General University Policies Manual
Oregon State University supports an environment of learning and sharing of information through the acquisition and maintenance of computers, computer systems, networks, and associated computing resources and infrastructure. University computing resources are intended to support the University's missions, administrative operations and activities, student and campus life activities, and the free exchange of ideas and information between the University and the greater community in which it operates locally, nationally, and internationally.
Computing resources and facilities of Oregon State University are the property of the University and shall be used for legitimate University instructional, research, administrative, public service, and approved contract purposes. Personal use of computing resources may be permitted if it does not interfere with the University's or the employee's ability to carry out University business, and does not violate the terms of this policy. The use of University computing resources is subject to the generally accepted tenets of legal and ethical behavior within the University community. The computing resources system shall not be used for material or activities that reasonably could be considered harassing, obscene, or threatening by the recipient or another viewer.
This policy applies to all users of university computing resources, whether affiliated with the University or not, and to all use of those resources, whether on campus or from remote locations. Additional policies may apply to computing resources provided or operated by individual units of the University or to uses within specific units.
- All users of University computing resources must: Comply with all federal, state and other applicable laws; all generally applicable Board of Higher Education and University rules and policies; and all applicable contracts and licenses. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.
- Use only those computing resources that they are authorized to use and use them only in the manner and to the extent authorized. Accounts and passwords may not, under any circumstances, be shared with or used by persons other than the individual(s) to whom they have been assigned by the University.
- Refrain from unauthorized attempts to circumvent the security mechanisms of any University system.
- Refrain from attempts to degrade system performance or capability, or attempts to damage systems, software or intellectual property of others.
- Refrain from using University computing resources for commercial purposes, except as specifically authorized by the University in written approval of a request for approval of outside employment. Any such approval shall include full detail of the employee's financial obligation and the charge for such use, if any.
- When using University computing resources to access non-University resources, observe the acceptable use policies of those non-University organizations.
- Refrain from unauthorized viewing or use of another person's computer files, programs, accounts, and data.
- Refrain from sharing a password or using another person's password. All such activity is strictly prohibited. Access to such information does not imply permission to view or use it. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before proceeding.
- Refrain from using electronic mail systems for "broadcasting" of unsolicited mail or for any purpose prohibited by state or federal laws. Broadcast email is defined in "Guidelines for Release of Email Addresses," available at http://oregonstate.edu/registrar/guidelines-release-e-mail-addresses
- Abide by federal copyright laws when using University computing resources for the use of or the copying of copyrighted material. The unauthorized publishing or use of copyrighted material on a University server is prohibited and users are personally liable for the consequences of such unauthorized use.
- Abide by his/her supervisor's direction regarding personal use of University computing resources.
Users should be aware that their uses of University computing resources are not completely private. It is the policy of the University not to monitor individual usage of computing resources, unless there is a legitimate business reason to do so.
However, the University reserves the right to monitor and record the usage of all computing resources as necessary to evaluate and maintain system efficiency, and may further monitor and record the usage of individuals, including the disclosure of individual files:
- if it has reason to believe that activities are taking place contrary to this policy, or to Oregon University System policy, or state or federal law or policy
- to respond to an administrative court or judicial court order
- to respond to a request for discovery in the course of litigation
- to respond to a public record request for files which are deemed public records under public records laws
- for a legitimate business reason
The University may use information gained in this manner in disciplinary or criminal proceedings. In addition, state or federal law may require disclosure of individual computer files that are deemed public records under public records laws. Communications made by means of University computing resources are also generally subject to Oregon's Public Records law to the same extent as they would be if made on paper.
Users who violate this policy may be denied access to University computing resources and may be subject to disciplinary actions and/or criminal and civil penalties. Violations will normally be handled through the University disciplinary procedures applicable to the relevant user and may include referring suspected violations of applicable law to appropriate law enforcement agencies. However, the University may immediately suspend or block access to an account, prior to the initiation or completion of such procedures, when it appears necessary to do so in order to protect the integrity, security or functionality of University or other computing resources or to protect the University from liability.
This policy is the University's complete acceptable use policy and replaces the Department of Administrative Services Statewide IT Policy 1.3, Acceptable Use of Information Related Technology.