|
Use
Of Computers and Data Communications
I. PURPOSE
The University
provides computer access and capabilities through the Office of
the Chief Information Officer and various College and department
computer systems. The University relies heavily upon these systems
to meet operational, financial, educational and informational
needs. It is essential that these systems and machines be protected
from misuse and unauthorized access. It is also essential that
WCU's computers, computer systems, and computer networks, as well
as the data they store and process, be operated and maintained
in a secure environment and in a responsible manner.
This policy applies
to all University computer systems and refers to all hardware, data,
software and communications networks associated with these computers.
In particular, this policy covers computers ranging from multi-user
timesharing systems to single user personal computers, whether free-standing
or connected to the network.
In addition
to this computer policy, users of these computer systems are subject
to applicable state and federal laws. Computer abuse will be referred
to the Chief Information Officer and/or college or department
computer network and laboratory managers. Abuse involving theft
or vandalism will also be reported to the Director of University
Police.
Computing resources
are valuable, and their abuse can have a far-reaching negative impact.
Computer abuse affects everyone who uses computing facilities. The
same moral and ethical behavior that applies in the non-computing
environment applies in the
computing environment.
II. DEFINITION
OF TERMS
A. Computer
Systems
Computer systems
include any personal computer (stand-alone or networked), workstation,
mini-computer or mainframe computer used on this campus or accessible
by way of networks at other locations.
B. Computer
Networks
Computer networks
include any local or wide area communications systems connecting
above defined computer systems.
C. Network
Backbone
Network backbone
consists of the primary communications media which connect small
networks and individual terminals, personal computers, workstations,
etc., to other devices.
D. Local Area
Networking Media
Local area
networking media may consist of copper wire, fiber optic cable,
thin or thick wire cable which is used to connect one terminal,
personal computer, workstation, etc., to another or to network interface
equipment.
III. COMMON
FORMS OF COMPUTER ABUSE
Misuse or abuse
of computers, computer systems, computer networks, programs, and data
are prohibited. The following topics are considered areas of abuse:
A. PRIVACY
VS. OPEN RECORDS
Investigating
or reading another user's files is considered the same as reading
papers on someone's desk - a violation of that person's privacy.
Reading protected files without authorization, by whatever mechanism,
is a criminal violation.
Western Carolina
University reserves the right to examine files, programs, passwords,
accounting information, printouts, or other computing material without
notice for the purpose of investigating possible abuses of this
policy. No accurately addressed and delivered electronic mail will
be read by system personnel without the user's consent except in
those situations that are explicitly delineated as exceptions in
the Electronic Communications Privacy Act ("18 U.S.C. 2510,et.
seq.").
Violations
include, but are not limited to:
- attempting
to access another user's computer files without permission;
- supplying
or attempting to supply false or misleading information or identification
in order to access another user's account;
- deliberate,
unauthorized attempts to access or use University computers, computer
facilities, networks, systems, programs or data;
- the unauthorized
manipulation of WCU's computer systems, programs or data.
- the unauthorized
capturing of computer network data directly from network backbone
or local area networking media.
B. THEFT
Theft includes
the stealing of any property of the institution or the State of
North Carolina. Violations include, but are not
limited to:
- unauthorized
use of university computing resources, including the use of E-mail
or Internet communications, for personal gain or personal purposes;
- using subterfuge
to avoid being charged for the use of computer resources;
- deliberate,
unauthorized use of another user's account to avoid being billed
for the computer usage;
- abusing specific
computer resources such as the INTERNET;
- attempting
unauthorized access to computers outside the University using
the University's computers or communications facilities;
- removing
any computer equipment (hardware, software, data, etc.) without
written authorization;
- copying,
or attempting to copy, data or software without proper authorization.
C. VANDALISM
Any user's
account, as well as the operating system itself, is a possible target
for vandalism. Attempted or detected alteration of user system software,
data or other files, as well as equipment or resources disruption
or destruction, is considered vandalism. Violations include, but
are not limited to:
- sending
either mail or a program which will replicate itself or do damage
to another user's account;
- tampering
with or obstructing the operation of the University's computer
systems (for example, attempting to "crash" the system);
- inspecting,
modifying, or distributing data or software without proper authorization
or attempting to do so;
- attempting
to interfere with the performance of the system;
- damaging
computer hardware or software.
