AdminWeb

University Computing Resources: Acceptable Use Policy

PURPOSE

Mount Royal University encourages the use of computing and network resources to enhance the learning, teaching and working environment of the Mount Royal community. However, access to the computing and network environment at Mount Royal is to be used in effective, ethical and lawful ways that support the values of the institution. This Policy should be read in conjunction with the following policies: Policy 845-1 Fraud, Policy 845-2 Safe Disclosure, Policy 1702 Human Rights and, Policy 1073 Offensive/Discriminatory Materials.

AUTHORITY

The Board of Governors of Mount Royal University has authority over this Policy. Administration of this Policy and the associated procedures are delegated to the Mount Royal's Senior Executive Officers.

APPLICATION

This Policy and related procedures applies to all individuals employed by Mount Royal, all students of Mount Royal and all visitors and community users who use Mount Royal's computer resources and services.

This institution-wide policy applies to the use of computers, data networks and the resources these technologies make available in support of the Mount Royal's activities. It applies to any devices and/or computers owned by Mount Royal, as well as, those owned by users who have been authorized to install or connect personal equipment either on the premises or to the network.

Mount Royal computer resources are defined to include but are not limited to such devices as desktop computers, laptop/tablet computers, monitors, hard drives, disk space, printers, scanners, network devices, Personal Digital Assistant devices (PDAs), network routers, network bridges, network switches, servers, access to the Internet and other networks provided by the University including wireless, computer labs, software acquired by Mount Royal and relevant data. This section is also extended to include any computer system or resource that is owned or managed by Mount Royal regardless of its location.

PRINCIPLES

The following principles are the basis of managing Mount Royal's computer resources in an ethical and effective manner. These principles shall guide all employees, students and visitors in achieving fair, reasonable and current practices for proper use of computer resources.

  1. Mount Royal will endeavor to create an atmosphere that balances respect for individual computer usage and institutional computing needs while maintaining the ethical and community standards of Mount Royal.
  2. Mount Royal will endeavor to create an environment whereby the institution's computer resources are considered to be reliable, secure and efficient.
  3. All Mount Royal computer resources shall be used primarily for work-related activities (i.e. educational, academic research and administration purposes) and as such using the institution's computer resources and access to the Internet for incidental personal purposes shall be minimized.

GUIDELINES FOR THE USE OF UNIVERSITY COMPUTING RESOURCES

  1. Individuals using Mount Royal-owned computer resources are expected to comply with provincial and federal laws and relevant Mount Royal policies and procedures. Users should note that some of the material used at Mount Royal is copyrighted, protected by intellectual property law and/or license agreements. Users should undertake reasonable efforts to ensure that they do not violate the various laws, policies, procedures and license agreements.
  2. Users of Mount Royal computing and network resources are responsible and accountable for their actions and statements in the electronic working and learning environment, according to the disciplinary processes of Mount Royal contained in both policy documents and the various Collective Agreements.
  3. Users are expected to use reasonable restraint in consumption of these valuable shared resources, and to use them in ways that do not interfere with the study, work or working environment of other users.
  4. Any data stored by or transmitted to members of the Mount Royal community is confidential and will not be accessed by Mount Royal without cause and due process. In any circumstances of alleged or suspected impropriety, formal procedures permit persons responsible for computers or networks to examine directories, files, email or other electronic records that are relevant to the investigation of the allegation or suspicion.
  5. Users accessing external networks such as accessing the Internet or SuperNet through Mount Royal computing and network resources are bound by both their policies and Mount Royal's policies. Users should be aware that the more restrictive of the policies will apply.
  6. Anyone who observes actual or apparent use by employees which appears to violate this policy or other Information Technology Services policies will report it to the Chief Information Officer, Information Technology Services or his/her designate who in turn will report it to the Associate Vice-President of Human Resources so that appropriate action may be considered.
  7. Anyone who observes actual or apparent use by students which appears to violate this policy or other Information Technology Services policies will report it to the Chief Information Officer, Information Technology Services or his/her designate who in turn will report it to the Provost and Vice-President, Academic so that appropriate action may be considered.
  8. Anyone who observes actual or apparent use by a visitor which appears to violate this Acceptable Use Policy (POL 1050-1) or other Information Technology Services policies should report it to the nearest Mount Royal employee or supervisor who in turn will report it to the Chief Information Officer, Information Technology Services or his/her designate so that appropriate action may be considered.

SUPPORT

Mount Royal's Information Technology Services Department is available to assist, advise and consult with users on the proper use of institutional computer resources and interpretation of this Policy. If there are any questions or uncertainty about this Policy, users are encouraged to contact the Chief Information Officer, Information Technology Services Department or his/her designate for clarification.

UNACCEPTABLE USES

Below are a number of examples of unacceptable uses of Mount Royal computing resources. The list is not comprehensive but serves to guide users of the types of activities that are not permitted.

  1. Unauthorized access (e.g., hacking, phishing* or pharming**): This may include using unauthorized user names, passwords, computer addresses or identities or modifying assigned network settings to gain access to computer resources and/or data, or otherwise attempting to evade, disable or "crack" security provisions of Mount Royal or external systems. The Criminal Code of Canada has two related sections: Section 342.1 - Unauthorized use of computer and Section 342.2 - Possession of device to obtain computer service.(http://www.canlii.org)

    * Phishing is the act of tricking someone into giving them confidential information or tricking them into doing something that they normally wouldn't do or shouldn't do. For example: sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

    ** Pharming involves Trojan programs, worms, or other virus technologies that attack the Internet browser address bar and is much more sophisticated than phishing. When users type in a valid URL they are redirected to the criminals' websites instead of the intended valid website.

  2. Unauthorized Distribution and Disclosure of Information: Every effort must be made to prevent the unauthorized disclosure and distribution of information that is the property of Mount Royal.
  3. Vandalism of Data: Deliberate alteration or destruction of computer files is a Criminal Code offence (Section 430.1). Under no circumstance may a user inspect, alter, delete, publish or otherwise tamper with files or file structures that the individual is not authorized to access. The Freedom of Information and Protection of Privacy Act (FOIP) also deals with deliberate destruction of data (refer to Policy 1005: Information Management) for further information.
  4. Deliberate Interference with Other Users' Work: This includes use of any process that causes other users to be deprived of services or resources that they would normally expect to have available. It covers but is not limited to the creation of "SPAM" (excessive email distribution), downloading or electronic transferring of excessively large resources and/or the deliberate introduction of viruses or electronic chain letters.
  5. Sharing of Account: Mount Royal's computing resources are allocated to groups and individuals for specific educational, academic research, and administrative purposes. It is not acceptable to give, sell, or otherwise provide computing resources to other individuals or groups that do not have explicit permission to use them. Users are not to share computer accounts without getting permission from Mount Royal administration and/or the Information Technology Services Department.
  6. Commercial Uses: Use of Mount Royal's computer resources for non- institutional related commercial use is not permitted.
  7. Squandering Resources: Resources are shared and no user may deliberately degrade Mount Royal's computer resources by: unwarranted data space, time and bandwidth consumption through resource-intensive programs, excessively large downloads, excessively large electronic transfer of files, unattended network connections and/or lengthy print jobs. As the use of institutional resources change and the technology capabilities change over time – users are encouraged to work with the Information Technology Services Department in defining appropriate and efficient uses of computer resources. Notwithstanding, in the interest of providing technology enabled services to the Mount Royal community as a whole, Mount Royal's Senior Executives reserve the right to terminate, temporarily, access privileges to one or more individuals whose activities when using Mount Royal computer resources severely impacts services to others.
  8. Personal Uses: Mount Royal's computer resources are to be used primarily for institutional purposes (i.e., educational, academic research and administrative). All users have the responsibility to ensure that incidental personal use of Mount Royal computer resources is minimized and does not interfere with the normal course of their work. Use of a computer workstation for activities which may bring viruses or spy ware into your computer and the Mount Royal network is not permitted. Examples of websites which may attract viruses and spy ware are on-line gaming sites, gambling sites and pornographic sites. Mount Royal computer resources are not provided for the playing of games, viewing pornography, illegal file sharing, nor for commercial purposes (i.e., operating a business). Such uses can cause increased risk of compromises to the Mount Royal network environment, increased SPAM, excessive demand on network resources and causes unnecessary additional work for IT Services staff.
  9. Remote Access: Use of Mount Royal's computer systems or networks that are used remotely from off-campus is permissible so long as the usage does not compromise or violate either the network, computer, or data security and/or the ethical principles set forth by Mount Royal.
  10. Breach of Copyright: This includes installing, reproducing and/or distributing copyrighted materials such as proprietary software, publications or files without permission. Mount Royal software is provided under license agreements with various vendors and may not be copied or otherwise removed. Third party copyrighted information or software that the users do not have specific approval to store and/or use, must not be stored on Mount Royal systems or networks.
  11. Offensive Material: Materials not subject to legal sanction may be objectionable or extremely offensive to persons other than the computer user. Importation or distribution of such material (including, but not limited to racist material, hate literature, sexist slurs or sexually explicit material) is permitted for academic or research purposes as long as it complies with Mount Royal's Offensive/Discriminatory Materials Policy. In some cases it is recommended that prior consultation with an Instructor, Chair, Dean or Director of a Department be obtained to ensure that Mount Royal's community and ethical standards are maintained. If required, consultation with the Information Technology Services Department or Library Services is available in order to facilitate the above activities.
  12. Hostile Atmosphere: The display of sexually explicit or violent images in public spaces and/or the initiation of unsolicited communication with sexual content contravene Mount Royal's Human Rights Policy. In some cases where a presentation requires the display of potentially disturbing images, it is recommended that prior consultation with the appropriate Instructor, Chair, Dean or Director of a Department be obtained to ensure that Mount Royal's community and ethical standards are maintained. If required, consultation with the Information Technology Services Department or Library Services is available in order to facilitate the above activities
  13. Harassment: Harassing or defamatory material may not be sent by electronic means, including email and voice mail, or posted to news groups. The Criminal Code of Canada outlines the offense and punishments for Criminal Harassment in Section 264(1) C.C. (http://www.canlii.org)
  14. Security Software: Users are not permitted to remove or disable any security software installed by IT Services from workstations connected to the Mount Royal network. This includes, (but is not limited to), anti-virus software, workstation management software, and agent components thereof.
  15. Software Installation: All software installed on Mount Royal-owned computers, including laptops, must be properly licensed to Mount Royal. Users are typically not permitted to install software on any Mount Royal-owned computer. Exceptions to this rule can be made for those users who clearly understand the implications of installing software on Mount Royal-owned computers. These users will be required to sign an agreement outlining their responsibilities. Users are encouraged to work with the Bookstore on the acquisition of software and Information Technology Services on the installation of any software required to do their work for Mount Royal. (Each installation of unlicensed software on Mount Royal computers which has not been properly licensed to the institution could result in a $50,000 fine by the Canadian Alliance Against Software Theft (CAAST)).
  16. Home Computers: Users of Mount Royal-owned computers which are used at home must still abide by this Policy. Proper and safe computing practices are encouraged. Users are responsible for the use, content and maintenance of this equipment and software. Any software installation on home computers which are the property of Mount Royal must be properly licensed to either Mount Royal or to the user. Information Technology Services is not responsible for the ongoing maintenance of this equipment.

DISCIPLINE, JURISDICTION AND PENALTIES

Preamble
If Mount Royal learns that offensive material is being distributed or there is an inappropriate use of Mount Royal computer resources, Mount Royal may take disciplinary action. The Information Technology Services Department will investigate properly identified allegations/suspicions to ensure compliance with applicable federal and provincial laws and with institutional policies and procedures and report all such incidents by employees to the Associate Vice-President, Human Resources or such incidents by students to the Provost and Vice-President, Academic.

Disciplinary action

Misuse of Mount Royal's computing and network resources may result in disciplinary action by the institution.

a) EMPLOYEES INCLUDING CONTRACT EMPLOYEES AND 3rd PARTY CONSULTANTS

The Department of Human Resources will work with Information Technology Services to determine the extent and nature of the misuse and then the Department of Human Resources will work with the individual's administrative supervisor and appropriate Division Head to determine the appropriate level of disciplinary action, which may include termination. Any perceived violations of the law will be reported to the appropriate law enforcement authorities. Any employee discipline will occur in a manner that is consistent with the appropriate Collective Agreement and policy for employees who are members of the MRSSA or MRFA. Other employees will be disciplined in accordance with Policy 960-4. Access privileges may be revoked immediately and long term outcomes may include temporary or permanent loss of access privileges dependent upon the nature and extent of the misuse.

(b) STUDENTS

The Provost and Vice-President, Academic will work with Information Technology Services to determine the extent and nature of the misuse and then the Provost and Vice-President, Academic will work with the Office of Student Conduct and the Dean from the student's academic Faculty to determine the appropriate level of disciplinary action. Any perceived violations of the law will result in immediate loss of privileges and will be reported to the appropriate Mount Royal executives and law enforcement authorities. Lesser violations by students will be dealt with under the Code of Student Conduct and the Appeals, Complaints and Discipline Policy (non-academic misconduct policy). Failure to comply with these guidelines can result in a student losing their access and privileges to using Mount Royal computer resources and may result in expulsion from Mount Royal.

(c) COMMUNITY USERS (e.g., Visitors, Retirees, Volunteers, Guests, etc)

The Provost and Vice-President, Academic and/or Vice-President, Administrative Services will work with Information Technology Services to determine the extent and nature of the misuse and then the assigned Vice-President will work with Information Technology Services and Security Services to determine the appropriate level of action. Any perceived violations of the law will result in immediate loss of privileges and will be reported to the appropriate law enforcement authorities. Failure to comply with these guidelines can result in a community user losing their access and privileges to using Mount Royal computer resources and may include expulsion from Mount Royal.

APPENDIX A:

STUDENT GUIDELINES

The following protocols, rules and regulations are implemented as the result of a request that students have equal and secured access to the computing equipment, software programs, accessories and working space:

  1. At the start of each session on a computer, students must log on properly and subsequently log off. At the end of the day or week students should turn the computer off.
  2. The computer equipment will be treated with respect; any accident and/or damage must be reported to the lab monitor or Information Technology Services department immediately to ensure additional damage does not occur. Students may be held accountable for the repair or replacement costs for damaged or lost equipment.
  3. Absolutely no food of any type will be allowed in the computer labs unless it is secured in a storage receptacle (i.e. backpack). All drinks must be contained in cups with attached lids. Getting food and spills from drinks onto keyboards and computers causes expensive damage to the equipment.
  4. When leaving the computer lab, users will clean up the area they have used, including the printer area; any paper/test sheets or printed material must be removed or discarded in the bins provided.
  5. Only registered students, authorized users, faculty or Mount Royal employees are permitted in the computer labs to use Mount Royal computer resources. No guests are permitted to use the equipment.
  6. Any student, who breaches the security system in any manner, including lending their access security card to others, may have their privilege to use Mount Royal's computer resources revoked.
  7. Students may leave a computer on and unattended for no more than 15 minutes: if a computer is left on unattended for more than this allotted time, other students will have the right to clear the material and use the computer.
  8. The computer may be shut down if unattended for more than 15 minutes by faculty, staff or designated computer lab monitors.
  9. Users must not intentionally introduce viruses into Mount Royal computer systems.
  10. It is the responsibility of each user to ensure that all transitory storage diskettes such as floppy diskettes or zip drives are free of any and all viruses before they are used with Mount Royal computer systems.
  11. Students will be liable for any and all intentional damage caused to the computer systems, networks and/or data.
  12. Students are encouraged to always practice safe computing and make sure they have a back up of all their important data files at all times.