Approved: February 2, 2001
Last Reviewed: 08/30/2011
Last Modified: 08/30/2011
Responsible Office: Information Technology Services
Purpose
Santa Fe College has made a significant investment in the information technology infrastructure to support its mission in teaching, learning and administration. To that end, this policy aims to promote the following goals:
- To ensure that IT resources are used for their intended purposes;
- To ensure that the use of IT resources is consistent with the principles and values that govern use of other college facilities and services;
- To ensure the integrity, reliability, availability and performance of IT systems; and
- To establish processes for addressing policy violations and sanctions for violators
Scope
This policy applies to all students, employees, volunteers, temporary workers, guests and other workers at SF, including personnel affiliated with third parties, who use IT resources owned or leased by SF and whether from on campus or from a remote location. Other policies may govern IT resources managed by different departments of the College.
Policy
Statement Access to college IT resources is a privilege that is granted by SF and subject to certain rules, regulations and restrictions. Such access carries with it legal and ethical responsibilities and should reflect the honesty and discipline appropriate for our community of shared IT resources. Appropriate and ethical use demonstrates respect for intellectual property, ownership of data, system security mechanisms and individuals’ right to privacy and to freedom from intimidation or harassment.
General Requirements
- You are responsible for exercising good judgment regarding appropriate use of SF IT resources in accordance with Federal and state laws and SF policies, standards and guidelines.
- For security, compliance and maintenance purposes, authorized personnel may monitor and audit equipment, systems and network traffic per the IT Security, Privacy and Audit Statement. Devices that interfere with other devices or users on the SF networks may be disconnected. Information Technology Services (ITS) prohibits actively blocking authorized audit scans.
- You should be considerate when using shared IT resources. Although there are no set limits on bandwidth, disk space or CPU time applicable to all IT resources, users may be required to limit or refrain from specific uses if such use interferes with the efficient operation of IT resources.
User Accounts
- You are responsible for the security of data and systems under your control. Keep passwords secure and do not share account or password information with anyone, including other students, personnel, family or friends.
- You must maintain passwords in accordance with the Password Policy and Guidelines.
- You must ensure that
college-protected information, as defined in the Guidelines for Safeguarding Restricted Data, remains within the control of SF at all times. Conducting SF business that results in the storage of protected information on personal ornon-SF controlled systems, including devices maintained by a third party with whom SF does not have a contractual agreement, is prohibited. This specifically prohibits the use of an email account that is not provided by SF.
Information Technology Resources
- You are responsible for ensuring the protection of assigned SF resources.
- You must not use IT resources to gain unauthorized access to remote computers or to impair or damage the operations of SF computers, networks and online services.
- You must not interfere with College device management or security system software.
- You should contact ITS before purchasing hardware or software that connects to or runs on SF computers or networks.
- You must not use IT resources for personal financial gain. Occasional personal use of SF IT resources for purposes other than commercial or financial gain is permitted when it does not consume a significant amount of IT resources, does not interfere with college business or with the performance of a user’s job, and is otherwise in compliance with this policy.
Network Use
You are responsible for the security and appropriate use of SF network resources under your control. Using SF resources for the following is strictly prohibited:
- Causing security breach to SCF network resources, including but not limited to, accessing data, servers or accounts to which you are not authorized, circumventing user authentication on any device, or sniffing network traffic.
- Causing a disruption of services to SF network resources, including but not limited to, packet spoofing and denial of service, heap or buffer overflows and forged routing information for malicious purposes.
- Violating copyright law, including but not limited to, illegally duplicating or transmitting copyrighted pictures, music, video, software and learning resource materials.
- Use of the Internet or SF networks that violates Federal or State laws, or college policies, including but not limited to, laws of defamation, privacy, sexual harassment, obscenity and child pornography.
- Intentionally introducing malicious code, including but not limited to, viruses, worms, Trojan horses, spyware, adware and keyloggers.
- Port scanning or security scanning on a production networks unless authorized by Information Technology Services.
- Disabling or bypassing college authorized security measures, such as local firewalls, virus checking software,
web-site restrictions, etc.
Electronic Communications
The following is strictly prohibited:
- Inappropriate use of the communication equipment and services, including but not limited to, supporting illegal activities, and procuring or transmitting material that violates SF policies against harassment or the safeguarding of confidential or protected information.
- Sending Spam via email, text messaging, instant messaging, voice mail or other forms of electronic communications.
- Forging, misrepresenting, obscuring, suppressing or replacing a user identity on any electronic communication to mislead the recipient about the sender.
- Posting the same or similar
non-college-related messages to large numbers of Usenet groups (news group spam) - Use of SF email or IP address to engage in conduct that violates SF policies or guidelines. Posting to a public newsgroup, bulletin board, or listserv with a SF email or IP address represents SF to the public; therefore, you must exercise good judgment to avoid misrepresenting or exceeding your authority in representing the opinion of the College.
Enforcement
The college considers any violation of this policy to be a serious offense. Violators may be subject to disciplinary action, up to and including suspension from school and termination of employment. A violation of this policy by a temporary worker, contractor or vendor may result in the termination of their contract or assignment with SF.
Authority
This policy has been created by Information Technology Services by the authority described in the Santa Fe College Information Security Policy and shall be complied with as though it were part of the IS Policy document.
History
02/02/2001 – Approved
10/12/2004 – Revised
09/24/2009 – Major revision
12/12/2010 – Revised
08/30/2011 – Revised
Information Technology Policies v20110830