copied, cross-assembled, or reverse-compiled.  Users are responsible for determining that programs or data are not restricted in this manner before copying them in any form, or before reverse-assembling or reverse-compiling them in whole or in any part.  If it is unclear whether permission to copy such software exists or not, assume that it cannot be copied.
    11. In support of College policy against use of illegally-obtained software, ITSS will not provide assistance to any department for any software program that has not been licensed and installed according to this policy.
  3. Electronic Mail (e-mail) Policy - Electronic mail (e-mail) is College property.  There is no guarantee of privacy for any e-mail messages.  Users should follow these guidelines:
  4. E-mail should be used primarily for College business.
  5. Content: Use the same care in writing e-mail messages that you use in creating other business communications.
  6. Harassing, off-color or otherwise inappropriate e-mail messages are always prohibited and may result in disciplinary action, up to and including dismissal.
  7. Students are required to submit requests for mass e-mailings to the Dean for Campus Life.  Employees may be required to submit requests to ITSS for mass e-mailings.  All submissions will be reviewed for content.
  8. Be aware that under normal circumstances, e-mail may be retained on back-up tape and therefore may be retrievable.  "Delete" does not mean your message is gone forever. Messages may be routinely retrieved long after the user has attempted to delete them.
  9. If the College becomes involved in an investigation, litigation or any other proceeding which may necessitate the review or production of the College records, e-mail messages may be retrieved and reviewed.  In addition, the College may suspend the regular deletion of all or part of e-mail messages for an indefinite period without notice.
  10. Messages, sentiments, and declarations sent as electronic mail or sent as electronic postings must meet the same standards for distribution or display as if they were tangible documents or instruments.  Users are free to publish opinions, but these opinions must be clearly and accurately identified as coming from the user, or if acting as the authorized agent of a group recognized by the College, opinions must be identified as coming from the group the user is authorized to represent.
  11. Attempts to alter the "From" line or other attribution of origin in electronic mail, messages, or postings, will be considered transgressions of College policy.
  12. Multi-media (e-mail) cards and/or attachments use up excessive system resources.  Do not create or forward such information except when it is directly related to College business.
  13.  Computing & Internet Policy - Those who avail themselves of the campus computing resources are required to behave in their use of the technology in a manner consistent with the College codes of conduct (e.g., mission, philosophy, values, vision statements, employee and student handbooks, etc.).  Due to the rapid growth in computer technology and internet usage in the day-to-day functions of the College, it has become necessary to expand MMC’s Computing and Internet Policy to adequately cover various areas of concern and to ensure that each user is aware of the "dos and don'ts" when it comes to appropriate usage of the College’s computer systems.  Accordingly, the following policy is divided into three categories: Management and Administration; Technical; and Security. The College hopes these guidelines provide a useful tool in understanding the complexity of today's technology.  The following list does not cover every situation which pertains to proper or improper, use of computing resources, but it does suggest some of the responsibilities which a user accepts when choosing to use a computing resource which the College provides.

                   Management and Administration

  1. All computer technology hardware used for work purposes must be purchased through the MMC Purchasing Department after review by the ITSS using standard procedures. 
  2. Users agree to the following: creating, altering, or deleting any electronic information contained in, or posted to, any campus computer or affiliated network, will be considered forgery if it would be considered so on a tangible document or instrument.  Creating and sending, or forwarding electronic chain letters is prohibited.
  3. No College system may be used as a staging ground to enter other systems without authorization. 
  4. In general, College-owned hardware, software, manuals, and supplies must remain at campus computing sites.  Any exception to the rule requires proper authorization. 
  5. Refrain from any unauthorized action which deliberately interferes with the operating system or accounting functions of the systems or that is likely to have such effects. 
  6. Be aware of the public nature of shared facilities, and take care not to display on screens in such locations images, sounds or messages which could create an atmosphere of discomfort or harassment of others.  Refrain from transmitting to others inappropriate images, sounds or messages which might violate the College's statements on harassment.
  7. Avoid the following activities: tying up shared computing resources for excessive game playing or other trivial applications; sending frivolous or excessive mail, printing excessive copies of documents, files, images or data, using unwarranted or excessive amounts of storage; printing documents or files numerous times, running grossly inefficient programs.  Employees and students are asked to be sensitive to special needs for software and services available in only one location, and cede place to those whose work requires the special items.
  8. Users must not prevent others from using shared resources by running unattended processes or placing signs on devices to reserve them without authorization.  Absence from a public computer or workstation should be very brief.  A device unattended for more than ten minutes may be assumed to be available for use, and any process running on that device may be terminated. 
  9. The College has software in place that can monitor and record Internet usage on our system. The user will have no expectation of privacy as to Internet usage. Management may review Internet activity and analyze usage patterns to assure that the College Internet resources are devoted to maintaining the highest levels of productivity re: academic activity and other College business.
  10. The College reserves the right to inspect any and all files stored in private areas of our network or on local hard drives in order to assure compliance with College policies.  In the event of such inspection, notice may be given.
  11. Accessing sexually explicit, adult-oriented or otherwise inappropriate sites is never permitted at any time.  The display of any kind of sexually explicit image or document on any company system is a violation of College policy on sexual harassment. In addition, sexually explicit material may not be archived, stored, distributed, edited or recorded using College network or computing resources.
  12. The College’s Internet facilities and computing resources must not be used knowingly to violate the laws and regulations of the United States or any other nation, or the laws and regulations of any state, city, province or other local jurisdiction in any material way. Use of any College resources for illegal activity is grounds for immediate dismissal, and the College will cooperate with any legitimate law enforcement activity.
  13. Any software or files (including web pages) residing on the company network or company PC become the property of the College. Any such files or software may be used only in ways that are consistent with their licenses or copyrights.  All web pages are subject to censorship by the College.  Content and style must reflect the mission and values of the College.
  14. Users may not use College facilities knowingly to download or distribute pirated software or data.
  15. Users may not use the College’s Internet facilities to deliberately propagate any virus, worm, Trojan horse, trap-door or otherwise destructive program code.
  16. Users may not use the College’s Internet facilities knowingly to disable or overload any computer system or network, or to circumvent any system intended to protect the privacy or security of another user.
  17. When using Internet facilities of the College, users shall identify him/herself honestly, accurately and completely (including one's college affiliation and function where requested) when participating in chats or newsgroups, or when setting up accounts on outside computer systems.
  18. Employees with Internet access may not use College Internet facilities to play or download entertainment software or games, or to play games against opponents over the Internet.
  19. Management reserves the right to limit or revoke Internet privileges where activity becomes excessive or otherwise detrimental to an employee's performance. Additional restrictions on Internet use may be imposed by each department head as necessary.
  20. Use of College Internet access facilities to commit infractions such as misuse of College assets or resources, sexual harassment, unauthorized public speaking and misappropriation or theft of intellectual property is also prohibited, and will result in discipline, up to and including termination and criminal prosecution.

