Skip to main content

9.2 Policy on Appropriate Use of Information Technology Resources and Systems

I. Purpose

The purpose of this policy is to establish the appropriate use of Illinois State University's information technology resources, computers, networking systems, information and data, collectively defined here as ISU Information Technology Resources and Systems.

II. Scope

ISU Information Technology Resources and Systems are owned by the University and are to be used in support of the educational, research and public service mission of the University. All individuals who use ISU Information Technology Resources and Systems, whether from on campus or off campus, are responsible for using these resources and systems in an effective, ethical, and lawful manner. Use of ISU Information Technology Resources and Systems are subject to University policies, procedures, and applicable state and federal laws.

III. Policy

A. Access Responsibility

An individual who uses ISU Information Technology Resources and Systems is responsible for compliance with this policy. Specific responsibilities include but are not limited to:

Conditions of Access

A user is responsible for following the University Conditions of Access available at www.helpdesk.ilstu.edu/. These conditions require the use of University anti-virus protection as well as user responsibility for keeping operating systems up to date with critical security patches.

Ownership of University Logon ID

University-supplied identifiers, including but not limited to, your University Logon ID (ULID), are the property of the University and may be revoked at any time.

Responsibility to Maintain Privacy of Passwords

Passwords associated with an individual’s ULID, or other University identifier, should not be shared. Compromised passwords may affect not only the individual, but also other ISU Information Technology Resources and Systems users.

Violations

A user accepts responsibility for all violations that occur from a computer system (university owned or private) while utilizing any ISU Information Technology Resources and Systems, including but not limited to when the system is connected to a University network or using the user’s ULID.

Reporting Violations

Members of the University community should report observed security violations to abuse@IllinoisState.edu.

B. Inappropriate Communications and Use of Resources

The principles of academic freedom apply in full to electronic communications. The conventions of courtesy and etiquette, which govern vocal and written communications, shall extend to electronic communications as well. Individuals are responsible for their personal conduct while utilizing ISU Information Technology Resources and Systems, including but not limited to how Illinois State University is represented by the personal conduct.

Access to and utilization of ISU Information Technology Resources and Systems is a privilege and not a right which can be withdrawn or curtailed without notice if there is a reason to believe that the user has or may have violated University policies, procedures or applicable local, state or federal laws. Additionally, violation of this policy can result in further discipline under the appropriate University procedures and/or by civil or criminal prosecution. All individuals, as a condition of their access to or utilization of ISU Information Technology Resources and Systems, agree to cooperate in every way with appropriate officials in an investigation of alleged improprieties or abuse of this privilege and understand that there is no expectation of individual privacy. Failure to cooperate fully shall be considered a violation of this policy.

In addition, many academic course and work-related activities may require the use of ISU Information Technology Resources and Systems. In the event of an imposed restriction or termination of access to some or all ISU Information Technology Resources and Systems, a user enrolled in such courses or involved in computer-related work activities may be required to use alternative facilities, if any, to satisfy the obligation of such courses or work activity. Users are advised that if such alternative facilities are unavailable or not feasible, it may be impossible for the user to complete requirements for course work or work responsibility. The University views misuse of ISU Information Technology Resources and Systems as a serious matter, and may restrict access to its facilities even if the user is unable to complete course requirements or work responsibilities as a result.

1. Inappropriate Communications

Inappropriate Communications include any use of ISU Information Technology Resources and Systems that violates local, state or federal law, University policies or procedures, or interferes with the University mission. Also, any communication which is defamatory, harassing; obscene, as that term has been constitutionally defined; or interrupting to other users of ISU Information Technology Resources and Systems is considered inappropriate. The University reserves the right to take whatever action it deems as appropriate to prevent, correct, or discipline behavior that violates this or any other University policy or procedure.

Additional examples of inappropriate communications include, but are not limited to, the following:

Fraudulent Communications

Any communication sent under an assumed name or modified address, or with the intent to obscure the origin of the communication.

Unethical Communications

An unethical communication is defined as any communication in violation of the State Officials and Employees Ethics Act, as determined by the University Ethics Officer.

Breach of the Peace

Any communication that threatens or endangers the health or safety of any person, or creates in such person a reasonable fear that such will occur, including but not limited to, an individual being fearful of bodily or emotional/mental harm.

Financial Gain

Any communication conducting, promoting or advertising a personal commercial enterprise is prohibited. Use of electronic resources is restricted to authorized purposes consistent with the University's mission.

2. Inappropriate Use of Resources

Inappropriate use of resources includes any use of ISU Information Technology Resources and Systems that violates state or federal law, University policies or procedures, or interferes with the University mission. Also, any use of resources which is defamatory, harassing; obscene, as that term has been constitutionally defined; or interrupting to other users of ISU Information Technology Resources and Systems is also considered inappropriate. The University reserves the right to take whatever action it deems as appropriate to prevent, correct, or discipline behavior that violates this or any other University policy or procedure.

Additional examples of inappropriate use of resources include, but are not limited to, the following:

Use of ISU Information Technology Resources and Systems Unrelated to University Positions

Use of ISU Information Technology Resources and Systems by University employees unrelated to their University positions must be limited in both time and resources and must not interfere in any way with University functions or the employee’s duties. It is the responsibility of employees to consult their supervisors if they have any questions in this respect.

Reduction or Denial of Service

No individual or group may degrade or attempt to degrade the performance of ISU Information Technology Resources and Systems. In addition, no individual or group may deny or attempt to deny access to ISU Information Technology Resources and Systems without the proper authority.

Network Services and Connectivity

No individual or group may establish a major network service, introduce a service that conflicts with a centrally, predefined service, obtain network connectivity, or use directory services without coordinated planning and prior approval from the Associate Vice President, Chief Technology Officer.

Excessive Electronic Mail Use

No individual or group may broadcast unsolicited mail or messages. Examples of such broadcasts include but are not limited to: chain letters, mail bombs, virus hoaxes, spam mail (spreading electronic mail or postings without good purpose), and other electronic mail schemes that may cause excessive network traffic or computing load. Those who anticipate sending or receiving large numbers of electronic mail messages for official University or academic purposes are responsible for complying with the University Policy on Mass Electronic Communications.

Excessive Use of Network Bandwidth

No individual or group may download or distribute digital files, to the extent that such actions are harmful and/or disruptive to ISU Information Technology Resources and Systems. Large-scale distribution of digital files can cause excessive network loading. The University reserves the right to automatically manage and restrict excessive use of network bandwidth. No individual or group shall attempt to circumvent defined University restrictions.

Financial Gain

No individual or group may use ISU Information Technology Resources and Systems for commercial gain, profit, advertisement, or any purpose that interferes with the mission of the University.

Breach of Security

No individual or group may breach the security of ISU Information Technology Resources and Systems through the use of loopholes, system deficiencies, knowledge of computer or network security systems, or knowledge of a special password to do any of the following, including but not limited to, damage computer or network systems, obtain extra resources, take resources from another user or gain access or attempt to gain access to restricted resources for which proper authorization has not been given.

C. Copyrights and Intellectual Property

All members of the University community must observe copyrights and intellectual property rights, including software licensing. The transfer of electronic data files in violation of copyrights or intellectual property rights is prohibited. This includes, but is not limited to, software, electronic music, and video files. In addition, the University’s Digital Millennium Copyright Act (DMCA) agent will evaluate all reports of copyright infringements that may be a violation of the DMCA, and forward all reports deemed to be an infringement to an Appropriate Use Coordinator.

D. Non-University Software and Hardware

Non-University software may be installed on University-owned equipment if the software has been approved by the University, and properly authorized and licensed by the software manufacturer for such installation. Unlicensed software may not be installed on University-owned equipment. University-licensed software may be installed on personal hardware only if the license permits such installation. University approval must come from the employee’s Vice President or their designee. Use of non-University software or hardware without authorization or use of unlicensed software is a violation of this policy and subject to removal. In addition, technical staff of the University will not be responsible for supporting or recovering non-University software or hardware.

E. Personal Employee Use of Information Technology Resources and Systems

ISU Information Technology Resources and Systems are to be used for the educational, research or public service purposes of the University or as specified in contractual arrangements, or other applicable state and federal laws, including but not limited to the State Officials and Employees EthicsAct. Individuals or groups permitted access to ISU Information Technology Resources and Systems may use these services occasionally for personal use, within the constraints of University policy and procedures. Use unrelated to University business must be limited in both time and resources and must not interfere in any way with University functions or the employee’s duties. Further limits may be imposed in accordance with area or departmental needs. Allowing occasional personal use in accordance with this policy does not in any way imply that the University sponsors or endorses employee’s personal use.

F. Privacy

While great effort is made to keep the contents of what you create, store, and send secure, the University cannot and does not guarantee the security or privacy of electronic data on ISU Information Technology Resources and Systems. These systems can sometimes be breached by someone determined to do so. Users have no expectation of individual privacy and the University reserves the right to access ISU Information Technology Resources and Systems.

Valid legal requests for information including but not limited to subpoenas, litigation or potential litigation, and an Illinois Freedom of Information Act (FOIA) request may allow inspection of electronically stored information. In many instances, electronic files are treated in the same way as paper files. For instance, FOIA allows inspection of public documents (including electronic files), as defined by FOIA, through an appropriate FOIA request. This means that every electronic file is subject to inspection unless there is a specific legal reason that such material is protected.

IV. Compliance

Any user of ISU Information Technology Resources and Systems who violates University policies, procedures or applicable local, state or federal laws may be subject to the appropriate disciplinary actions up to and including discharge, termination, or dismissal. Divisions and departments shall not adopt rules and regulations that reduce full compliance with applicable local, state or federal laws or the policies and procedures of the University.

V. Approval & Review

The President of Illinois State University has approved the Policy on Appropriate use of Information Technology Resources and Systems. This policy will be periodically reviewed by the Information Technology Service Management Council and changes or additions to this policy will be recommended by this Council to the Academic Senate and the President of the University. Information technology resources and systems are changing rapidly both in terms of technology and application, and the University reserves the right to amend this policy at any time. The version posted on the web at www.policy.ilstu.edu/ is the governing policy.

Last Review: December 2011