General Statement
As part of the physical and social learning infrastructure, Millikin University acquires, develops, and maintains computers, systems, and networks. The resources are intended for university-related purposes, including direct and indirect support of the university’s instruction, research, service missions, administrative functions, student and campus life activities, and the free exchange of ideas among members of the Millikin community and between the university community and the wider local, national, and world communities.
The rights of academic freedom and freedom of expression apply to the use of Millikin computing resources as do the responsibilities and limitations associated with those rights. The use of university computing resources, like the use of any other university-provided resource and like any other university-related activity, is subject to the normal requirements of legal and ethical behavior within the university community.
Purpose: This policy is designed to identify and describe the appropriate use of technology resources provided by Millikin University and identify and describe the responsibilities of the users of Millikin’s technology resources.
Policy: This policy document is an introduction to the issues of legitimate use, information security, and privacy that arise in the use of computers, software, and electronic information. The policy strives to balance the individual's ability to benefit fully from these resources and the University's responsibility to maintain a secure and reasonably allocated computing, information technology, and networked environment.
Procedure: Students and employees at Millikin University routinely use University-owned computers, software, networks, and computerized information. This technology is provided to further University-related business and educational activities. In addition, some individuals may have special administrative or technical responsibility for a computer, network, or database.
Applies to: All members of the Millikin University community.
The University owns many of the computers and all of the internal computer networks used on campus. The University also has various rights to the software and information contained on, developed on, or licensed for these computers and networks. The University has the responsibility to administer, protect, and monitor this aggregation of computers, software, and networks.
Specifically, the purposes of the University's information technology management are to:
- Establish and support reasonable standards of security for electronic information that community members produce, use, or distribute, and protect the privacy and accuracy of administrative information that the University maintains.
- Protect University computers, networks and information from destruction, tampering, and unauthorized inspection and use.
- Ensure that information technology resources are used to support activities connected with instruction, research, and administration.
- Delineate the limits of privacy that can be expected in the use of networked computer resources and preserve freedom of expression over this medium without tolerating abusive or unlawful activities.
- Take necessary steps to ensure that University computer systems do not lose important information because of hardware, software, or administrative failures or breakdowns. To achieve this objective, authorized systems or technical managers may occasionally need to examine the contents of particular files to diagnose or solve problems.
- Communicate University policies and individuals' responsibilities systematically and regularly in a variety of formats to all parts of the University community.
- Monitor policies and propose changes in policy as events or technology warrant.
- Manage computing resources so that members of the University community benefit equitably from their use. To achieve this, authorized staff may occasionally need to restrict inequitable computer use, including shared systems or the network. For example, the University reserves the right to restrict users from using any program that is unduly resource-intensive.
- Enforce policies by restricting access in case of serious violations. For example, in appropriate circumstances, authorized systems administrators may find it necessary to lock a user's account. In such circumstances, if there is not a resolution within 24 hours, the systems administrator or the user should refer the matter to the appropriate official for follow-up and resolution. (See section on Sanctions for more details.)
- Conduct routine audits of software on University owned computers to check for licensing compliance.
Millikin University supports networked information resources to further its mission of research and instruction and to foster a community of shared inquiry. All members of the University community must be cognizant of the rules and conventions that make these resources secure and efficient. It is the responsibility of each member of the University community to:
- Respect the right of others to be free from harassment or intimidation to the same extent that this right is recognized in the use of other media or communications.
- Respect copyright and other intellectual-property rights. Unauthorized copying of files or passwords belonging to others or to the University may constitute plagiarism or theft. Modifying files without authorization (including altering information, introducing computer viruses or damaging files) is unethical, may be illegal, and may lead to sanctions.
- Maintain secure passwords. Users should establish appropriate passwords according to the guidelines set out by the IT Department, change them when notified, and not share them with others.
- Use resources efficiently. Accept limitations or restrictions on computing resources -- such as storage space, time limits, or amount of resources consumed -- when asked to do so by systems administrators.
- Recognize the limitations to privacy afforded by electronic services. Users have a right to expect that what they create, store, and send will be seen only by those to whom permission is given. Users must know, however, that the security of electronic files on shared systems and networks is not inviolable--most people respect the security and privacy protocols, but a determined person can breach them. Users must also note that, as part of their responsibilities, systems or technical managers may occasionally need to diagnose or solve problems by examining the contents of particular files.
- Learn to use software and information files correctly. Users should maintain and archive backup copies of important work. Users are responsible for backing up their own files. They should not assume that files on shared machines are backed up. They should learn to properly use the features for securing or sharing access to their files. The university encourages individuals to use their designated network drive (home directory) or OneDrive (provided with their Office 365 license to store copies of their documents.
- Abide by security restrictions on all systems and information to which access is permitted. Users should not attempt to evade, disable, or "crack" passwords or other security provisions; these activities threaten the work of others and are grounds for immediate suspension or termination of privileges and possible additional sanctions.
- Remain vigilant in using Millikin’s email system. Never enter Millikin credentials through an email link or attachment. Do not click on links or attachments in emails that have suspicious wording or are asking for money. Report any suspicious emails or system activity to Information Technology immediately.
Student and employee owned computers, which are connected to the network, are required to have an updated anti-virus program installed. If any student or employee owned computer becomes a security or virus threat to the network, IT reserves the right to restrict its access to the network, this includes file sharing or student operated servers in residences.
Millikin University extends these principles and guidelines to systems outside the University that are accessed via the University's facilities (e.g., electronic mail, social networking sites, or remote logins using the University's Internet connections). Network or computing providers outside Millikin University may also impose their own conditions of appropriate use, which users at this University are responsible for following.
Sanctions
Individuals or groups who act in a manner contrary to existing policy and accepted standards for computer use are subject to the sanctions and disciplinary measures normally applied to misconduct or lawbreaking. Computing policy violations are handled by established University channels.
In the first instance, such matters will be addressed by the appropriate IT administrators. Whenever it becomes necessary to enforce University rules or policies, an authorized IT administrator may prohibit network connections by certain computers (even departmental and personal ones); require adequate identification of computers and users on the network; undertake audits of software or information on shared systems where policy violations are suspected; take steps to secure compromised computers that are connected to the network; or deny access to computers, the network, and institutional software and databases. Users are expected to cooperate with investigations either of technical problems or of possible unauthorized or irresponsible use as defined in these guidelines; failure to do so may be grounds for suspension or termination of access privileges.
If the infringement is not settled in discussion with the computing administrator, a matter involving students will be referred to the appropriate dean of students; a matter involving faculty will be referred to the department chair or dean; and a matter involving staff will be referred to the immediate supervisor, the manager of the unit, or an official in Human Resources. In addition, certain kinds of abuse may entail civil or criminal action as well.