                   Technical

  1. User IDs and passwords help maintain individual accountability. Any user who obtains a password or ID must keep that password confidential. College policy prohibits the sharing of user IDs.
  2. Employees should schedule communications-intensive operations, such as large file transfers, mass e-mailings and the like, during off-peak hours before 8:30 am or after 5:00 pm.
  3. Any file that is downloaded must be scanned for viruses before it is run or accessed.
  4. Video and audio streaming and downloading technologies such as radio broadcast feeds and movie type clips represent significant data traffic which can cause local network congestion. Excessive video and audio streaming and downloading may be monitored and coordinated through ITSS.

            Security

  1. Users should use all available methods to protect their files, including the frequent changing of their passwords, encryption of data where appropriate, and storing back-up copies of information off site.  In the event that data has been corrupted as a result of intrusion, a system administrator should be notified immediately.  Every reasonable attempt will be made to restore files to their status prior to intrusion.  However, full restoration cannot be guaranteed.  User data stored on the network is backed up five times each week and a complete system backup is done once each week.
  2. Users are responsible for the activity of that account.  Users are asked to set a password which will protect his/her account from unauthorized use, and which will not be guessed easily.  If it is discovered that there has been unauthorized use of an account, users are asked to change the password and report the intrusion.  A user should change his/her account password on a regular basis, to assure continued security of the account.  Users should use only their assigned computer account.
  3. Users must not intentionally seek information about, browse, obtain copies of, or modify files, passwords, or tapes belonging to other people, whether at MMC or elsewhere, unless specifically authorized to do so by those individuals.  (Note:  if an individual has explicitly and intentionally established a public server, or explicitly designated a set of files as being for shared public use, others may assume authorization to use that server or those files.)
  4. Users must not attempt to decrypt or translate encrypted material to which they are not entitled.  Nor may they seek to obtain system privileges to which they are not entitled.  Attempts to do any of these things will be considered serious transgressions.
  5. Users who encounter or observe a gap in system or network security must report the gap to a system administrator.  Users must refrain from exploiting any such gaps in security.
  6. The College has installed a variety of systems to assure the safety and security of its networks. Any user who attempts to disable, defeat or circumvent any College security facility will be subject to immediate dismissal. An unauthorized attempt to access a computer is a federal offense subject to criminal prosecution.
  7. Files containing sensitive College data that are transferred in any way across the Internet must be encrypted.  Users attempting to gain unauthorized access to information in password secure files will be subject to discipline up to and including termination.
  8. Any personal computer used for independent dial-up or leased-line connections to any outside computer or network must have auto-answer disabled in order to minimize system compromise.  Questions on this topic should be directed to ITSS.
  9. In the event College systems are accessed from an associate's home or elsewhere outside the office, all precautions required for office usage are similarly mandated for remote access. For example, the sharing of user IDs is prohibited and a Windows screen saver with a password is mandatory.
  10. Software received electronically is still subject to all applicable licensing agreements, and must be purchased and used in full compliance with the Computer Software Licensing Policy.
  11. Accessing software and e-mail from any source increases the chances of getting computer viruses. All downloaded software must be scanned for viruses before use. Do not open e-mail and/or attachments unless you know the source and have scanned attachments for viruses.
  12. Temporary Denial of Service - Routine maintenance and system administration may cause temporary interruption of computing services.  Every effort will be made to perform such activities during off-hours.
  13. College Responsibility for Error in Software, Hardware & Consulting - ITSS makes every effort to maintain an error-free hardware and software environment for users and to ensure that the computing staff is properly trained.  Nevertheless, it is impossible to ensure that hardware or system software errors will not occur or that staff will always give correct advice.  ITSS presents no warranty, either expressly stated or implied, for the services provided.  Damages resulting directly or indirectly from the use of these resources are the responsibility of the user.
  14. Changes in the Computing Environment - When significant changes in hardware, software or procedures are planned, the College community will be notified through electronic and/or other media to ensure that all users have enough time to prepare for the changes.

Violations of These Guidelines
Violations of the College Guidelines for Responsible Computing are treated like any other violation as outlined in the Student Handbook, relevant contractual agreements, and applicable faculty and staff handbooks.  Violators may also be subject to prosecution under applicable Federal and South Dakota statutes.

Acknowledgement
This document contains excerpts and paraphrased sections from similar documents prepared by Brown University, Princeton University, University of Delaware, University of Illinois at Champaign, Urbana, Iowa State University, Montclair State University, Raymond James Financial Associates and the Electronic Frontier Foundation.  We gratefully acknowledge their contributions.