Information Technology User Policy 10/31/13

Transcription

1 Information Technology User Policy 10/31/13 This document combines the MCCS Computer and Network Use Policy with an SMCC-specific extension. MCCS Computer and Network Use Policy As with any college system, the Maine Community College System (MCCS) seeks to enhance opportunities for individual and collaborative learning and research. As a public institution with limited resources and distinct policy and legal obligations, the MCCS also needs to ensure that such uses are consistent with those resources and obligations. The goal of this policy is to balance these interests and promote responsible and secure use for all. A. Application This policy applies to: 1. Each college and other entity of the MCCS; 2. All computing resources owned or operated by the MCCS including, but not limited to, all hardware, software, peripherals, networks, network components, accounts, physical and logical data, and all other data or information transmitted by such equipment ( computers ); 3. All employees, students and other persons who use such computers ( users ); and In addition to any other computer use policy adopted by entities within the MCCS, and by entities outside the MCCS that operate resources accessed through or from the MCCS. B. General Rules This policy applies to: 1. Educational Priority: The priority use of MCCS computers is to provide direct support for learning, teaching and administration of MCCS programs. Such priority will govern access to MCCS computers. 2. Use is a Privilege, Not a Right: Use of MCCS computers and accounts thereon is a privilege, not a right. This privilege is limited by the provisions of this policy, any other pertinent policy or law, and may be withdrawn for violation thereof. 3. Limited Right of Privacy: Users may not have an expectation of privacy in their use of MCCS computers or networks. For example, the MCCS reserves the following rights: a. Periodic Network Monitoring: The MCCS reserves the right to monitor periodically, randomly and without notice use rates, patterns, speed and system capacity to ensure the efficiency or integrity of the MCCS network and its computers. Such monitoring may proceed only by a person expressly authorized by the MCCS or college president; b. Inspection of a Particular Account or Computer: The MCCS reserves the right to inspect those accounts, computers or files that the MCCS has reason to believe are misused, corrupt or damaged. Such inspection may proceed only by a person expressly authorized by the MCCS or college president and as advised by the MCCS general counsel; and c. Access by Outside Agencies: User accounts, computers or files may also be subject to access in response to subpoenas, court orders, or other legal or regulatory requirements. Users will be notified as promptly as possible, unless notification is precluded by such subpoena or order. 4. Limited Designated Forum: The MCCS computer network constitutes a limited designated

2 forum. This forum is designated for the limited purpose of helping students pursue, faculty to provide, and non-teaching staff to support the colleges education, training and related programs. 5. Time, Manner and Place Limitations: The MCCS reserves the right to limit certain uses on or through the MCCS computers at those times and locations that the MCCS determines are necessary to regulate system capacity and speed. These limitations apply, but are not limited to, the downloading of video, music, photographic and other large data files. 6. Website and Webpage Development and Management: Any website, web page or other portion of a website hosted by a server owned, operated or maintained by a college or the MCCS is the property and speech of the MCCS, and the MCCS reserves all rights to control the access to, content of, and all other aspects regarding such web pages or websites. The Presidents Council may adopt a procedure for controlling the development and management of such web pages and websites, including standards controlling links to web pages and/or websites that are not owned, operated or maintained by a college or the MCCS. c. Specific Prohibitions Conduct that violates this policy includes, but is not limited to, the following: 1. Displaying, downloading, printing or distributing obscene, sexually explicit or sexually offensive images or text in a manner that constitutes sexual harassment or other violation of law; 2. Violating copyright laws, including the unlawful reproduction or dissemination of copyrighted text, images, music, video and other protected materials; 3. Using System computers for commercial activity, such as selling products or services; 4. Unauthorized access to or use of a computer, computer account or network; 5. Connecting unauthorized equipment to a college or MCCS network; 6. Unauthorized attempts to circumvent data protection or security including, but not limited to, creating or running programs that identify security loopholes or decrypt secure data; 7. Deliberately or negligently performing an act that will interfere with the regular operation of a computer; 8. Deliberately or negligently running or installing a program that, by intent or effect, damages a computer, system or network. This includes, but is not limited to, programs known as computer viruses, trojan horses and worms; 9. Deliberately or negligently wasting computing resources; 10. Deliberately or negligently overloading computing resources, such as running excessive programs that use relatively substantial bandwidth and other resources. This includes, but is not limited to, peerto-peer applications; 11. Violating terms of applicable software licensing agreements; 12. Using electronic mail to harass or threaten another person or organization; 13. Initiating or perpetuating electronic chain letters or unauthorized mass mailings. This includes, but is not limited to: multiple mailings to news groups, mailing lists or individuals; spamming; flooding; and bombing; 14. Misrepresenting or misappropriating the identity of a person or computer in an electronic communication; 15. Transmitting or reproducing materials that are libelous or defamatory; 16. Unauthorized monitoring of another user s electronic communications; or reading, copying, changing or deleting another user s files or software without authority; 17. Communications that use public resources to promote partisan political activities; 18. Communications that are not otherwise protected by law because they constitute, for example, defamation, incitement to unlawful conduct, an imminent threat of actual violence or harm, fighting words, terrorist threats, gross disobedience of legitimate rules, criminal or severe civil harassment or false advertising; and 19. Otherwise violating existing laws or System policies.

