Board of Regents for Higher Education
IT-001 ACCEPTABLE AND RESPONSIBLE USE OF INFORMATION
TECHNOLOGY AND RESOURCES POLICY
To adhere to Acceptable and Responsible Use policy, users of ConnSCU IT resources must NOT:
•
Use ConnSCU IT resources to violate any ConnSCU policy or state or federal law.
•
Use another person's IT resource, User ID, password, files, or data.
•
Have unauthorized access or breach any security measure including decoding passwords or accessing control
information, or attempt to do any of the above.
•
Engage in any activity that might be harmful to IT resources or to any information stored thereon, such as
creating or propagating viruses, disrupting services, damaging files or making unauthorized modifications to
computer data.
•
Make or use illegal copies of copyrighted materials or software, store such copies on ConnSCU IT resources,or
transmit them over ConnSCU networks.
•
Harass or intimidate others or interfere with the ability of others to conduct ConnSCU business.
•
Directly or indirectly cause strain on IT resources such as downloading large files, unless prior authorization from
the appropriate ConnSCU authority as determined by the institution is given.
•
Use ConnSCU IT resources for unauthorized purposes may include but are not limited to, the conduct of a
private business enterprise, monetary gain, commercial, religious or political purposes.
•
Engage in any other activity that does not comply with the general principles presented above.
No Expectation of Privacy
All activities involving the use of ConnSCU IT systems are not personal or private. Therefore users should have no expectation
of privacy in the use of these resources. Information stored, created, sent or received via ConnSCU IT systems is potentially
accessible under the Freedom of Information Act.
Pursuant to Communications Assistance for Law Enforcement Act (CALEA), Public Act 98-142, and the State of Connecticut’s
“Electronic Monitoring Notice”, the Board of Regents reserves the right to monitor and/or log all activities of all users using
ConnSCU IT systems without notice. This includes, but is not limited to, files, data, programs and electronic communications
records without the consent of the holder of such records.
Assurance
Each ConnSCU institution shall incorporate the Acceptable and Responsible Use Policy as part of the terms and conditions for
issuing institution computer network accounts. Each ConnSCU institution shall have all full-time and part-time employees,
including student employees, acknowledge that they have read and understand the Acceptable Use Policy. Each ConnSCU
institution shall make the Acceptable Use Policy accessible to all employees and students.
Enforcement
Violations of ConnSCU Acceptable and Responsible Use policy may result in appropriate disciplinary measures in accordance
with local, state, and federal laws, as well as ConnSCU Policies, general rules of conduct for all colleges and university
employees, applicable collective bargaining agreements, and the ConnSCU student conduct codes.
For purposes of protecting the ConnSCU network and information technology resources, the BOR Information Security
Program Office, in conjunction with college/university IT department, may temporarily remove or block any system, device,
or person from the ConnSCU network that is reasonably suspected of violating ConnSCU information technology policy. These
non-punitive measures will be taken to maintain business continuity and information security; users of
the college/university information technology resources will be contacted for resolution.
Exception Process
ConnSCU recognizes that some portions of the Acceptable and Responsible Use of Information Technology Resources Policy
may have to be bypassed from time-to-time because of technical or business reasons.
Accordingly, exceptions may be made provided:
1.
The need for the exception is legitimate and approved by the BOR CIO or designee.
2.
The exception does not disrupt or compromise other portions of the ConnSCU service delivery capability.