Responsible Information and Technology Use Policy

 
 
Document Number:
ITS-0001
Revision #:
v1.0
Document Owner:
Information Technology Service
Date Last Updated:
10/2/2019
Status:
Approved

General Description

Purpose:

Trinity University’s computer systems, network, and data are vital to operations. The hardware, software, and data that constitute the University’s information and technology resources are vital to the operation of the university and the fulfillment of its mission. All members of the Trinity University community who use the University's information and technology resources must use them in an ethical, responsible, and legal manner.  The Responsible Information and Technology Use Policy addresses this responsibility.

Scope:

The Responsible Information and Technology Use Policy applies to the Trinity University community (hereafter, the University community) using Trinity University’s computer systems, networks, and data systems.  The University community includes faculty and staff members, students, alumni, guests, and contractors. 

Exceptions:

None.
Policy Content
Data, software, network capacity, and computers systems have value and must be treated accordingly.  Use of IT systems that are shared by many users imposes certain additional obligations.  Each member of the University community is personally responsible for their use of these information and technology resources. 

Legitimate use of data, software, computers or network systems does not extend to whatever an individual is capable of doing with it. Although some rules may be built into the system itself, these restrictions cannot limit completely what an individual can do or can see. In any event, each member of the community is responsible for his/her actions whether or not rules are built in, and whether or not they can be circumvented.  An attempt to engage in a prohibited activity is considered a violation whether the attempt is successful or not.

Systems using excessive amounts of bandwidth, causing network disruption or are deemed to be a security and/or privacy risk may be taken off the network or be otherwise limited without warning. Information Technology Services may employ automated systems that partition or restrict network bandwidth, protocols, or access either internally or at the Internet gateway. The University does not monitor or generally restrict the content of material transported across the University's networks or stored on University-owned computers. The University reserves the right to remove or limit access to material posted on University-owned or administered systems or networks when University policies, contractual obligations, or state or federal laws are violated. Further information is available in the TUNetwork Use Policy.

The University provides computers, software, and network equipment for use by the University community. The University retains ownership and reserves the right to add, remove, upgrade and replace hardware and software on those systems as deemed necessary by Information Technology Resources.

Members of the University community are expected to follow certain principles of behavior in making use of data, computers, and network systems.  Members of the  University community must:
Members of the University community are expected to respect restrictions on authorized access to network information and resources.  Members of the University community must not:
Members of the University community are expected to use systems for authorized purposes only.  Members of the University community must not:
Members of the University community are expected to treat all information and technology resources with care and are expected to utilize all resources in ways that respect other users. Members of the University community may not:
Employees are provided computing, networking and information resources as tools to be utilized in the support of University's mission. Employees assume responsibility for appropriate usage and are responsible for exercising good judgment regarding the reasonableness of personal use. Personal use is defined as use that is not job related. In general, incidental and occasional personal use of the University’s computing systems, including the Internet, is permitted as long as the personal use does not interfere with the employee’s normal work duties, productivity, or work performance and does not adversely affect the efficient operation of the University’s systems and networks. Individuals are expected to be careful, honest, responsible, and civil in the use of computers and networks. Employees must respect the rights of others, respect the integrity of the systems and related resources, and use these resources in strict compliance with the law, university policies, and contractual obligations.

Using IT resources in the work environment in a manner that results in inappropriate conduct will be addressed as an employee performance issue, even if such conduct does not rise to the level of a university policy violation. Any use of university computers and networks by employees that is inappropriate (such as conducting personal business) to the workplace, or otherwise contributes to creating a harassing or uncomfortable workplace, or creates a legal risk, will subject the employee to counseling, formal disciplinary action and/or termination. Such performance concerns should be directed to the supervisor or the unit Human Resources representative. 
Performance Evaluation

Consequences of Policy Violation:

Enforcement
To ensure adherence to the Information and Technology Responsible Use Policy and to protect the integrity of University resources, Trinity University reserves the right to monitor the network and computers attached to it. In addition, Trinity University shall have the authority to examine files and account information, and to test passwords, to protect the security of the University’s information, network, computing resources and its users.

Any behavior in violation of this policy is cause for disciplinary action. Violations will be adjudicated, as appropriate, by the CIO, the Office of the Dean of Students, the Office of Housing and Residential Life, and/or the Office of Human Resources. Sanctions as a result of violations of this policy may result in, but are not limited to, any or all of the following:
  • Attending a class or meeting on responsible use issues, as well as successful completion of a follow up quiz;
  • Loss of University computing, e-mail and/or voice mail privileges;
  • Disconnection from the residential hall network;
  • University judicial sanctions as prescribed by the student Code of Conduct;
  • Monetary reimbursement to the University or other appropriate sources;
  • Reassignment or removal from University housing and/or suspension or expulsion from the University;
  • Prosecution under applicable civil or criminal laws.

Reporting Violations

Reports of problems or violations should be made through the Campus Conduct Hotline, which is a confidential, anonymous way to alert administrators of unsafe or unethical behavior. Phone (866) 943-5787 or email cch@eiia.org. Further information can be found at http://www.campusconduct.com.
Requirements

Approvals:

  • Chief Information Officer

Terms and Definitions:

Term:

Definition:

Denial-of-Service Attack (DoS)
An act initiated by a person or people using any electronic means to cause computer resources to become unavailable to its intended users for any length of time.
Information and Technology Resources
The full set of information technology devices (telephones, personal computers, printers, servers, networking devices, etc.) involved in the processing, storage, accessing, and transmission of information owned by, controlled by, or contracted to Trinity University. Connection of these devices can be permanent, via cable, or temporary, through telephone or other communications links. The transmission medium can be physical (e.g., fiber optic cable via Fiber To The X, FTTX) or wireless (e.g.. satellite, wi-fi, Wi-Max).
Phishing
The process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Sniffing
Employing a program that monitors and analyzes network traffic, to capture data being transmitted on a network.
Spamming
The process of sending unauthorized bulk messages.
University Community
Includes faculty and staff members, students, alumni, guests, and contractors.   
Related Documents
Revision Management

Revision History Log:

Revision #:

Date:

Recorded By:

v1.0
8/13/2019 5:07 PM
Courtney Cunningham