Multimedia Classroom
Title: Technology
graphic
Button Home
Committees & Working Groups
Directory & Contacts
Directions
Mailing Lists
Policies, Papers & Reports
Button For Alumni
Button For Everyone
Button For Faculty & Staff
Button For Students
Button Teaching & Research
  Wesleyan University - Please review the policy below

Wesleyan Computer Usage Policy

Table of Contents

Introduction

Purpose of University Systems
Definitions
Scope
Use of University Systems
Privileges for University Users
Responsibilities for all Users
University Rights
Amendment: Web 2.0 Tools

Introduction

The Wesleyan Computer Usage Policy's purpose is to help ensure that all technology use fully respects applicable laws, the rights of the University and its community members.  Consequently, the policy augments existing policies and principles (as represented in The Faculty Handbook) which protect the freedom of expression and privacy of University students, faculty, staff, prospective students and alumni.  This policy augmentation seeks to address the circumstances brought about by the use of technology which may effect underlying institutional policies, principles and values.  

Purpose of University Systems
The purpose of University Systems is to further the research, education, and administrative functions of Wesleyan University.
To achieve this purpose, these policies intend:

  • to ensure the integrity, reliability, and good performance of University Systems;
  • to ensure that the community of Users at Wesleyan operates according to the same conventions and values as the larger Wesleyan community;
  • to ensure that University Systems are used for their intended purposes; and
  • to establish sanctions and processes for addressing violations.

Definitions
University Systems include the computers, terminals, storage media, printers, networks, modems, phone system and related equipment, as well as data files or documents owned, managed or maintained by Wesleyan University. For example, University Systems include institutional, departmental and faculty research systems and general access computer facilities. Privately owned equipment is not a University System even if it is attached to the Wesleyan network unless that equipment is managed or maintained by Wesleyan University.

A User is any person, whether authorized or not, who makes use of any University System from any location. For example, this definition includes individuals who access University web pages, library facilities, prospective student/employee or research computers.

A University User is a user with authorization to access a non-public University System. University Users include Wesleyan students, faculty members, staff members, and alumni or alumnae with accounts on University Systems.   Levels of access and authorization will vary depending on the individual's role in the University.

The University may, at its discretion, grant guest access to members of the Middletown community through the Center for Community Partnerships (CCP). This access is available only for the semester in which it has been requested and must be renewed through the CCP for the next semester. University Users always take precedence over community guests. Guests may be asked to vacate a computer if others are not available.  

A System Stakeholder is a person responsible for the data and use of a system.  The System Stakeholder may be in an campus office including Human Resources, Registrar's Office or Research lab.

System Administrator is an individual with the authority to grant access to a particular system.  This access is determined by System Stakeholders across campus.   Together with the System Stakeholder, the System Administrator is responsible for system security.


 Scope
Wesleyan's Information Technology Policies apply to all University Systems and their use.

Many University Systems (Wesleyan's Web Pages, File Servers, University email services, individual research systems, etc.) sometimes have service-specific policies in addition to these institutional policies. Please refer to postings available with each system to identify all applicable policies.

The policies described herein are those that the University intends to use in normal operation of its facilities. This document does not waive any claim that Wesleyan University may have to ownership or control of any hardware, software, or data created on, stored on, or transmitted through University Systems. 

The use of University Systems, even when carried out on a privately owned computer that is not managed or maintained by the University, is governed by this policy. 

Use of University Systems

Proper Authorization
Use of non-public University Systems is restricted to University Users.

Appropriate Use
University Systems may be used only for their intended, authorized purposes. For example, privately owned computers may not host sites for non-Wesleyan organizations across the Wesleyan network without specific authorization.

Commercial Use
 Without specific authorization, activities using University Systems for non-Wesleyan commercial purposes are prohibited. This is not meant to restrict normal communications and exchange of electronic data, consistent with the University's education and research roles, that may have a financial benefit for an external organization. For example, it is appropriate to discuss products or services with companies doing business with Wesleyan or to contribute to on-line forums discussing issues relating to commercial products.   Inappropriate use would include activities such as using a Wesleyan-based web site to run a personal for profit business.

Contracts
All use of University Systems must be consistent with all contractual obligations of the University, including limitations defined in software and other licensing agreements. 

Record Retention
Record retention should follow the guidelines of the General Counsel's Record Retention Policy as found at: http://www.wesleyan.edu/generalcounsel/policies.html.

