Computing Code of Conduct

Summary

Rules for using Nazareth computing resources and services

Body

Overview

The rules that comprise this Code of Conduct apply to all areas of computer use at Nazareth University, including all computers, storage devices, networks, and network devices owned or managed by the University, including any for which the University contracts with a third party. Additionally, this Code of Conduct applies to all devices, whether owned by the University or a third party, that access the University’s wired or wireless network, a University e-mail account, University applications and data, or otherwise access any protected University network or website.  Such devices include but are not limited to mobile phones, tablets, or laptop computers, or any other electronic device with access to the University’s networks (together with all areas of use described in this paragraph, the “University Network”).  The Chief Information Officer is responsible for publishing, and in concert with other members of the University community, enforcing this Code.

 

Code of Conduct

A variety of computer resources are currently available at Nazareth, from local area networks that provide access to PC and Mac based software, to wide area networks such as the Internet, including wireless internet and cloud-based or hosted services (the “Computing Resources”). All users are required to follow this Code of Conduct when using these resources.

Any information stored on University computers, or with third party providers under contract by the University, is stored digitally in multiple live and backup sources and, aside from the usual difficulties of guaranteeing confidentiality, is always subject to "discovery" by means of subpoena. Although the University may seek appropriate legal counsel, users should assume that the University will cooperate with outside agencies investigating violations of local, state, or federal law, including but not limited to copyright infringement (this should be specifically noted with respect to downloaded music, videos, etc.).

Although Nazareth University does not routinely monitor communications or transmissions, users should also assume that, per NYS Law,  any and all telephone conversations or transmissions, electronic mail or transmissions, or internet access or usage by an employee by any electronic device or system, including but not limited to the use of a computer, telephone, wire, radio or electromagnetic, photoelectronic or photo-optical systems may be subject to monitoring at any and all times and by any lawful means.

Procedures such as deleting files and reviewing accounts to ensure effective and secure use of and access to the University Network and computing resources may be necessary during the normal operation of the University's computer systems. If either as a result of this routine work, or as the outgrowth of a reasonable report or request from other individuals or agencies, the Chief Information Officer determines that a possible violation of this Code has occurred, he/she may authorize that an account or other technology asset be investigated or retained by Information Technology Services staff or other appropriate staff members.

Violation of the Code or abuse of the privilege of using the University Network and the University’s computer resources can lead to:

  • Loss of computing privileges
  • Disciplinary action
  • Criminal Prosecution

 

Rules of Conduct

The Nazareth University Computing Code of Conduct includes, but is not limited to, the following rules. Questions about the Code should be directed to the Chief Information Officer.

