 |
Acceptable Use of Computers, Networks, and Electronic Information Systems Technology |
|
Academic/
Administrative |
Policy 2.8.1
Effective December 1996
The following are responsible for the accuracy of the information contained in this document
Responsible University Officer
Executive Vice President and Provost
Responsible Office
Office of Information Technology
|
Policy Statement
Computers, networks and electronic information systems are essential resources for accomplishing the mission of the University of Minnesota. It is the responsibility of all University of Minnesota computer, network and electronic information system users to use these resources in an effective, efficient, and responsible manner. All users of University supplied technology facilities equipment, supplies and resources agree to abide by all policies and procedures adopted by the University of Minnesota as well as current international, federal, state and local laws. These include but are not limited to institutional policies against harassment, plagiarism, unauthorized commercial use misconduct and laws prohibiting theft, infringement of intellectual property, and unlawful intrusions.
Authorized computer users at the University of Minnesota have the constitutional right to freedom of speech. They are responsible for the content of their own communications. The University of Minnesota’s various electronic institutional information systems are considered University communications. They are governed by more restrictive University policies on content and access control. Unrestricted access to material or services on these systems is not a guaranteed right for any University of Minnesota user.
The University's employees or agents will not examine or disclose the contents of data, electronic files/communications or other system accounting information except:
- when authorized by the data owner of the information, or
- as permitted by applicable policy or law, or
- as required for system maintenance including security measures and ensuring compliance with related policies
Authorized users' access priveleges to University of Minnesota computers, networks and electronic information systems will not be terminated without cause. Violation of this policy or other University policies may constitute cause for termination of access privelges.
Units within the University may define conditions of use for facilities under their control. These conditions must be consistent with this overall policy but may provide additional detail, guidelines and/or restrictions.
Network traffic at the University is subject to this policy and acceptable use policies of the University's national and international network connectivity providers.
Reason for Policy
The purpose of this policy is:
- To safeguard the integrity of computers, networks, and data, either at the University of Minnesota or elsewhere.
- To ensure that use of electronic communications complies with University policies.
- To protect the University against damaging legal consequences.
Contents
Who Should Know This Policy
President
Provost / Chancellor / Provost
Vice President / Vice Chancellor
Dean
Director / Department Head / Chair
Principal Investigator
Faculty
Resource Responsibility Center Mgr.
Area Manager
All Employees
Students
Related Information
We are providing this information to help users find additional information that is related to this policy.
University of Minnesota Policy Use of University Equipment and Services
University of Minnesota Policy on Sexual Harassment
University of Minnesota Morris- Computer Ethics Policy
University of Minnesota Duluth- Acceptable Use Policy
University of Minnesota Regent’s Policy on Academic Freedom
University of Minnesota World Wide Web Policy
Student Code of Conduct
Faculty Code of Conduct
ADCS E-Mail Policy and Procedures
Minnesota Data Practices Act
Computer Fraud and Abuse Act, 1986
Electronic Communications and Privacy Act
Family Release and Privacy Information Act
University Records and Retention Schedules
Contacts
| Subject | Contact | Phone |
Computer Misuse
UMD Contact | Department Network Administrator
Tim Perala, System Administrator | x
726-6122 |
Computer Misuse Emergency
UMD Contact | Network Helpline
UMD Help Desk | 625-0006
726-8847 |
| Threatening Behavior | Emergency
Non-emergency - U Police
Non-emergency UMD U Police�
Advice - Threat Assesment Group | 911
624-3550
726-7000
625-2000, press #2 |
| Legal Advice | General Counsel | 624-4100 |
| Policy Interpretations - UMD only | Linda Deneen, Director of Information Services | 726-7588 |
History
Amended: December 1997 - Responsible Officer changed from Senior Vice President of Academic Affairs to Executive Vice President and Provost.
Effective: December 1996.
�
Definitions
University Technologies Facilities, Equipment, Supplies Services and Resources
Includes such things as: computers; diskettes; modems, network connections; copiers; paper; facsimiles; machines; tools; telephones (including cellular); campus mail and data networks accessing electronic mail and institutional, colleges, or departmental computer systems. This definition is not meant to be all inclusive but rather reflect examples of University provided equipment, supplies and services.
Authorized User
Individual or entity permitted to make use of University computer or network resources as specified by a data owner, department, entity or college.
Security Measures
Processes, software and or hardware used by system and network administrators to assure confidentiality, integrity and availability of both computers, networks and data belongings to the University of Minnesota and users of University computer and network resources. Security measures include the ability to review files for potential or actual policy violations and responsibility for investigation of security related issues.
Responsibilities
Introduction
All data files and applications belong to an owner. Students, faculty and staff along with other authorized users may be data owners. Files in central systems belong to the account owner. Production electronic data files and computer applications are assigned to representatives of the University who serve as data owners or stewards of the asset.
Data Owners
- Work with University information / data security and network personnel to ensure access to the data and application is limited to those with a legitimate need.
- Ensure that security measures and standards are implemeted and enforced in a method consistent with University policies and sound business preactices.
- Establish measures to ensure the integrity of the data and applications for which they are owners/stewards. These measures may include such things as methodologies, change management and operational recovery planning so that data and applications can be recovered in the event of a disaster.
- Grant individuals appropriate access levels for access the data and applications for which they are assigned ownership/stewardship.
- Review periodically access rights to determine the continued need of access rights at the level assigned for authorized users.
- Assure a process is in place to retain or purge information according to University records retention schedules.
- Determine the sensitivity and criticality of the data and application based on the University, Provost. College, department and legal definitions.
Chief Information Officer
- Establish reasonable security measures to protect private files and information.
- Establish and disseminate enforceable rules.
- Manage and monitor system resource usage.
- Investigate problems and alleged violations.
- Designate individuals who have the responsibility and authority for computer and network resources.
Authorized Users
- Understand and comply with the policies, procedures and laws related to conditions of use authorizing access at the University.
- Ask questions when in doubt about the ethical implications of any given situation or proposed course of action.
- Not subvert or attempt to subvert security measures.
- Report any potential violation of this policy using the procedures in this policy.
Department Entity or College
- Create, disseminate and enforce conditions of use for facilities under their control.
- Respond to concerns regarding alleged or real violations of this policy brought to their attention.
- Monitor the use of University resources.
- Take appropriate disciplinary action.
University Police Department
- Respond to alleged violations of criminal law.
- Coordinate all activities between the University and outside law enforcement
System/Network Administrator
- Take reasonable action to assure the authorized use and security of data, networks, and communications transiting the system or network.
- Respond to questions on details relating to appropriate use of system/network resources.
- Advise in the development of conditions of use or authorized use procedures.
- Cooperate with appropriate University departments and law enforcement officials in the course of investigation of alleged violations of policy or law.
Procedures
In support of the this policy, the following procedures are included:
2.8.1.1 Reporting Violations
2.8.1.2 Taking Disciplinary Action
Appendices
In support of this policy, the following appendix is included:
Guidelines
Comments: process@tc.umn.edu
© 1997 by the Regents of the University of Minnesota.
Policy and Process Development Office. All Rights Reserved.
The University of Minnesota is an equal opportunity educator and employer.
http://www.fpd.finop.umn.edu/2/Sec8/Pol281/Acceptable_Use.html
Updated: December 9, 1997
