Information Technology Usage Policy
Revised September 2, 2010
Table of Contents
.030 Appropriate Use
.070 Reporting Violations
"Respect for intellectual labor and creativity is vital to academic discourse and enterprise. This principle applies to works of all authors and publishers in all media. It encompasses respect for the right to acknowledgment, the right to privacy, and the right to determine the form, manner, and terms of publication and distribution. Because electronic information is volatile and easily reproduced, respect for the work and personal expression of others is especially critical in computer environments. Violations of authorial integrity, including plagiarism, invasion of privacy, unauthorized access, and trade secret and copyright violations, may be grounds for sanctions against members of the academic community."— The EDUCOM Code
.020 Background and Purpose
This document constitutes a university-wide policy for the appropriate use of all K-State computing and network resources. It is intended to provide effective protection of individual users, equitable access, and proper management of those resources. These guidelines are intended to supplement, not replace, all existing laws, regulations, agreements, and contracts which currently apply to those resources.
Access to K-State networks and computer systems is granted subject to University policies and local, state, and federal laws. Appropriate use should always be legal and ethical, reflect academic honesty and community standards, and show restraint in the consumption of shared resources. It should demonstrate respect for intellectual property; ownership of data; system security mechanisms; and individuals' rights to privacy, freedom of speech, and freedom from intimidation, harassment, and unwarranted annoyance.
The University is not responsible for unacceptable or unethical use of the information technology environment including computer and computer networks or electronic communication system.
.030 Appropriate Use
Appropriate use of information technology resources includes instruction; independent study; authorized research; independent research; and official work of the offices, units, recognized student and campus organizations, and agencies of the University.
Authorized use of K-State-owned or operated computing and network resources is consistent with the education, research, and service mission of the University, and consistent with this policy.
Authorized users are:
- K-State faculty, staff, and students.
- Anyone connecting from a public information service.
- Others whose access furthers the mission of the University and whose usage does not interfere with other users' access to resources.
In addition, a user must be specifically authorized to use a particular computing or network resource by the campus unit responsible for operating the resource.
Acceptable conduct in and use of this environment must conform with: existing University policies, guidelines, and codes of conduct; K-State's Web, Email, Intellectual Property and Information Resource Policies; Kansas Board of Regents policies and guidelines; the usage guidelines of other networks linked to K-State's networks or computer systems, and existing local, state and federal laws.
Therefore, any misuse or violation of K-State's information-technology environment will be judged in accordance with those published policies and rules of conduct, including, but not limited to, the K-State Student Handbook, the Student Governing Association Conduct Code, the University's Policy Prohibiting Racial and/or Ethnic Harassment, the University's Policy Prohibiting Sexual Harassment, the Faculty Handbook and the University Policy and Procedures Manual.
It is your responsibility to be aware of the potential for and possible effects of manipulating information, especially in electronic form, to understand the changeable nature of electronically stored information, and to continuously verify the integrity and completeness of information that you compile or use. You are responsible for the security and integrity of University information stored on your individual computing desktop system.
.040 Confidentiality and Privacy
Authorized access to data or information entails both privilege and responsibility, not only for the user, but also for the system administrator. In general, the university will treat information stored on computers as confidential. However, there is no expectation of privacy or confidentiality for documents and messages stored on University-owned equipment. Additionally, email and data stored on K-State's network of computers may be accessed by the university for the following purposes:
- Troubleshooting hardware and software problems.
- Preventing unauthorized access and system misuse.
- Retrieving business related information.*
- Investigating reports of violation of this policy or local, state or federal law.*
- Complying with legal requests for information.*
- Rerouting or disposing of undeliverable mail.
* The system administrator will need specific approval from the Chief Information Office (CIO) or the appropriate designee to access these items. The extent of the access will be limited to what is essentially necessary to acquire the information.
To the greatest extent possible in a public setting individuals' privacy should be preserved. However, privacy or confidentiality of documents and messages stored on University-owned equipment cannot be guaranteed. Users of electronic mail systems should be aware that, in addition to being subject to authorized access, electronic mail in its present form cannot be secured and is, therefore, vulnerable to unauthorized access and modification by third parties.
.050 Examples of Prohibited Use
Use of K-State network and computer systems is conditioned upon compliance with this and other university policies and all applicable laws. Though not exhaustive, the following list is provided to emphasize that these activities are NOT allowed on K-State networks or computer systems:
- Using facilities, accounts, access codes, privileges or information for which you are not authorized.
- Sharing your eID password with others.
- Viewing, copying, altering, or destroying anyone's files without explicit permission from that individual.
- Representing yourself electronically as another user.
- Unlawfully harassing others.
- Creating and/or forwarding chain letters.
- Posting or mailing obscene materials.
- Game playing that interferes with academic or administrative use by others.
- Making, distributing, or using unauthorized copies of licensed software.
- Unauthorized copying, reproducing, or redistributing others' text, photos, sound, video graphics, designs or other information formats.
- Obstructing others' work by consuming large amounts of system resources, such as disk space, CPU time and etc.
- Unauthorized testing of systems and/or resources, such as using program loops, introducing destructive software (e.g., virus software) or attempting system crashes.
- Running or otherwise configuring software or hardware to intentionally allow access by unauthorized users.
- Attempting to circumvent or subvert any system's security measures.
- Advertising for commercial gain.
- Distributing unsolicited advertising.
- Disrupting services, damaging files or intentionally damaging or destroying equipment, software or data belonging to K-State or other users.
- Using computing resources for unauthorized monitoring of electronic communications.
- Destroying public records in violation of K-State's Retention of Records Policy (PPM Chapter 3090).
- Violating any K-State or Kansas Board of Regents policy or any local, state or federal law.
In cases of doubt, users bear the burden of responsibility to inquire concerning the permissibility of external network uses, prior to execution. Such questions should be directed to the Chief Information Officer.
.060 Responsible Use of Library-provided Electronic Content
Electronic content made available by the K-State Libraries is provided through specific license agreements. These licenses describe who can use the resource, how it may be used, and the consequences of misuse. Excessive or systematic downloading may result in denial of access. While definitions differ, publishers generally consider multiple sequential chapters of a book or more than half of an entire issue of a journal excessive. Many licenses limit the use of materials to authorized users. Authorized users are K-State faculty, staff, and currently enrolled students. Sharing electronic resources with non-authorized users is prohibited. Sharing passwords, placing licensed materials on a publicly accessible website, and commercial use of licensed information is prohibited. Use of any Library electronic resources constitutes acceptance of K-State’s Information Technology Usage Policy, PPM Chapter 3420.
.070 Reporting Violations
All users and units should report any discovered unauthorized access attempts or other improper usage of K-State computers, networks, or other information processing equipment. If you observe, or have reported to you, a security or abuse problem, with any University computer or network facilities, including violations of this policy, you should notify the Chief Information Officer, the Director of Network & Telecommunications Services or other appropriate administrator.
Persons in violation of this policy are subject to the full range of sanctions, including the loss of computer or network access privileges without notification, disciplinary action, dismissal from the University, and legal action. Some violations may constitute criminal offenses, as outlined in Kansas statutes and other local, state, and federal laws; the University will carry out its responsibility to report such violations to the appropriate authorities.
Unit heads have the authority to deny access, for unauthorized use, to K-State's computers and network systems under their control.
Questions regarding this policy should be sent to the Chief Information Officer (CIO).