  1. You must keep your password secure and confidential.
  2. You may not let another person access your account.
  3. You may not possess or attempt to possess another user's password.
    • Exceptions to (1), (2) and (3) may be permitted, but only for academic or administrative reasons and with approval by the Chief Information Officer. All individuals are responsible for the security of the accounts and equipment assigned to them, and of equipment owned by them and connected to University owned facilities. Any policy or security violation traced back to a certain account or resource will be assumed to be the responsibility of the person assigned or owning that resource, regardless of who committed the violation. Only institutionally approved individuals, and only in their roles as server or shared-resource managers for other users, are excluded.
  4. You may not copy, retain, or distribute copyrighted or proprietary material without written consent of the copyright holder. This applies to computer software, documentation, music and video files, and other tangible and intangible assets protected under U.S. copyright and patent laws. This includes the use of the University Network as a vehicle for copyright infringement, regardless of ownership of the computer or storage medium involved, and regardless of the University's arrangement with any third party to provide or manage the University Network. Regardless of whether any profit is made from copyrighted material, it is illegal to provide uncontrolled access to such material (as would usually be the case in peer-to-peer file sharing programs).
  5. The number of simultaneous users for a piece of software may not exceed the number authorized in the copyright, purchase, or license agreement for that software.
  6. You may not use false or misleading identification to gain access to any Computing Resource.
  7. You may not access the University Network in order to carry out any unauthorized use of the University Network or computing resources.
  8. You may not use a University account for any purpose other than that for which you are authorized.
  9. You may not use the University Network, including any Computing Resource, for personal profit or commercial gain or to act on behalf of any political party or candidate for public office. Employees who are engaged in professional fee-based consulting relationships, where the professional nature is related to their professional position at Nazareth, may use the University Network and computing resources for communication with existing clients, but not for advertising or promoting.
  10. You may not change, copy, delete, read or otherwise access files or software without permission of the owner (in the case of user files), authorized supervisor (in the case of departmental data files)  or system administrator (in the case of system specific files).
  11. You may not attempt to prevent others from accessing any Computing Resource. This includes, for example, monopolizing a computer that contains software needed for course work, deliberately crashing or slowing down any system, posting of mass mailings or chain letters, or executing additional log ins.
  12. You may not attempt to bypass accounting or security mechanisms, or attempt to circumvent protection schemes or uncover security loopholes. If you find a security loophole, you are required to report it to the Chief Information Officer immediately.
  13. You may not use any Computing Resource, including the University Network itself, to attack, disable, or gain unauthorized access to any other Computing Resource or private device accessing the University Network either on or off the Nazareth campus.
  14. All personally owned equipment connected to the University Network or accessing University data  must comply with reasonable industry security standards (for example, a PC or Mac must be running an effective and currently updated anti-virus software package and must have all operating system patches installed.)
  15. If  you use a phone or other mobile device, regardless of ownership (University, personal or 3rd-party), to access  Nazareth e-mail or data, you must protect the device with a secure passcode.
  16. You may not attempt to harass anyone – either on or off campus -  using any Computing Resource or any computer system that is connected to the University Network. This includes, for example, sending libelous or threatening messages, or generating or facilitating unsolicited bulk commercial emails.
  17. By using a Computing Resource or accessing the University Network, you agree to abide by and not otherwise violate any rules in the Nazareth University Student Handbook, Academic Integrity Policy, faculty or staff manuals, or other University policy statements, or any local, state or federal laws.
  18. You may not attempt to compromise the privacy of others. This includes, but is not limited to, the installation of traffic sniffers, key loggers, etc. or any other hardware or software designed to capture information.
  19. Individuals who store or transmit sensitive or confidential information on their computers are accountable for that information and must make sure the appropriate security measures (encryption, etc.) are in place. Further guidance regarding the storage, transmission and protection of sensitive or confidential  information may be found in the University’s Information Security Policy which can be found at https://www2.naz.edu/its/security-privacy-policies/policies/ .
  20. You must follow the code of conduct of any local area or wide area network (including the Internet) to which the University is connected.
  21. The University reserves the right to deny access to or remove, without prior notice, any technical resource (computers, software, network devices, etc.) that it deems a security or network risk.
  22. Nazareth University employees are responsible for all equipment assigned to them.  Employees may not loan or transfer equipment to others without first notifying Information Technology Services.
 

2.       Web Access Policy

Nazareth University Information Technology Services reserves the right to restrict access to certain web sites or web resources, for example::

  • If access to certain sites or resources is expected to create a substantial load (excessive bandwidth usage) on the institution's internal network or Internet access conduit, and the resource that is being accessed has limited educational benefit, the University may restrict access to the website or resource. Examples of this kind of site are high volume music download sites, and personal videoconferencing or voice communications.
  • Access may be restricted if the Internet site or resource requires that special ports be opened in the institution's firewall, thereby creating added security risks for unauthorized intrusions. Again, this is for sites or resources that have limited educational benefit. Examples of this kind of site are some highly interactive computer games.
 

3.       Warranty Policy

It is your responsibility to ensure that you have a warranty service provision for your personally-owned or third-party-owned computer or mobile device. Nazareth employees will not be in a position to service your personally-owned or third-party-owned computer or mobile device or install devices/software for you.

4.       Virus Protection Policy

Information Technology Services requires that ALL computers brought to campus have anti-virus/anti-malware software installed and that you regularly update the software.. A subscription may be required to keep your software updated. Information Technology Services reserves the right to disconnect any computer from the campus network if it is found to be infected with a computer virus. The University's current standard for anti-virus software is Symantec Endpoint, but other industry-standard packages are also acceptable.

 

Version:                    2.1

Approval Date:        May 6, 2022

Effective Date:        May 6, 2022

Approval Authority:    Vice President for Finance and Administration

 

Policies and procedures are subject to review and may be modified at any time.  Policies and procedures will be periodically, formally reviewed by the Information Technology Services Management Team.  Final approval for any changes to this policy will come from the Chief Information Officer and the Vice President for Finance and Administration.

Details

Details

Article ID: 134743
Created
Mon 7/26/21 1:45 PM
Modified
Sun 5/12/24 2:54 PM