Computer Acceptable Use Policy and Policy on Information Technology Resources
Faculty, students, and
staff at Millikin University routinely use University-owned computers,
software, networks, and computerized information. This technology is
used to further University-related research and educational activities.
In addition, some individuals may have special administrative or
technical responsibility for a computer, network, or database.
This policy document is
an introduction to the issues of legitimate use, information security,
and privacy that arise in the use of computers, software, and electronic
information. These policies strive to balance the individual’s ability
to benefit fully from these resources and the University’s
responsibility to maintain a secure and reasonably allocated computing,
information technology, and networked environment.
The University’s Responsibilities
The University owns most
of the computers and the entire internal computer networks used on
campus. The University also has various rights to the software and
information contained on, developed on, or licensed for these computers
and networks. The University has the responsibility to administer,
protect, and monitor this aggregation of computers, software, and
Specifically, the purposes of the University’s information technology management are to:
and support reasonable standards of security for electronic information
that community members produce, use, or distribute, and protect the
privacy and accuracy of administrative information that the University
2. Protect University computers, networks and information from destruction, tampering, and unauthorized inspection and use.
that information technology resources are used to support activities
connected with instruction, research, and administration.
the limits of privacy that can be expected in the use of networked
computer resources and preserve freedom of expression over this medium
without countenancing abusive or unlawful activities.
that University computer systems do not lose important information
because of hardware, software, or administrative failures or breakdowns.
To achieve this objective, authorized systems or technical managers may
occasionally need to examine the contents of particular files to
diagnose or solve problems.
University policies and individuals’ responsibilities systematically
and regularly in a variety of formats to all parts of the University
7. Monitor policies and propose changes in policy as events or technology warrant.
computing resources so that members of the University community benefit
equitably from their use. To achieve this, authorized staff may
occasionally need to restrict inequitable computer use, including shared
systems or the network. For example, the University reserves the right
to restrict users from using any program that is unduly
policies by restricting access in case of serious violations. For
example, in appropriate circumstances, authorized systems administrators
may find it necessary to lock a user’s account. In such circumstances,
if there is not a resolution within 24 hours, the systems administrator
or the user should refer the matter to the appropriate official for
follow-up and resolution. (See section on Sanctions for more details.)
The Individual’s Responsibilities
supports networked information resources to further its mission of
research and instruction and to foster a community of shared inquiry.
All members of the University community must be cognizant of the rules
and conventions that make these resources secure and efficient. It is
the responsibility of each member of the University community to:
the right of others to be free from harassment or intimidation to
the same extent that this right is recognized in the use of other media
copyright and other intellectual-property rights. Unauthorized copying
of files or passwords belonging to others or to the University may
constitute plagiarism or theft. Modifying files without authorization
(including altering information, introducing computer viruses or Trojan
horses, or damaging files) is unethical, may be illegal, and may lead to
secure passwords. Users should establish appropriate passwords in the
first instance, change them occasionally, and not share them with
resources efficiently. Accept limitations or restrictions on computing
resources — such as storage space, time limits, or amount of resources
consumed — when asked to do so by systems administrators.
the limitations to privacy afforded by electronic services. Users have a
right to expect that what they create, store, and send will be seen
only by those to whom permission is given. Users must know, however,
that the security of electronic files on shared systems and networks is
not inviolable—most people respect the security and privacy protocols,
but a determined person can breach them. Users must also note that, as
part of their responsibilities, systems or technical managers may
occasionally need to diagnose or solve problems by examining the
contents of particular files.
to use software and information files correctly. Users should maintain
and archive backup copies of important work. Users are responsible for
backing up their own files. They should not assume that files on shared
machines are backed up. If users choose to participate in a backup
service, they should become familiar with the schedules and procedures
of that service. They also should learn to use properly the features for
securing or sharing access to their files.
by security restrictions on all systems and information to which access
is permitted. Users should not attempt to evade, disable, or “crack”
passwords or other security provisions; these activities threaten the
work of others and are grounds for immediate suspension or termination
of privileges and possible, additional sanctions.
computers which are connected to the network are required to have an
update anti-virus program installed. If any student-owned computer
becomes a security or virus threat to the network, Information
Technology has the right to restrict its access to the network,
including file sharing or student-operated services in residences.
extends these principles and guidelines to systems outside the
University that are accessed via the University’s facilities (e.g.,
electronic mail or remote logins using the University’s Internet
connections). Network or computing providers outside Millikin University
may also impose their own conditions of appropriate use, for which
users at this University are responsible for following.
Individuals or groups
who act in a manner contrary to existing policy and accepted standards
for computer use are subject to the sanctions and disciplinary measures
normally applied to misconduct or lawbreaking. Computing policy
violations are handled by established University channels. In the first
instance, such matters will be addressed by the appropriate computing
administrators. Whenever it becomes necessary to enforce University
rules or policies, an authorized administrator may prohibit network
connections by certain computers (even departmental and personal ones);
require adequate identification of computers and users on the network;
undertake audits of software or information on shared systems where
policy violations are suspected; take steps to secure compromised
computers that are connected to the network; or deny access to
computers, the network, and institutional software and databases. Users
are expected to cooperate with investigations either of technical
problems or of possible unauthorized or irresponsible use as defined in
these guidelines; failure to do so may be grounds for suspension or
termination of access privileges.
If the infringement is
not settled in discussion with the computing administrator, a matter
involving students will be referred to the Dean of Student Development; a
matter involving faculty will be referred to the department chair or
dean; and a matter involving staff will be referred to the immediate
supervisor, the manager of the unit, or an official in Human Resources.
In addition, certain kinds of abuse may entail civil or criminal action
Examples of Misuse
The following list, while not exhaustive, characterizes unacceptable behavior which may be subject to disciplinary action:
· Use of any University facility in a manner that violates copyrights, patent protections, or license agreements.
to gain unauthorized access to any information facility, whether
successful or not. This includes running programs that attempt to
calculate or guess passwords, or that are designed and crafted to trick
other users into disclosing their passwords. It also includes electronic
eavesdropping on communications facilities.
· Any violation of state or federal law.
action that invades the privacy of individuals or entities that are the
creators, authors, users, or subjects of information resources.
· Using electronic mail, talk or other programs as pranks or in a threatening, obscene, or harassing manner.
the identity of an account or machine or in any manner misrepresenting
your identity in an email or other electronic communication.
chain letters or sending advertisements, solicitations, or mass
mailings to individuals who have not agreed to be contacted in this
· Posting on electronic bulletin boards materials that violate existing laws or the University’s codes of conduct.
· Using the campus network to gain unauthorized access to any computer systems.
· Knowingly performing an act which will interfere with the normal operation of computers, terminals, peripherals, or networks.
running or installing on any computer system or network, or giving to
another user, a program intended to damage or to place excessive load on
a computer system or network. This includes but is not limited to
programs known as computer viruses, Trojan horses, and worms.
· Attempting to circumvent data protection schemes or uncover security loopholes.
to monitor or tamper with another user’s electronic communications, or
reading, copying, changing, or deleting another user’s
· files or software without the explicit agreement of the owner.
of network resources (computers, software, networks, printers,
plotters, scanners, etc.) or your account for commercial purposes.
the electronic bulletin board system for promotion of a personal, for
profit, businessUsing the announcements listserv for discussions or
Activities will not be
considered misuse when authorized by appropriate University officials
for security or performance testing.
relating to the computer security policy should be directed to
the Information Technology Department (217-362-6488).