Privileges for University Users

Limited Confidentiality

System Administrators and Stakeholders make all reasonable efforts to maintain the confidentiality of systems and their data. However, limits and risks do apply to confidentiality, due, for example, to technical limitations, software bugs, and system failures. Systems Administrators will take reasonable steps to inform University Users of limits to confidentiality for their respective University Systems.  University Users are expected to become familiar with those limits and risks of confidentiality in the University Systems which they use and to manage their confidential data accordingly.

Whenever possible and appropriate, ITS will attempt to notify Users of any unusual access to their data.  There are, however, circumstances in which, following carefully prescribed procedures, the University may determine that certain broad concerns outweigh the value of a User’s expectation of privacy and warrant University access to relevant University Systems without the prior notification  of the University User.

The following conditions are examples of adequate cause for accessing data residing in University Systems without User notification.

1.       When necessary to identify or diagnose system or security vulnerabilities and problems, or otherwise preserve the integrity of the University Systems

2.       When required by federal, state or local law

3.       When the University has been informed that a violation of law or University Policy may have taken place and inspection or monitoring may produce evidence related to the misconduct

4.       When required to preserve public health or safety

Fair Process
 University Users have the right to fair process in cases of discipline resulting from policy violations. See Enforcement Procedures, below.

Responsibilities for All Users

 Personal Account Responsibility
Users are responsible for the security of their University System accounts and passwords. Any User changes of password must follow published guidelines for passwords. Accounts and passwords are normally assigned to single Users and are not to be shared with any other person.

Users are presumed to be responsible for any activity carried out under their University System accounts.

Unauthorized Use
 Users must not permit or assist any unauthorized person to access University Systems. Non-public University Systems may not be used by any non-Wesleyan organization, for example, without appropriate authorization.

Security
 Users must not defeat or attempt to defeat any University System's security, for example, by 'cracking' or guessing User identifications or passwords.

Unauthorized Data Access
 Users must not access or attempt to access data on a University System they are not authorized to access. Users must not make or attempt to make any deliberate, unauthorized changes to data on a University System. Users must not intercept or attempt to intercept data communications not intended for that User's access, for example, by inappropriate network sniffing, monitoring or wiretapping.

Concealed Identity
 Users must not conceal their identity when using University Systems.  For example, Users must not masquerade as or impersonate others.

Denial of Service
 Users must not deny or interfere with or attempt to deny or interfere with service to other Users by means of "resource hogging," distribution of computer worms or viruses, etc. Knowing or reckless distribution of unwanted mail or other messages is prohibited.   

Uses of computer resources that may cause excessive network traffic or computing load are prohibited.  For example, a User sending out thousands of emails which included a large attachment would seriously compromise the performance of the email system.

Copyright
 Users must observe intellectual property rights including, in particular, copyright laws as they apply to software and electronic forms of information.

For example, illegal sharing of copyrighted music or video is prohibited. 

External Data Networks
 Users must observe all applicable policies of external data networks when using such networks.

Modification of Data or Equipment
 Without specific authorization, Users of University Systems must not cause, permit, or attempt any destruction or modification of data or computing or communications equipment, including but not limited to alteration of data, reconfiguration of control switches or parameters, or changes in firmware. This rule protects data, computing, and communications equipment owned by Wesleyan University, or any other person or entity. 'Specific authorization' refers to permission by the owner or Systems Administrator of the equipment or data to be destroyed or modified.

Mobile Devices
With the proliferation of privately-owned mobile devices including laptops, smartphones and tablets; users need to remove any personal or institutional data before disposal or recycling.

Responsibility for Content
 Representatives of Wesleyan University publish institutional information in a variety of electronic forms. Such institutional information will normally be identified by a statement of the Certifying Authority publishing the information. A Certifying Authority is that University department or individual who certifies the accuracy of an electronic document and its appropriateness for the conduct of University business.  Examples of such data would be a University Transcript, Admission Letter of Acceptance or W2 Tax Form.

Users also publish information in electronic forms on Wesleyan equipment and/or over Wesleyan's networks. Wesleyan has no intention or opportunity to screen such private material and thus cannot assure its accuracy or assume any responsibility for this material. Any electronic publication provided on or over Wesleyan equipment and/or networks which is not identified by a Certifying Authority is the private speech of an individual User.