3 D. Enforcement Violation of this policy may result in the loss of computing and/or network access; other disciplinary action; and/or appropriate civil or criminal legal action. E. Security Upon recommendations of the college and System directors of information technology, the Presidents Council shall adopt a procedure that provides adequate uniform security for all System and college computers and networks. SMCC Information Technology Policy Extension Information technology includes, but is not limited to, all SMCC computers, printers, voice (phones) and data networks, audio-visual (AV) equipment, servers, software, accounts, and any additional attached peripherals. Users are defined as all employees, students, and other persons who use technology on the SMCC campuses. General Use Policy: See section B, General Rules, in the MCCS policy above. Technology Acquisition: All technology purchases (hardware, software, other) must be approved by the Dean of Information Technology and CIO. Personal Computers: (PCs) It is the responsibility of the user to: 1. Adhere to all MCCS and SMCC technology-related policies. 2. Backup all locally stored user generated files (see the SMCC Backup Policy for Data). 3. Maintain the equipment in a secure, clean environment. 4. Report any damage, malfunction, or loss to the Information Technology Department. It is the responsibility of Information Technology Department to install and maintain a standardized suite of software, an operating system, printers, attached peripherals, and network infrastructure. The Information Technology Department is not responsible for lost data, unsupported applications, or devices acquired by the user. No device or peripheral (wireless access point, printer, etc.) will be attached to the technology infrastructure without the approval of the I.T. department. Unapproved devices will be removed. Printers, Copiers, and Multi-Function Devices (MFDs): The Information Technology Department is responsible for consumable supplies-only in the Ross Technology Building Room 103. It is the responsibility of each department to provide consumable supplies for purchased printers (i.e., paper, toner) and MFDs. Leased copiers and MFDs are contractually maintained through a third party and supplies are acquired through Central Services. Purchased printer and MFD repairs are managed by the I.T. department, while leased copiers and MFDs are maintained through a third party service organization. All printer and copier issues should be reported to the Help Desk. Telephones and related equipment: All telephones and auxiliary equipment must conform to standards established by the Information Technology Department and should be purchased through

4 the I.T. department. Personal equipment must not be attached to the telecommunications infrastructure. The Information Technology Department reserves the right to disconnect any equipment that is not the property of the college. Attached Devices / Peripherals: The maintenance of printers, plotters, scanners, digital cameras, iphones, tablets, and other SMCC-owned devices is the responsibility of Information Technology Department. Networks: The entire network infrastructure is the exclusive responsibility of the Information Technology Department. No devices of any kind will be acquired and attached to the SMCC network infrastructure without the approval of the Dean of Information Technology and CIO. The college maintains public access (Internet-only) and private access (internal systems) via traditional wired connections as well as wireless access points. Public Access Public access is available to all faculty, staff, and student users. It is the sole responsibility of public access users to have anti-virus (A/V), anti-malware, and access control or firewall software on personally-owned systems. The Information Technology Department does not take responsibility for any damage caused to personal equipment connected to the SMCC public access network. In addition, the Information Technology Department reserves the right to ban equipment from public access networks that is deemed disruptive to operations. Private Access Networks Private access is for college owned equipment only. No personal equipment may be connected to a private network without expressed, written consent by Information Technology management, and only after the requested equipment has been installed along with necessary software to ensure protection of other equipment on the private networks. Projectors and other Classroom Technology: The Information Technology Department is responsible for the installation and maintenance of standard classroom and lecture hall LCD projectors, as well as DVD, Blu-ray, SmartBoard, or other technology. Malfunctioning equipment should be reported to the Help Desk. Servers: All servers attached to the college s network are the responsibility of the Information Technology Department. Access to and use of servers must conform to the policies and practices of these departments. Exceptions must be approved by the Dean of Information Technology and CIO. Software: Approval for the acquisition and installation of all software used on college equipment must be explicitly approved by the Dean of Information Technology and CIO. Unauthorized software may be removed from college computers at the discretion of the Information Technology Department. The Information Technology Department is NOT responsible for maintaining any unauthorized software. In addition: Acquisition of all software must be approved prior to purchase by the Information Technology Department. Original copies of licenses, media and documentation must be filed and maintained with the Information Technology Department.

