Security

Guidelines for Passwords

Users are responsible for all activity involving their user accounts. User accounts should be kept secure and private. Users should not use identifying data or common words as passwords. Passwords should be difficult to crack or otherwise guess by individuals or by sophisticated computer programs. It is recommended that users change passwords for all user accounts every 90 days in order to secure access to accounts. Users are strictly prohibited from revealing passwords or otherwise permitting the use by others (by intent or negligence) of personal accounts for computer and network access.

Levels of Access to the Network

Users are provided access to the computer network and related tools to assist them in the performance of their jobs or studies. The university is the custodian of a wide array of personal and financial data concerning its students, staff, and faculty, as well as the university itself. Users should respect the university’s obligations of confidentiality as well as their own confidentiality. Only users with authorization may access, communicate, or use confidential information. The university has the right to expect that computer users will properly identify themselves. Computer accounts are assigned and identified to individuals. Privileges and responsibilities granted to users vary between groups. Some have additional and sometimes more restrictive guidelines applicable to the user. The use of restricted-access university computer resources or electronic information without or beyond one’s level of authorization is strictly prohibited.

Virus Protection

Interference with or disruption of the computer or network accounts, services, or equipment of others through the propagation of computer worms and viruses is strictly prohibited. Unauthorized scanning of networks for security vulnerabilities is strictly prohibited.

Confidentiality

Although respect for privacy is fundamental to the university’s policies, almost any information is able to be read or copied and some user information is maintained in system logs as part of a responsible computer system maintenance plan. The university reserves the right to examine computer files, and, in rare circumstances, the university may be compelled by law or policy to examine even personal and confidential information maintained on university computing facilities.

Usage of Data

Unauthorized copying and/or use of licensed computer software is strictly prohibited. Unauthorized access, possession, or distribution – by electronic or other means – of electronic information or data that is confidential under the university’s policies regarding privacy or the confidentiality of student, administrative, personnel, archival, or other records is strictly prohibited. Intentionally compromising the privacy or security of electronic information is strictly prohibited. Intentionally infringing upon the intellectual property right of others in computer programs or electronic information (including plagiarism and unauthorized use or reproduction) is strictly prohibited. Altering or attempting to alter files or systems without authorization is strictly prohibited. Intentionally damaging or destroying the integrity of electronic information is strictly prohibited.