4.6-1 INTERNET AND NETWORK RESOURCES ACCEPTABLE USE POLICY

Saginaw Valley State University (the University) has made a large investment in its Internet and data network resources (Network) because of its communication value and capacity to support the University mission. The University Information Technology Services (ITS) department manages the University-owned Network. The University encourages students, staff and faculty (Users) to exchange information using the Network while reserving the right to monitor, manage and control its use. This policy is based on common legal, ethical and professional standards. Adherence to this policy protects all Users and helps keep the University Network a safe and rewarding place to navigate.

Users must not violate this “Acceptable Use Policy” or local, state and federal laws while using the University’s Network or other networks or hosts used while being logged on to the University Network, or the acceptable use policies of those other networks.

Revised 12/2010

Contents

User Responsibilities

These responsibilities have been established to protect Users from fraud and to ensure a safe and harassment-free computing environment.

  1. Users are responsible for their use of the University Network and computer equipment, and for protecting their Username (userid) and password.
  2. Each User is issued a single Username (userid) and password that gives them access to the Network, email, VSpace, etc.
  3. Users are responsible to report unauthorized use of their Network Username (userid) to the Director or Executive Director of ITS. Using the Network without permission or failing to report unauthorized use can be a violation of federal and state law.
  4. Users are responsible for safeguarding their own and others' personal information. They should not enter or send personal information such as Usernames (userids), passwords, date of birth or social security number, driver’s license, credit card numbers or medical/health data in email, electronic meeting notices/appointments, attachments, chat rooms or instant messages (IM), or to unsecure websites.  They should not save or store such personal information on any electronic media or format including local hard drives or images without consulting with IT Services regarding security.
  5. Users are responsible for knowing the University's Harassment Policy. Employees see: SVSU Operations Manual. Students see: SVSU Student Handbook.
  6. Users are responsible for respecting copyright (see Copyright below).

 

General Regulations

Staff, faculty and students will respect the privacy and security of the University Network, other users, other entities, and the intended use of the Network. Individual units or departments may set up additional guidelines that go beyond, but do not take the place of, these regulations.

  1. Users must not:
    1. Use or attempt to use someone else’s Username (userid) and password,
    2. Give their own Username (userid) and password to anyone,
    3. Give another User’s Username (userid) and password to anyone else,
    4. Use their own Username (userid) and password to log someone else onto the University Network.
  2. Users must not download and/or install copyright protected software, videos, images, data, music or any other material from any source, including peer to peer and shareware networks, unless the User has (a) written permission from the author to use the material, (b) purchased the material from the product owner or a business with authorization to sell the copyrighted material, or (c) complied with the educators fair use guidelines of the Copyright Act of 1976 (see SVSU Copyright Policy or Copyright below).
  3. Users must not send unsolicited bulk mail messages (“junk” mail, “chain” messages or spam), forge emails, send mail that will intimidate or harass other Users, or use network server space in a way that interferes with the efficiency of the Network. Users must not send numerous repeated messages, transactions or emails to another user or site (“mail bombing” or “denial of service attack”).
  4. Users must not intentionally damage, alter or bypass software, hardware or Network components.
  5. Users must not use the University Network for political campaigns, revenue-generating advertising, promoting business not related to the University, or personal business.
  6. Users must not harass, threaten or intimidate other University or non-University Users. Users must comply with all University rules regarding harassment and discrimination.
  7. Users must not misrepresent their identity or relationship to the University when obtaining a University Username (userid) or other University Network services.
  8. Users must not search for information on, get copies of, or change files of passwords or security settings belonging to the University or other Users or entities.
  9. Users must not search for, use or distribute information on the Network architecture, hardware or software components, databases, computer equipment, security components, or security by-pass techniques of the University, or any other entity.
  10. Users must not use any University or personal computer equipment or device connected to the University Network to initiate, plan, produce, install or run programs that attempt to or successfully:
    a. bypass or disable any University Network security, registration, management system or device.
    b. bypass the encryption, licensing or delivery control of any licensed product in any form or media.
    c. damage or use excessive resources on the University Network or anywhere on the Internet.
    d. upload computer viruses, Trojan Horses, worms or a distributed “denial of service attack.”
  11. Users must not tie up the University Network with game playing or personal uses, or use hardware or software that results in overloading the University Network or outside Internet resources or services, by sending numerous Internet transactions, establishing numerous Internet connections or by any other method. This includes, without limitation, any peer-to-peer system such as bit-torrent or similar programs.
  12. Users must not connect a computer or any electronic device to the University Network unless it meets technical and security standards set by ITS (see Wireless Communications below).
  13. Users must not publish course content or course work in whole or in part, no matter what the medium, prepared by SVSU students, faculty or staff to web sites without the express written consent of the author. This includes, but is not limited to, comments, lecture notes, papers, audio, video and research.
  14. Users must not promote illegal activity or material that negatively affects the University, or distribute copyrighted, pornographic or licensed software or material.
  15. Users must use the University Network in a manner consistent with the University's instructional, public service, research and administrative mission. The University’s Network may not be used for personal business or personal gain except as permitted by other University policies or explicitly stated in University contracts. However, Users may create individual web pages that provide information related to their position at the University. These pages may contain information related to academic and professional interests only if they are consistent with University web policies (see Web Pages below).
  16. Users are responsible for safeguarding personal information that they must handle in the performance of employment.
    a.  Users must not enter or send personal information such as passwords, date of birth or social security number, driver's license, credit card numbers or medical/health data into email, electronic meeting notices/appointments, attachments, chat rooms or instant messages (IM), or unsecure websites.
    b.  Documents or files with personal information must not be transmitted across the internet without using encryption, secure vlans, etc.
    c.   Documents or files with personal information must be stored on network "M" or shared drives, not on "hard drives" or data storage media that is accessible without the users's password.