Threats and Harassment
 Users may not use a University System to threaten or harass any person.  Upon request to University Authorities, a User must cease sending messages or interfering in any way with another User's normal use of University Systems.

Removal of Equipment or Documents
 Without specific authorization by the owner or System Administrator, Users must not remove any University owned or administered equipment or documents from a University System.

Unauthorized Computer Equipment

Without specific authorization by the owner or System Administrator, Users must not physically or electrically attach any foreign device (such as an external disk, printer, or video system) to a University System.

This restriction includes the unauthorized installation of any  additional network-related or digital communications equipment ( such as routers, hubs, or wireless access points) on the Wesleyan network. 

Violations
 Users must not conceal or help to conceal or "cover up" violations by any party.

Users are expected to report any evidence of actual or suspected violation of these policies to the Systems Administrator of the facility most directly involved. In case of doubt, the report should be made to the VP for Information Technology.

University Rights


Personal Identification
 Users of University Systems must show identification including University affiliation upon request by a System Administrator or other University authority.

Access to Data
 Users must allow systems administration personnel access to data files on University Systems for the purpose of making backups, diagnosing systems problems and investigating policy violations.

Oversight Authority
 University staff are authorized to investigate alleged or apparent violations of University policy or applicable law involving University Systems using whatever means appropriate.

Enforcement Procedures
 Systems Administrators are authorized by the University to investigate policy violations and apply temporary reduction or elimination of access privileges while the matter is under review. These temporary sanctions may apply to computing accounts, networks, University-administered computing rooms, and other services or facilities.

When a Systems Administrator believes it necessary to preserve the integrity of facilities, user services, or data, he or she may suspend any account or limit account privileges, whether or not the account owner (the User) is suspected of any violation. The System Administrator will attempt to notify the User of any such action.

When informed of copyright violations by the copyright holders or their representatives the University will comply with their requests to identify the individuals responsible and stop the illegal activity.  

Depending on the role or status of the individual, authorization by the appropriate University Office will be sought before any access to electronic data occurs   In the case of students, the Dean of the College would be consulted.  For faculty, permission would be obtained from the VP for Academic Affairs and for staff, the appropriate University Officer would be notified.

A University User accused of a violation will be notified of the charge and will have an opportunity to respond to the University disciplinary body appropriate to the violator's status, before a final determination of any penalty.  

In addition to discipline by Wesleyan University, Users may be subject to criminal prosecution, civil liability, or both, for unlawful use of any University systems.

Amendment: Web 2.0 Tools
General use of Web 2.0 tools including blogs and wikis is addressed by the Computer Usage Policy. The following amendment addresses issues related to these tools.

  • Faculty and staff members may request a blog or wiki for use in conjunction with their work. The requestor will be the owner of the blog and assumes responsibilities as defined by the computer usage policies.
  • Current full-time students may request a blog for use in conjunction with their work. The requestor will be the owner of the blog and assumes responsibilities as defined by the computer usage policies. Students should expect their blogs to be deleted upon graduation or separation from Wesleyan. Owners can export their blog posts/pages to move them to a different server.
  • Faculty and staff members may also request group blogs or wikis. Group blogs can be used in courses, research, department websites, and collaborative projects.  
  • WSA groups may request student group blogs. Student group blogs can be used as a web presence for the group. The technical contact will be the owner of the blog and assumes responsibilities as defined by the computer usage policies.
  • Faculty and staff members may request additional Wesleyan computer accounts for collaborators from other institutions for participation in Web 2.0 activities, and their use will be covered by the computer usage policies.
  • Anonymous postings to blogs and wikis are not permitted. Owners of blogs and wikis may not reconfigure the system to allow anonymous postings.
  • Comments are an integral part of Web 2.0. All comments will be run through a SPAM engine. An individual making a comment is required to provide a valid email address before entering comments. The blog owner is responsible to review each comment before posting it to the blog for others to see. The blog owner reserves the right not to publish individual comments. The blog owner may opt to require Wesleyan password authentication before comments can be submitted.
  • At the discretion of the VP for ITS, blogs created by Wesleyan-provided software can be available on a web page or RSS syndication.
  • Wesleyan does not guarantee that it will provide ancillary software, such as databases and script languages, that authors may wish to use in their blogs or wikis.
  • Any social media accounts including Facebook, Twitter etc. which are created for a Wesleyan entity remain the property of Wesleyan University.

Revised: February 2012

 

 
graphic
graphic
graphic