D. COPYRIGHT
ISSUES
The University
owns licenses to a number of proprietary programs. Users who redistribute
software from the computing systems break agreements with its software
suppliers, as well as applicable federal copyright, patent and trade
secret laws. Copyright protection also applies to many resources
found on the Internet, including but not limited to, images, audio
and video files, and electronic versions of print materials.
Therefore,
the redistribution of any software or other copyrighted materials
from computing systems is strictly prohibited except in the case
of software that is clearly marked as being in the public domain.
Violations include, but are not limited to:
- copying,
transmitting, or disclosing data, software or documentation without
proper authorization, or attempting to do so.
E. HARASSMENT
Harassment
of other users may be the sending of unwanted messages or files.
Violations include, but are not limited to:
- interfering
with the legitimate work of another user, to include sending of
chain mail or other non-university related messages;
- the sending
of abusive or obscene messages via computers;
- the use of
computer resources to engage in abuse of computer personnel or
other users.
F. MISCELLANEOUS
Other uses
commonly considered unethical include, but are not limited to, the
following:
- unauthorized
and time consuming recreational game playing;
- using computer
accounts for work not authorized for that account;
- sending chain
letters or unauthorized mass mailings;
- using the
computer for personal profit, the private benefit of other individuals
or organizations, or for other illegal purposes;
- personal
advertisements.
IV. COMPUTER
USAGE GUIDELINES
A. Users may
not engage in any of the common forms of computer abuse listed above.
B. Users are
to have valid, authorized accounts and may only use those computer
resources that are specifically authorized. Users may only use their
account in accordance with its authorized purpose. Users are responsible
for safeguarding their own computer account. Users should not let
another person use their account unless authorized by the system
administrator for a specific purpose. Passwords should be changed
often to ensure that private and secure files are kept secure.
C. Users may
not change, copy, delete, read, or otherwise access files or software
without permission of the custodian of the files or the system administrator.
Users may not bypass accounting or security mechanisms to circumvent
data protection schemes. Users may not attempt to modify software
except when intended to be user customized.
D. Users may
neither prevent others from accessing the system nor unreasonably
slow down the system by deliberately running wasteful jobs, playing
games, engaging in non-productive or idle chatting, or sending mass
mailings or chain letters.
E. Users shall
assume that any software or file they did not create is copyrighted.
They may neither distribute copyrighted proprietary material without
the written consent of the copyright holder nor violate copyright
or patent laws concerning
computer software, documentation or other tangible assets.
F. Users must
not use the computer systems to violate any rules in the University
Staff Handbook, Faculty and Student Handbooks, or any local, state
or federal laws.
G. A user shall
disclose to the appropriate authorities misuses of computing resources
or potential loopholes in computer systems security and cooperate
with the systems administrator in the investigation of abuses.
In connection
with inquiries into possible abuses, the University reserves
the right to examine files, programs, passwords, accounting
information, printouts, or other computing material without
notice. Only the Chief Information Officer may authorize examinations.
Whenever such an examination is conducted, the examiner will
maintain an inventory of all items examined.
V. PENALTIES
Abuse or misuse
of computing services may not only be a violation of this policy or
user responsibility, but it may also violate the criminal statutes.
Therefore, the University will take appropriate action in response
to user abuse or misuse of computing services. Action may include,
but not necessarily be limited to: suspension or revocation of computing
privileges. Access to all computing facilities and systems can, may,
or will be denied; reimbursement to the University for resources consumed;
other legal action including action to recover damages; referral to
law enforcement authorities; computer users (faculty, staff and/or
students) will be referred to the appropriate office for disciplinary
action. Students will be referred to the Office of the Vice Chancellor
for Student Affairs.
VI. DISTRIBUTION
OF THIS POLICY
The University
will insure that all users are aware of the policy by publishing it
in appropriate media designed to reach all faculty, staff and students.
Formerly Executive
Memorandum 94-109
Initially approved December 12, 1994
Revised December 20, 2002
Administering office: Office of the Chief Information Officer
Posted
June 08, 1999
|