See Enforcement below to view the penalties for violating these rules.

^TOP

 

Security and Privacy

The University uses safety measures to protect the security of its network, computer systems and User accounts. However, Users should be aware that the University cannot guarantee security and confidentiality. Therefore, Users should exercise safe-computing practices by guarding their Network Username (userid), password and personal information.

  1. Users should be aware that their University messages (mainly those created, sent or received by faculty, staff or administrators in connection with University business) may be considered public records and may be disclosed to members of the public upon request.
  2. Users should be aware that their University address may be listed in University directories.
  3. Users should be aware that their University Network and computer system use is not private. The University does not regularly monitor individual use, but the normal operation, maintenance and fine-tuning of the University's Network require:
    a. the back-up and caching of all forms of data and Internet communications
    b. the logging of activity
    c. use patterns to be checked
    d. other actions necessary for the delivery of service
  4. Users should be aware that their University Network and computer activity, including the content of individual communications, may be monitored without notice when:
    a. the User has voluntarily made them available to the public by posting to a Usenet or a web page
    b. it is necessary to protect the reliability, security or operation of the University, its Network and computer systems, or to protect the University from liability
    c. there is concern that the User has violated or is violating this policy
    d. a User appears to be engaged in unusual or uncommonly excessive activity
    e. it is required by law.
  5. Users should be aware that the University may disclose the results of any general or individual monitoring, including the contents and records of individual communications, to the proper University staff or police agency, or use them in University disciplinary proceedings (see Enforcement below).

^TOP

 

Network Usernames (userids) and Email Accounts

University-approved policies for issuing, limiting or disabling Network Usernames (userids), email accounts, and Internet or computer system use are explained on the University ITS web site. Employees see: Employee Technology Access.  Students see: Student Technology Access.

  1. University students, faculty, staff and administrators are automatically issued a University Network Username (userid) and email account. Alumni and retirees may keep their email accounts as space permits.
  2. Each User is permitted only one account and prohibited from using another User’s account, unless the second User grants proxy access through each system (primarily email).
  3. The University reserves the right to limit the length of time emails can be saved in the email database. ITS can discard old email and email messages unopened 90 days after receipt once notice is given to Users. The Email Management Policy is listed on the University’s ITS web site. Employees see: Employee Email Management. Students see: Student Email Management.
  4. The University reserves the right to stop incoming mass mailings (spam) without informing the sender or intended recipient.
  5. The University reserves the right to regularly send out general information to Users through University email. In the future, email will be the main method used to communicate very important University information to Users, including financial aid awards and academic standing.
  6. Users are responsible for checking their University email and forwarding it to a personal account if they desire to save it.
  7. The University reserves the right to maintain lists of University email addresses. The lists are only used to distribute information to University Users and are not available or sold to any outside company.

^TOP



Web Pages & Content

The University owns and has exclusive rights to all web pages and content stored on or served from University servers or other electronic devices. This includes servers or devices owned or leased by, or contracted for, the University. The only exceptions are the personal web pages of faculty, staff, students and contracts clearly covering intellectual property rights.

