Responsible Administrator(s):
Responsible Office(s):
Originally Issued: December 2013

Statement of Purpose

The purpose of this policy is to:

  • Ensure that use of computing and information technology resources is consistent with the principles and values of the university including academic freedom, privacy, and security.
  • Ensure that computing and information technology resources are used for their intended purposes and meet compliance requirements.
  • Ensure the confidentiality, integrity, availability, reliability and proper performance of computing and information technology resources.

Entities Affected by this Policy

Entities affected by this policy include 51吃瓜黑料 students and employees and anyone who accesses 51吃瓜黑料 computing and/or information technology resources.

Who Should Read this Policy

51吃瓜黑料 students and employees and anyone who accesses 51吃瓜黑料 computing and information technology resources should read this policy.

Policy

Context

51吃瓜黑料鈥檚 computing and information technology resources are dedicated to the support of the university鈥檚 mission and its core themes to promote student learning and success, advance and support research scholarship and creative activity, and foster inclusion and community engagement. While advancing the mission and core themes, 51吃瓜黑料 respects, upholds, and endeavors to safeguard the principles of academic freedom, freedom of expression, and freedom of inquiry. 51吃瓜黑料鈥檚 commitment to the principles of academic freedom and freedom of expression includes electronic information.

The use of computing and information technology resources in a manner consistent with the mission and ideals of the university and with the Nevada System of Higher Education (NSHE) Computing Resources Policy requires adherence to legal statutes, approved policies, and responsible behavior, including:

  • using only assigned account(s) or account information
  • respecting the privacy and rights of other computer users
  • protecting the integrity of the physical environments in which information technology equipment resides
  • complying with all pertinent software license and contractual agreements, and
  • obeying all 51吃瓜黑料 and NSHE regulations, state and federal laws.

51吃瓜黑料 seeks to create an atmosphere of privacy with respect to information and 51吃瓜黑料 information technology resources. 51吃瓜黑料 acknowledges its responsibilities to respect and advance free academic inquiry, free expression, reasonable expectations of privacy, due process, equal protection of the law, and legitimate claims of ownership of intellectual property. Such responsibilities are balanced with the acknowledgement that users should be aware that they should have no expectation of privacy in connection with the use of 51吃瓜黑料 resources beyond the explicit provisions of university policy and applicable federal and state law (e.g., NRS Chapter 239, Public Records). 51吃瓜黑料 is a public institution, and because the university must be able to respond to lawful requests and ensure the integrity and continuity of its operations, use of the university's information resources cannot be completely private.

Information on university computers and equipment may be subject to legal discovery and disclosed:

  • In response to lawfully executed court ordered warrants or subpoenas
  • As a result of the Nevada Public Records Act (i.e. public records request)
  • In response to federal 鈥淔reedom of Information Act鈥 requests
  • In litigation involving the university and/or university employees
  • In criminal investigations or investigations of student or employee misconduct
  • In university investigations in accordance with NSHE or university policy.

When warranted, university staff are asked to assist in investigations and discovery and have direct responsibility for investigating and responding to some alleged offenses and incidents involving computing resources.

Policy

Each person may use only those computing and information technology resources for which he or she has authorization. Examples of violations include, but are not limited to:
  • asking another person for individual account passwords or attempting to obtain such passwords by any means
  • using resources without authorization
  • sharing university accounts with other persons without authorization
  • accessing files, databases, data or processes without authorization
  • using former system and access privileges without authorization after association with the university has ended.
Computing and information technology resources must be used in a manner that respects the privacy and rights of others. Examples of violations include, but are not limited to:
  • accessing, attempting to access, or copying someone else鈥檚 electronic mail, data, programs, or other files without authorization
  • divulging sensitive, personal information without a valid business or academic reason
  • developing or using programs that may cause problems or disrupt services for other users
  • misrepresenting another user鈥檚 identity in any electronic communication (e.g., forging an e-mail address)
  • using electronic resources for deceiving, harassing or stalking other individuals
  • sending threats, 鈥渉oax鈥 messages, chain letters, or phishing
  • intercepting, monitoring, or retrieving any network communication without authorization.
The access to and integrity of computing and information technology resources must be protected. Examples of violations include, but are not limited to:
  • sharing passwords
  • purposefully propagating computer malware such as computer viruses, worms or Trojan Horses, except under secure conditions for research or teaching purposes
  • preventing others from accessing an authorized service
  • degrading or attempting to degrade performance or deny service
  • corrupting information
  • altering or destroying information without authorization
  • making university systems and resources available to those not affiliated with the university
  • installing hacking or vulnerability tools in university systems without authorization
  • circumventing or attempting to circumvent security mechanisms without authorization.
Applicable laws and university policies must be followed. Examples of violations include, but are not limited to:
  • uploading, downloading, distributing or possessing material deemed illegal under US and state laws, such as child pornography or classified information
  • using university computing or network resources for advertising, partisan political activities or commercial purposes (see the exception for 鈥51吃瓜黑料 Student elections, which are governed by CSUN policy鈥 in Section II.1. 鈥淧artisan Political Activity鈥 and the definition of political activity from the NAC 284.770, both referenced in the Related Documents section)
  • making unauthorized copies of licensed software
  • downloading, using or distributing illegally obtained media (e.g., software, music, movies) using the campus network, whether on a 51吃瓜黑料-issued computer or not
  • accessing, storing or transmitting sensitive, personal information without a valid business or academic reason, or outside the parameters of limited personal use
  • transmitting sensitive, personal information without using appropriate security protocols (NRS 603A).
Limited personal or non-university use of 51吃瓜黑料 computing and information technology resources is allowable only if ALL of the following conditions are met:
  1. the use does not interfere with an employee鈥檚 duties
  2. the cost and value related to use is nominal
  3. the use does not create the appearance of impropriety or 51吃瓜黑料 endorsement
  4. the use is otherwise consistent with this policy.

Refer to the Office of Information Technology鈥檚 Policies and Procedures web page at for additional information, including how to request an exception to this policy.

Definitions

Authorization

Permission to engage in activities otherwise deemed unacceptable only if required by existing policies, procedures, documented approval, assigned responsibility, or research or teaching purposes with adequate protections and in accordance with federal, state, and local laws.

Phishing

A scam by which an e-mail user is duped into revealing sensitive, personal or confidential information, which the scammer can use illicitly.

Sensitive, personal information

Any information about the individual maintained by the university, including the following: (a) Education, financial transactions, medical history, and criminal or employment history; and, (b) Information that can be used to distinguish or trace the individual鈥檚 identity, including name, social security number, date and place of birth, mother鈥檚 maiden name, or biometric records.

Student

Currently admitted to 51吃瓜黑料 - or - enrolled in at least one course at 51吃瓜黑料 - or - has completed at least one course at 51吃瓜黑料 within the previous six academic semesters (spring, summer, and fall).

Systems

Devices and applications accessed via the network.