Network Usage Guidelines Contents

Transcription

1 Network Usage Guidelines Contents Network Usage...2 Peer to Peer and File Sharing...2 Servers or Server Technologies...2 Routers...2 Wireless...2 Network Storage...2 Security and Privacy...3 Security...3 Privacy...4 Privacy of Electronic Files and Communications...4

2 Page 2 of 6 Network Usage PBA provides access to a variety of resources via its computer networks. PBA s computer networks and the resources on those networks are intended to be used for business and educational purposes. Priority will be placed on ensuring that the computer networks remain in a condition that will allow the operations of the University to continue without interruption. The following are some general guidelines for the use of PBA s Computer Systems and Computer Networks: Peer to Peer and File Sharing Peer to peer technology and any illegal file sharing will not be permitted on PBA s networks. Examples of programs that use this technology are: BitTorrent, Vuze, BitComet, Kazzaa, MyTunes, Bearshare, Morpheus, IMesh, or any programs that are used to illegally download or share copyrighted materials. PBA does not condone nor authorize the illegal sharing of copyrighted material and/or media Several legal file sharing programs exist such as ITunes and Napster. These programs integrate copyright protection and user identification and will be permitted as long as files are not shared illegally using these programs. Illegal files or media may not be stored on the PBA campus networks or any University owned equipment. Password protect ITunes for personal use only. Servers or Server Technologies The use of any personal server hardware, server software, or server technologies of any type will not be permitted on PBA s networks. The use of any servers or server technologies must be coordinated with Technology Services. Routers Personal routers including wireless routers will not be permitted anywhere on campus. Wireless PBA makes use of a mixed b and g wireless network. This wireless network allows users to gain access to PBA s network resources via a wireless signal. No personal wireless routers, wireless access points, or any other type of device that broadcasts a wireless data signal will be permitted on campus. Network Storage All students, faculty, and staff members are provided with a designated individualized network storage space commonly referred to as the G drive. This space is allocated for each user to have a space where they can store data on the network. This data will be accessible from any machine, anywhere on campus. Students will be allotted a maximum of 750MB of space for individual use. Faculty and Staff will be allocated 1GB (1024MB) of space for individual use.

3 Page 3 of 6 There are various types of files that should not be stored on the University s network for liability/copyright reasons. Examples of these types of files are: mp3,.wma,.mov,.avi files. These files could cause the University to suffer monetary damages if found to be illegal. Any files of the types listed above (mp3, wma, mov, avi) that are found on G: drives will be considered to be non-academic and dangerous for the University in nature and will be removed. All faculty/staff laptops and desktops are currently equipped with CD burners. Also, if it is more convenient, the Rinker Computer Lab computers are equipped with CD burners. Please feel free to archive any needed G: drive files to a local copy on CD. For assistance with this process, please call the PBA helpdesk. In addition to individual storage space, PBA also provides network storage space for faculty and staff use. This space is commonly referred to as the F drive. Each department/school is allocated a separate space on the network. Initial access will be given only to members of that specific department or school. To request a change in access or additional permissions, please contact the Helpdesk. Security and Privacy Security In order to maintain the best possible computing environment for students, faculty, and staff as well as to maintain the stability of the PBA s computer network, members of the University community are expected to abide by policies and procedures regarding the use of computing resources on campus and the interaction between on-campus resources and the outside world. Although the Internet is a useful tool, malicious users and software programs from outside the College's computer network may negatively affect the experience of network users if not actively dissuaded. Peer-to-Peer (P2P) traffic is one medium to exchange information over the network. Priority is given to academic and administrative non-p2p traffic both leaving and entering the college's network. Otherwise, P2P traffic would easily consume the college's Internet bandwidth. Viruses and worms, if allowed on the network, can cause considerable computer system damage and downtime. Attachments of all electronic mail sent through the PBA network are scanned automatically by anti-virus programs for malicious content and blocked when found to be infected. To protect the network from the automatic proliferation of worms, all student, faculty, and staff computers must be correctly patched and protected from common threats. PBA reserves the right to block all traffic and services deemed malicious, through the use of firewall and intrusion prevention rule sets that protect PBA s computing resources from the Internet. Firewall policies will not affect or impair the use of the University network, Internet, or off-campus resources by most users. With new attacks and vulnerabilities commonly discovered in a wide range of systems, PBA cannot predict what malicious network use may surface. To defend our community against new or emerging network security threats, PBA reserves the right to respond immediately by imposing network restrictions upon any computer system at the University without prior notice.

4 Page 4 of 6 Privacy The university employs various measures to protect the security of its computing resources and its user's accounts. Users should be aware, however, that the university cannot guarantee security and confidentiality. Users should therefore engage in "safe computing" practices by establishing appropriate access restrictions for their accounts, guarding their passwords and changing them regularly. Users should also be aware that their uses of university computing resources are not completely private. While the university does not routinely monitor individual usage of its computing resources, the normal operation and maintenance of the university's computing resources require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns and other such activities that are necessary for the provision of service. Privacy of Electronic Files and Communications The following guidelines shall serve to protect the privacy of the PBA community. 1. University computing resources are provided for educational and administrative purposes. We recognize that computing resources will be used for storing and communicating many types of information, including that of a personal nature. Members of the University community are expected to be judicious in their use of computing resources. These resources should never be used for personal for-profit gain, theft, fraud, invasions of privacy, distribution of illegal materials, or distribution of copyrighted or licensed materials without appropriate approval. Individuals bear the responsibility to avoid libel, obscenity, undocumented allegations, attacks on personal integrity, and acts of harassment. 2. Files stored on an individual's computer or on a shared central system or file server are considered private, to be viewed only by the original creator of the files, unless otherwise so designated by the creator. Access to files by others is prohibited without just cause. (See section 5 below.) a. Faculty and staff should take steps to assure that documents necessary to the operation of the University are available to those that may require them. 3. Electronic communications and messages (such as ) are considered private, to be viewed only by the original sender and designated recipient(s). Access to messages by others is prohibited without just cause or permission. (See section 5 below.) We encourage individuals to reinforce this for sensitive files and messages by flagging them as confidential. a. As a matter of principle and ethics, individuals bear the responsibility for assuring that messages, including attachments and previous appended messages, are forwarded only to parties whose interest is consistent with the purpose of and intent of the previous correspondents. If in doubt, obtain the consent of the original correspondents before forwarding. 4. Members of the PBA community should be aware of the following considerations: a. Data storage and communications are not perfectly secure. There are software and physical limitations that can compromise security. PBA tries to minimize such exposures, but the risks exist. b. Mail delivered outside of the University is notably insecure and should be treated like a postcard. Individuals may redirect (forward) their electronic mail to another Internet site offcampus. Unless you know that the intended recipient of an message has not redirected

5 Page 5 of 6 mail to an off-campus site, you should assume the possibility that others may see the content of the message. c. Deletion of files or messages does not guarantee the inaccessibility of those files and messages. Centrally maintained file-storage devices and mail systems are archived to magnetic tape regularly. These archive tapes are kept for 60 days. d. Privacy depends upon individuals keeping their password secure. Anyone using PBA systems must have difficult-to-guess passwords and must not share his or her password with others. e. Many off-campus Internet sites may record information you provide and divulge this to others without your prior consent. In some circumstances, information about you, your activities on the remote site, and information about your computer, may be recorded without your knowledge. Some remote Web sites may store information on your computer in the form of hidden files or "cookies." Caution and prudence are advised when providing any information you would consider confidential to unknown third parties. 5. Access to another individual's electronic files and is permissible only if there is just cause in the following situations: a. If the creator of files, or the sender/recipient of electronic mail messages, has granted specific permission for another individual or individuals to view designated files and messages. b. In the event of a significant electronic mail system software problem that prevents automatic delivery of electronic mail, message headers must be read by authorized PBA staff to direct to the intended recipients. c. In cases of suspected violations of PBA policies, especially unauthorized access to PBA systems, the administrator of the PBA system may authorize detailed session logging and/or limited searching of user files to gather evidence on a suspected violation. Illegal, irresponsible, or unethical activities may result in loss of privileges or penalties consistent with the judicial procedures and policies of the University. d. In the event of a medical emergency involving a member of the University community which renders them unable to access files or messages considered essential for the continuation of University business, another individual may access the individual's electronic files and communications under the procedures set forth in section 6 below. e. In the event of a need-to-know emergency (suicidal or homicidal threat), access to an individual's files or messages is permitted, following the procedures outlined in section 6 below. f. In the event that a local, state, or federal law-enforcement authority in the investigation of a crime, civil litigation, or regulatory proceeding produces a subpoena, discovery request, or warrant granting access to files or messages, following the procedures outlined in section 6 below. g. In the event of a financial or legal audit, following the procedures outlined in section 6 below. h. In any other instance, no access is granted to an individual's electronic files or messages without prior review and approval by the appropriate body as indicated in section 6a below. 6. Emergency access to another individual's electronic files and messages is granted only under conditions noted in section 5 above. a. Before invoking any such procedure, the circumstance creating the need for access shall be reviewed in a timely fashion, access shall not take place without approval, and specific procedures and strictures may be recommended for each circumstance. The persons involved in the review and approval process will vary depending upon the individual involved: i. Human Resources will assume review and approval responsibility in cases involving a faculty or staff member.

6 Page 6 of 6 ii. The dean of students or the appropriate commons dean will assume review and approval responsibility in cases involving a student. iii. Campus Information Services will work with the departments mentioned above to determine if the needs of the University or third party requesting access outweigh the privacy needs of the individual. b. A neutral third party (not the person's supervisor, adviser, or teacher) shall examine files and messages on the individual's computer, mailbox, or file-server space and provide only the specifically requested file(s) or message(s) to the requester. c. The student, staff, or faculty member will be notified that access has been granted to his/her files or messages unless there is sufficient and compelling reason not to have done so. d. No other files or messages may be copied, transferred, or forwarded. 7. The PBA personnel charged with the administration of the University's computing systems and file servers take their obligations to protect individuals' privacy very seriously. The professional standards consistent with positions that require select individuals to have access to personal and sensitive information are strictly enforced. 8. These policies are subject to change only as may be reasonable under the circumstances.