  1. ITS is responsible for developing and refining University web page procedures and design standards, and training Users how to apply them. The University Communications Department provides standards for use of University logos, graphics and letterhead, and they may review pages for appropriate design and content.
  2. University departments, clubs and organizations are encouraged to develop web pages. The University will provide limited space for these web pages provided they follow published University web page design standards. These web sites can be maintained only by employees or students with valid Network Usernames (userids) and permission to have personal web page storage as defined in the University ITS Technology Access Policy. Employees see: Employee Technology Access. Students see:Student Technology Access.
  3. The University may provide limited space for faculty, staff, students, class projects and others to publish non-University web pages. Non-University web pages must follow all of the regulations listed in the University’s “Acceptable Use Policy.” Non-University web pages must follow University logo, graphics and letterhead standards but are not required to follow the web page design standards. All non-University web pages must have the following disclaimer in a font size equal to the majority of the text on the web page: “SVSU accepts no responsibility for the content of this page. Comments on this page should be directed to the page author.” Users should request space at the Support Center Help Desk. The requested space must be approved by the Executive Director of ITS or his/her designee.
  4. University web pages must not contain links to commercial web sites unless those companies are corporate sponsors or partners of the University. Links to non-commercial sites are permitted only if the content of those sites comply with the University’s “Acceptable Use Policy.” 
  5. Framing is a very powerful Internet technology, and the use of it must be carefully evaluated, especially when displaying the content from another web site. Many legal issues are still unsettled, and legal guidelines have not been established. Therefore, if you intend to use framing technology on your web site, you should evaluate its use and take the following precautions:
    a. do not frame a linked page within your web site’s advertising
    b. obtain permission to frame the content from another web site on your web site
    c.  be careful about using your URL in the address portion of the browser if the content that is being displayed is from another web site.1
  6. All University web page content blocks will be published to the live web site by the author without review unless explicitly required by the author's respective Vice President or Executive Director.
  7. The ITS Web Services Department reserves the right to make formatting changes to web pages without approval to maintain efficient operations of the web site; however, ITS will not change content.
  8. If ITS finds a security vulnerability in the web site of a Club, Organization, employee or student, ITS may take the site down without notice until the owner corrects the vulnerability.

    ^TOP

Wireless Communications

The University’s rules for the use of wireless routers in University housing and offices is outlined below.

  1. The University does not allow personally-owned routers or wireless access points to be installed on ResNet.  For more detailed information, see ResNet Devices Policy.
  2. An office may purchase a Wireless Access Point from an ITS list; however, the router must be installed and managed by University ITS Networking to ensure University business conducted on the network remains secure. 
  3. The University reserves the right to limit and change which models of routers and encryption standards meet its security standard without advance notification.

    ^TOP

 

Copyright

Copyright is a property right that protects persons who created original intellectual and artistic works (including songs, films and books). It legally guarantees that they should retain control over those materials for a set period of time and, if desired, financially benefit from their labor.

Using the University Network to copy, store, display or distribute copyrighted material (licensed software programs, data, images, music or any other materials) without the permission of the copyright owner, except as otherwise allowed under the U.S. Copyright Law, is prohibited. See these sites for additional information including fair use of copyrighted material:SVSU Copyright Policy

U.S. Copyright Office

Educators, Technology and the Law

The University of Texas Crash Course

Recording Industry Assoc. of America

Under the Digital Millennium Copyright Act, the University is obligated to take appropriate enforcement action if it receives a complaint that unauthorized copyrighted material is being published or downloaded on the University Network. 

To report online copyright infringement or violations, notify the University’s agent in accordance with the U.S. Online Copyright Infringement Liability Limitation Act. (This contact information is for communications under the Act only. Please do not send any other information to this address.)

Saginaw Valley State University
Vice President for Administration & Business Affairs
7400 Bay Road
University Center, MI  48710
Phone: (989) 964-4190
Fax: (989) 790-9221
jgm ( at ) svsu.edu


^TOP

 

Enforcement

Various methods are used to enforce the rules in this policy. University punishment can range from warnings to expulsion for students, and from warnings to termination for employees. If a User’s offense violates criminal law, fines and/or imprisonment may be imposed by the court system.

  1. The University may cancel all Internet and computer access (permanently close the Network Username [userid] and email account) of anyone using the University Network or computer system to violate the University’s Acceptable Use Policy” and, if justified, student academic discipline, employee administrative discipline, and/or referral to law enforcement agencies will occur.
  2. The University may temporarily suspend or restrict access to its Network services or computing equipment, independent of University disciplinary procedures, to protect (a) the University from potential liability and (b) the security or functionality of the Network.

^TOP

 

Reporting Violations

Report violations of the University’s Acceptable Use Policy with the department managing the computer equipment involved. Those managers should immediately inform the ITS Director or Executive Director of the violation. Depending upon the nature and severity of the violation, the ITS Director or Executive Director, or someone he/she chooses to act in his/her place, shall refer the matter for appropriate action. The recommended punishment may include University disciplinary measures and/or legal action.

 

ITS Operating Policies & Procedures

To view all of the University ITS operating policies and procedures, click this link: SVSU Information Technology Services Policies.


^TOP


1 Lloyd L. Rich, “Internet Legal Issues: Framing,” The Publishing Law Center,
1999, 21 March 2008 <www.publaw.com/framing.html>

 

 

Adopted 05/02/96 VP-ABA
Revised 02/12/10 VP-ABA, ED-ITS