Information Resources are strategic assets of Saint Xavier University that must be managed as valuable University resources. Accordingly, this policy is established to protect University students, staff, faculty, partners and the University from illegal or damaging actions by individuals, either knowingly or unknowingly.
Acceptable Use is an application of the core values of the University: respect, excellence, compassion, service, hospitality, integrity, diversity and learning for life.
Purpose
The purpose of this policy is to outline the acceptable use of computer equipment at the University. These rules are in place to protect the employee and the University. Inappropriate use exposes the University to risks including virus attacks, compromise of network systems and services, and legal issues.
Scope
The Acceptable Use Policy applies to all information resources owned, leased, administered or otherwise under the custody and control of the University.
Audience
The Acceptable Use Policy applies equally to all individuals granted access privileges to any Saint Xavier University information resource.
Ownership of Electronic Files
Electronic files created, sent, received or stored on information resources owned, leased, administered or otherwise under the custody and control of Saint Xavier University are the property of the University.
Privacy of Electronic Files
Electronic files created, sent, received or stored on information resources owned, leased, administered or otherwise under the custody and control of the University are not private and may be accessed by University IT employees at any time without knowledge of the Information Resources user or owner.
Acceptable Use Policy
- Users must report any weaknesses in University computer security, any incidents of possible misuse or violation of this agreement by contacting the appropriate management by emailing SecureIT@sxu.edu.
- Users must not attempt to access any data or programs contained on University systems for which they do not have authorization or explicit consent.
- Users must not share their University account(s), passwords, personal identification numbers (PIN), ID cards or similar information or devices used for identification and authorization purposes. Users must not make unauthorized copies of copyrighted software.
- Users must not use non-standard shareware or freeware software without University Information Resources and Technologies management approval unless it is on the University standard software list.
- Users must not purposely engage in activity that may: harass, threaten or abuse others; degrade the performance of Information Resources; deprive an authorized University user access to a University resource; obtain extra resources beyond those allocated; or circumvent University computer security measures.
- Users must not download, install or run security programs or utilities that reveal or exploit weaknesses in the security of a system. For example, University users must not run password cracking programs, packet sniffers or port scanners or any other non-approved programs on University Information Resources.
- University Information Resources must not be used for personal benefit.
- Users must not intentionally access, create, store or transmit material which University may deem to be offensive, indecent or obscene (other than in the course of academic research where this aspect of the research has the explicit approval of the University official processes for dealing with academic ethical issues).
- Users must use extreme caution when opening email attachments received from unknown senders, which may contain viruses, email bombs or malicious malware.
- All PCs, laptops and workstations must be shut down, locked, logged off of and put to sleep before being left unattended and must require a password to start up or wake-up. (To lock, use <ctrl> <alt> <delete> or <Windows>, <L> on a PC; Apple menu or power button on a Mac.)
- Users must not otherwise engage in acts against the aims and purposes of the University as specified in its governing documents or in rules, regulations and procedures adopted from time to time.
Incidental Use Guidelines
As a convenience to the University user community, incidental use of Information Resources is permitted. The following restrictions apply:
- Incidental personal use of electronic mail, internet access, fax machines, printers, copiers, etc., is restricted to University approved users; it does not extend to family members or other acquaintances.
- Incidental use must not result in direct costs to the University.
- Incidental use must not interfere with the normal performance of an employee's work duties.
- No files or documents may be sent or received that may cause legal action against or embarrassment to the University.
- Storage of personal email messages, voice messages, files and documents within University's Information Resources must be nominal.
- All messages, files and documents -- including personal messages, files and documents -- located on University Information Resources are owned by the University, may be subject to open records requests and may be accessed in accordance with this policy.
Violations
Violation of this policy may result in disciplinary action which may include termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers; or suspension or expulsion in the case of a student. Additionally, individuals are subject to loss of University Information Resources access privileges, civil and criminal prosecution.
Contact
Direct comments and questions to Information Technology by email to SecureIT@sxu.edu.
Information Resources (IR)
Any and all computer printouts, online display devices, magnetic storage media and all computer-related activities involving any device capable of receiving email, browsing websites or otherwise capable of receiving, storing, managing or transmitting electronic data including, but not limited to, mainframes, servers, personal computers, notebook computers, hand-held computers, personal digital assistant (PDA), pagers, distributed processing systems, network attached and computer controlled medical and laboratory equipment (i.e. embedded technology), telecommunication resources, network environments, telephones, fax machines, printers and services. Additionally, it is the procedures, equipment, facilities, software and data that are designed, built, operated and maintained to create, collect, record, process, store, retrieve, display and transmit information.
