|Administrative Policy 58:
Acceptable Use of IT
Issued: April, 1995
The purpose of this policy is to protect the well-being of students and employees by outlining the acceptable use of information technology resources at UWP. Access to UWP information technology (IT) resources is essential to the mission of the University. Use of IT resources must be consistent with the University’s mission, with its role as a public agency, and with University of Wisconsin System Policy 25-3 on use of IT resources. Access to University IT resources is a privilege granted to students, faculty, staff, and authorized community members which carries with it the responsibility to use the resources for University-related activities and exercising common sense and civility. Regulations that govern personal conduct and use of University facilities also apply to the use of IT resources. Violation of University rules governing responsible use of IT resources may result in loss of access privileges, University disciplinary action and/or criminal prosecution. The appropriate due process and policies will be followed depending upon whether faculty, staff, students, or community members are involved.
Individual campus units may have additional supplemental guidelines that augment but do not relax this policy.
58.02 Prioritization of Resources
Information technology resources include computers, software, storage, e-mail accounts, internet access and similar computing tools. While supporting the general principle of open access, when insufficient resources are available, eligibility for access to IT resources will be determined by the following priorities:
The highest priority will be granted for needs directly related to the requirements of a course of study or a research program.
Other activities not directly stipulated within a course of study or course catalog will be granted the next, lower level of priority.
All other activities.
58.03 Login and Other Authorizations
On-campus and off-campus access to the IT resources will be granted for legitimate academic, research, and support activities. Authorization for use of IT resources is provided to each individual for his or her own use while in the course of employment or study at UWP, or with specific permission. Access will be removed upon termination of the formal affiliation. Refer to the Campus Technology Services (CTS) Web site or knowledgebase for specific grace periods. Continued access and preservation of user’s content after change in affiliation is not guaranteed.
58.04 Securing Credentials
Users must protect the confidentiality of their personal identification codes and passwords and are expected to exercise reasonable care to ensure that their accounts are not used by others.
58.05 Unauthorized Access
Users may not obtain, or attempt to obtain, change, delete, or use passwords, credentials, software, files, accounts, or other privileges, resources, or access that have not been assigned to them. Users are responsible for reporting any observed malicious software, hardware, or unauthorized access to University IT resources to CTS staff or designated representative.
58.06 Access Restrictions
Access to campus network resources may be wholly or partially restricted by the University without prior notice and without the consent of the user when:
required by and consistent with law
when there is reason to believe that violations of policy or law have taken place
when the continued access/use of network resources by an individual significantly affects the integrity, performance, or security of the campus network as a whole
The individual will be notified of the reason and duration of the access restriction as soon as possible. Access will be restored when the situation has been resolved.
These are general university policies; departments or other units may place additional restrictions on the resources that they manage.
58.07 Intellectual Property
Illegal downloading, distribution, copying of materials or other activities that violate intellectual property laws, including copyright, are strictly prohibited. Any software, images, videos, and other content installed or downloaded must be properly licensed from the copyright owner, and any modifications must comply with the terms of the applicable license. Even if content (such as images) is easily available on the Internet that does not necessarily make it legal to download and use. Users must comply with the "fair use" provisions of the United States Copyright Act of 1976. Additional information is available in Copyright Policy 76.
58.08 Malicious Activity
Users may not interfere with another person or entity’s authorized access to IT resources. They may not maliciously access, alter, delete, disrupt, damage, or destroy University IT resources in any way or use those resources to maliciously access, alter, delete, disrupt, damage, or destroy IT resources of another person or entity. Users may not intentionally distribute viruses or other malicious code or install software or hardware that permits unauthorized access or bypass network security strategies. Scanning, probing, or testing of University IT resources that may affect their performance is not allowed without prior approval of CTS or designated representative. Persons may not unreasonably or intentionally damage university IT equipment and other resources.
Users are expected to protect others’ privacy. They may not use IT resources to stalk, harass, threaten, or otherwise cause harm to another individual or entity, or to the activities of others. Users may not forge identities or send anonymous messages. Users should not assume that digital content they create or store via the University’s resources is private unless specifically protected by applicable technologies and regulations.
58.10 Managing IT Resources
The University collects resource utilization statistics including but not limited to network address and application use. It may restrict non-essential uses where resource utilization negatively affects activities critical to the University’s mission. CTS staff and designated representatives will communicate in a timely manner with affected users.
The University may review and potentially release user data in order to:
Meet the requirements of the Wisconsin Public Records Law, or other statutes, laws or regulations
Protect the integrity of the University’s information technology resources, and the rights and other property of the University
Allow system administrators to perform routine maintenance and operations, and respond to emergency situations
Comply with other lawful purposes
IT staff members must respect and ensure the confidentiality and privacy of the data they observe or access during the course of performing their duties.
58.11 Unauthorized Connections
With the exception of common end-user devices such as tablets, laptops and cellular phones, users may not connect devices that have the potential to degrade or disrupt campus network equipment or system performance without prior approval by a CTS technician or designated representative. This includes servers, switches, hubs, wireless access points, and other unapproved devices. Any added devices outside of common end-user devices must be described to and recorded by CTS technician or designated representative.
Users should take reasonable steps to ensure that your desktop or laptop computer system does not create a security risk when connected to the network, including keeping anti-virus software and operating patches up-to-date.
58.12 Commercial, Political, and Non-University Activities
Users may not use UWP IT resources to sell or solicit sales for any goods, services, or contributions unless such use conforms to UWP rules and regulations. They may not use University IT resources to represent the interests of any non-University group or organization unless authorized by the Chancellor or designee. Users may not use these resources to support the nomination of any person for political office or to influence a vote in any election or referendum.
Incidental personal use is tolerated. The University reserves the right to restrict personal use of its resources and services.
58.13 State and Federal Laws
UWP IT users will follow appropriate Federal, State, and UWP laws and regulations.
58.14 Policy Review
The Chief Information Officer (CIO) will coordinate an annual review of the policy. Members of the campus community can forward to the CIO suggested changes for review by February 1. Recommendations for changes will be provided by the CIO to the Chancellor’s Cabinet for approval no later than March 1st.