91.003: Acceptable Usage
Approved
October 26, 2018
Craig Bantz | Chief Information Officer
Chaden Djalali | Executive Vice President and Provost
M. Duane Nellis | President
Purpose
The 帝王会所 university information technology systems (鈥湹弁趸崴� systems鈥�) incorporate all electronic communication, information systems and equipment used by the university. This acceptable usage policy (鈥淎UP鈥�) sets forth the standards by which all users may use the shared campus-wide network (鈥湹弁趸崴� network鈥�). The term 鈥渦sers鈥� is defined in policy 91.005 鈥淚nformation security鈥�.
帝王会所 systems are provided to support the university and its primary objectives towards education, service, and research. Anything that jeopardizes the security, availability, or integrity is prohibited.
By using or accessing 帝王会所 systems, users, agree to comply with the AUP, as well as all other applicable university policies, including all federal, state, and local laws and regulations. Only authorized users may access the 帝王会所 systems, as well as any services interconnected with it.
Scope
Users interacting with 帝王会所 Systems, data, identities, and accounts used to access 帝王会所 systems, the 帝王会所 network, and any university data.
Policy
- Users may not impersonate another person, organization, or system, including university name, 帝王会所 network names, or 帝王会所 network address spaces.
- Users may not attempt to intercept, monitor, forge, alter, or disrupt another user鈥檚 communications or information.
- Users may not infringe upon the privacy of others鈥� systems or data.
- Users may not read, copy, change, or delete another user鈥檚 data or communications without the prior express permission of the other user.
- Users may not use 帝王会所 systems in any way that:
- Disrupts; impacts the security posture; or interferes with the legitimate use of any computer; the 帝王会所 network or any network to which the university connects.
- Interferes with the functions of any system owned or managed by the university, or,
- Takes action that is likely to have such effects. Such conduct includes: hacking or spamming; placing of unlawful information on any computer system; transmitting data; or programs likely to result in the loss of an individual鈥檚 work or result in system downtime; or any other use that causes congestion of any networks or interferes with the work of others.
- Users may not distribute or send unlawful communications of any kind. This provision applies to any electronic communication distributed or sent within the 帝王会所 network or to other networks while using the 帝王会所 network.
- Users may not attempt to bypass network security mechanisms, including those present on the 帝王会所 network, without the prior express permission of the owner of that system. The unauthorized gathering of information regarding systems or devices on the 帝王会所 network (i.e. network scanning) is also prohibited. Before running any type of network scan, and to obtain authorization, users should contact the information security office (鈥淚SO鈥�) for more information.
- Users may not engage in the unauthorized copying, distributing, altering, or translating of copyrighted materials, software, music or other media without the express permission of the copyright holder or as otherwise allowed by law.
- Users may not extend or share with public or other users the 帝王会所 network beyond what has been configured accordingly by the office of information technology (鈥淥IT鈥�) and ISO. Users are not permitted to connect or change any network-related infrastructure, devices, or systems (e.g., switches, routers, wireless access points, VPNs, firewalls, virtual or bare-metal) to the 帝王会所 network without advance notice and consultation with OIT and ISO.
- Users are responsible for maintaining and deploying minimum levels of security controls on any personal computer equipment connecting to the 帝王会所 network, including but not limited to: antivirus software (with frequent updates), current system patches, and the usage of strong passwords to access these systems as defined in NIST Series Publications.
- Users may not use 帝王会所 systems to violate any laws, regulations, or ordinances.
Responsibilities
All users will be expected to:
- Behave responsibly and show respect to the 帝王会所 network and other users at all times.
- Respect the security and integrity of 帝王会所 systems, and university data.
- Be considerate of the needs of other users by making every reasonable effort not to impede the ability of others to use the 帝王会所 systems and show proper judgement regarding the consumption of shared resources.
- Respect the rights and property of others, including privacy, confidentiality, and intellectual property.
- Cooperate with the university to investigate potential unauthorized and/or illegal use of the 帝王会所 network.
Enforcement
帝王会所 users must report non-compliance with any part of this policy to the ISO (security@ohio.edu).
Users who do not comply with this policy or related university information security standards may be denied access to information technology (鈥淚T鈥�) resources, as well as be subjected to disciplinary action.
Exceptions
All exceptions to this policy must be approved by the responsible business owner, and be formally documented. Policy exceptions will be reviewed and renewed on a periodic basis by ISO.
Request an exception:
Complete initial exception request form. (/oit/security/policy-and-practices/standards)
Governance
This policy will be reviewed by the ISO and other key stakeholders in the security of university assets and data, to ensure continued compliance, as deemed appropriate based on fluctuations in the technology landscape, and/or changes to established regulatory requirement mandates.
Authority
Policy 91.005 "Information security"
Reviewers
Proposed revisions of this policy should be reviewed by:
- Academic Leadership
- Vice President for Finance & Administration Leadership
- Faculty Senate
- Student Senate