Applies to:	Original Policy Date:	Date of Last Review:	Approved By:
University staff, faculty, visiting faculty, students, alumni, contractors, volunteers, guests or agents of the administration, and external individuals and organizations accessing network services.	January 1, 2018	September 20, 2023 February 16, 2022	Ryan Petersen

Policy Owner: Office of Information Technology

Policy Purpose

This policy is designed to outline user responsibilities regarding their use of University Information Technology resources and services to protect the University from electronic and legal harm resulting from improper access and use.

Policy Scope

This policy includes, but is not limited to, University faculty, visiting faculty, staff, students, alumni, contractors, volunteers, guests or agents of the administration, and external individuals and organizations accessing network and computing University resources and services. This includes non-University devices accessing University resources and services.

Policy Statement

Users who connect to the University’s network or computing resources must abide by the acceptable use policy described here. The use of the University’s Information Technology resources and services is a privilege, which may be revoked if users fail to comply with these policies.

Responsibilities

User Responsibilities

Users of University resources and services have the following responsibilities:

• Ensure their account or password is properly used and is not transferred to or used by another individual.
• Log off from a device after completing access at any location where the devices may have multiple users.
• Abide by all applicable laws set forth by Federal, State, and Local governments.
• Protect personal privacy and access to all sensitive data. Keep sensitive data behind password protection and encryption while in transit or storage.
• Report the loss or theft of any device containing sensitive data.
• Keep computing devices current with security software and updates.
• Limit the use of technology resources to academic, research, and University business.
• Take responsibility for any traffic that appears on the University network originating from the user’s device(s).
• Follow all applicable University policies relating to the use of Information Technology resources.

Unacceptable Uses of Information Technology

The following activities are prohibited:

• Engaging in malicious actions against other users, computers, networked devices, or networks, whether local to the University or elsewhere, using the resources provided by the University. These resources include, but are not limited to, any network connectivity, computer services, or any other information service provided by the University.
• Violating the privacy of others.
• Sharing passwords.
• Abusing campus computing and network resources.
• Using University resources to disseminate defamatory, discriminatory, abusive, threatening, obscene, or otherwise offensive materials, messages, or media.
• Installing devices and services that interfere with University-supplied devices and services. These servers and services include, but are not limited to, DNS servers, DHCP servers, wireless access points, routers, FTP servers, private campus sub-networks, and IP addresses.
• Tampering with or monitoring communications not intended for the end user.
• Tampering with physical campus network devices, computing devices, or cabling.
• Forging communications to appear to come from someone else.
• Monetizing University network and computing resources including, but not limited to, ecommerce services and cryptocurrency mining.
• Reselling network services.
• Attempt to avoid user authentication or security of resources and services.

Enforcement

Suspension/Termination/Block

Suspension: The University reserves the right to suspend an account and/or network access that is suspected of being involved in a violation of the Acceptable Use Policy.

Termination: Faculty and Staff accounts are disabled upon separation from the University. Student accounts are periodically converted to a limited access account or removed when no longer an active student. Guest accounts are disabled when no longer affiliated with the University.

Block: The University reserves the right to block network access that is suspected of being involved in a violation of the Acceptable Use Policy.

Policy Violations

Employees found to have violated this policy will be subject to disciplinary action based on the nature of the offense, up to and including termination of employment.

Students and guests that are found to have violated this policy will be subject to disciplinary action based on the nature of the offense, including but not limited to, loss of network and computing access, and any other action the University administration deems appropriate.