5 No original media or documentation will be assigned to users. Only legal copies of media and documentation will be issued to users. Unauthorized copies of software are illegal and strictly prohibited. Freeware / shareware / open source software must also be approved by the I.T. department. There are significant risks with the download and installation of applications from potentially malicious websites. Assignment of Equipment and Software: The Information Technology Department will assign equipment and software to users based upon the best use of the college. All Information Technology Department equipment may be reassigned as needs arise, including equipment that is purchased by a particular department. Any equipment purchased with college funds is the property of the college and not a particular department. Swapping or Transfer of Information Technology Equipment: Information Technology equipment including telecommunications equipment is assigned to a particular user/s and should not be transferred to another user/s or department without the expressed, written consent of the Information Technology Department. Departments or user/s having surplus Information Technology equipment are to return or request pickup of equipment to the Information Technology Department. Surplus equipment will be redistributed only by the IT Department to ensure appropriate distribution of college IT assets. Requests for Instructional Software Upgrades/New Installations: Computer Labs A new process has been created for review and approval of requested changes to lab configurations (operating system and applications) for each of our thirty-four (34) current lab locations. Five (5) weeks prior to the end of the semester, each chair who has responsibility for a lab will receive an with the current configuration of computer hardware, operating system, applications, printer, and any other information pertinent to that particular lab location. The chair and / or faculty member(s) will have two (2) weeks to review and notify the I.T. department of any requested changes. Those changes must be approved by both the Dean of Information Technology and CIO, and the Vice President. If approved, the change will be implemented for the following semester. If a request for change is not received a minimum of three (3) weeks prior to the end of the current semester, that change will not be implemented in the following semester. Last minute changes to lab images / lab environments are generally not achievable given available I.T. resources. All requests for individual software upgrades / new installations should be made directly to the Information Technology HelpDesk or the IT Help Tab on MySMCC. Once a request has been received, it will be entered into a queue based on priorities determined by college IT policies. Departments making the requests must provide for adequate lead time. Users are responsible for preference settings and should be available during the installation process.

6 Electronic mail is provided to employees to facilitate the college s business. All employees are expected to use in a professional manner. Please reference MCCS Computer and Network policy sections B and C. New Users and the relocation of existing employees: Phone and computing services for new or relocated employees require considerable lead time to complete. Prior to requesting services, the Facilities Management Department must be contacted to setup office furniture and electrical service. In the case of new employees, requests for service must be made by the Human Resources Department in consultation with the employee s supervisor. Adequate surplus computers and printers may not be available on short notice and may have to be requisitioned. Any equipment requisitioned is dependent on the availability of resources. Once an office has been established, basic phone service should be requested at least 2 weeks in advance, provided no unique requirements such as adaptive equipment is required. A minimum of one phone line with a guest voice mailbox will be provided per department for adjunct faculty. Work Order System: All IT technical support, purchasing, and training requests for the Information Technology Department can be entered into the web-based workorder system directly by end users at or through the HelpDesk, x For work orders to be properly processed and placed in queue with the appropriate priority, requests for services should not be made through individual technicians. All work orders will be assigned a priority based on college IT policies as follows: Priority Emergency Critical Standard Low Unacceptable Requests Description Disaster Recovery of major systems: Servers, Networked Infrastructure, Phone System infrastructure, and mission critical activities. Systems or equipment affecting many users or essential services such as computer labs, Local Area Networks, student service offices, instructional classrooms, and financial operations. Individual requests for recovery from system failures (PCs, workstations, printers, plotters, and essential software.) Individual requests for enhancements to existing applications, operating systems, and specialized devices. Requests for service on personal, non-college computer equipment.

7 Information Technology Department Location: Technology Bldg., Room 104 Operational Hours: 7am 5pm, M-F Phone: (207) Website: