 |
 |
|
|
|
|
 |
| |
Guidelines for use of IT resources |
||
|
What responsibilities do I bear…for use of the information technology resources and Internet access? You are responsible for knowing the regulations and policies of the University that apply to appropriate use of the University technologies and resources. You are responsible for exercising good judgment in use of the University's technological and information resources. As a representative of the Princeton University community, you are expected to respect the University's good name in your electronic dealings with those both within and outside the University. As stated in RRR, "No individual or organization of the University may use the name Princeton University or a name that suggests Princeton University, or the name of any Princeton University organization, except to the extent such individual or organization has been officially recognized by the proper University authorities or as permitted under trademark law." Deliberate misuse of the name of the University by any member of the University community will be regarded as a serious offense. If you administer a server or allow accounts or access for others, whether members of the University community or people outside Princeton University on a system you own or control, you are responsible for protecting the University's property, license agreements, and good name from damage by others to whom you might provide access. You also are responsible for assuring that no copyrighted material (including music, film or television, podcasts, computer games, and software) is published on, or distributed from, that system without permission of the copyright holder. If you cannot accept such responsibility, you ought not be providing access for others. You are responsible for assuring that a strong root or administrative password is in place; for installing and maintaining appropriate anti-virus and firewall protections; for being aware of known vulnerabilities and for ensuring that the system you own or administer is not used by outsiders to relay commercial or other unsolicited mass e-mailings ("spam"); and, in general, for securing the system and its services against use by viruses, worms, or outsiders for attacks on other systems within, and outside, the Princeton University domain, or for other hostile or abusive purpose. If you are responsible for any web-based application, you must ensure that it cannot be used by anyone to relay unsolicited e-mail or spam to others. You also must ensure that the application cannot be used by others to compromise the application itself or the server on which the application resides. Applications provided through WebLamp or similar services will be scanned for vulnerabilities before being made operational, and any vulnerabilities should be addressed. If serious vulnerabilities in such an application are observed after initial implementation, the application must be removed until the vulnerabilities have been remedied. If, because of your status as a member of the University’s student body, faculty or staff, whether active or on leave, or as an affiliate, departmental computer user, or authorized visitor, the University has provided you with a computer account that provides access to the University’s computer systems, networks, voice mail services or other technological facilities, you are accountable to the University for all actions that are performed by anyone who uses that account. Therefore, you are expected to take reasonable measures to prevent your accounts from being used by others. Since passwords are a primary method of protecting University systems against unauthorized use, you, as a University-provided account holder, are expected to change any pre-assigned default password at the first possible opportunity, to select strong passwords that are difficult to guess, and to safeguard them from casual observation or capture. Thereafter, it is strongly recommended that passwords be changed at least once a year (ideally more often). Intentional sharing of such passwords with associates, friends, or family is prohibited, unless required by the terms of University employment. If there are alternate and practical ways to share work-related information readily and securely, these should be used rather than one University employee’s being given the password of another. An enhanced security profile (ESP) is a primary method of protecting access to some University services and data. As an account-holder, you are expected to protect the answers to your ESP security questions as you would your password. The privilege of using University equipment, wiring, wireless access, computer and network systems and servers, broadcast media, and access to global communications and information resources is provided by the University and may not be transferred or extended by members of the campus community to people or groups outside the University, without authorization. This includes providing network service to others through your own University network connection. Network service to residential units leased by the University may be extended to sublessors only when University Housing has approved the sublease. Information in Princeton University's on-line campus directory is provided solely for use by members of the Princeton University community and by others who wish to reach a specific individual or resource at the University. Use of the information for solicitation by mail, e-mail, telephone, or other means, or for creation of a database for such use or for other purposes, is prohibited. Any member of the University community who misuses the data in such a way may be subject to disciplinary action. Employees of the University should understand that electronic information is governed by the same laws and regulations as are paper documents, including statutes protecting the privacy of student records, medical information, and personally identifiable information. Employees are expected to apply to electronic information the same record retention practices applied to paper documents. Previous Section  |
||
© 2009 by the Trustees of Princeton University. Last modified
9/9/09
|
||
