ECSU Policy on Computer Use
Section A - Rules and Regulations
- Availability and use of computer resources is restricted to actively enrolled students, current employees, and emeritus faculty and staff of Eastern Connecticut state University. Use of computer resources is a privilege, not a right. Therefore access to computer resources may be immediately disabled, suspended or revoked if abused.
- Computer accounts are not to be shared with other users; when evidence of account sharing is found, all parties involved will be considered to be in violation of this policy.
- Users are responsible for the security of their own account and password. Consequently, account owners are responsible for actions taken from their account by any person, whether or not the action was taken with the owner's knowledge or permission. Actions that violate these policies can result in immediate disabling, suspension, and/or revocation of the account owner's privileges.
- All computer resources and facilities of Eastern Connecticut state University shall be used solely for legitimate and authorized academic, instructional,research, administrative and public service purposes.
- Any unauthorized or illegitimate use of computer accounts, resources or facilities will subject the violators to appropriate disciplinary, criminal and/or legal action by the University and/or the State. This includes any type of physical abuse to hardware, software, data, or facilities, as well as the deliberate violation of any of the policies described in this document.
- Any person who has been authorized to use the computing resources shall be expected to regard all copyrighted personal or proprietary information which may thereby become available to him/her as confidential, unless he/she obtains from the owner written permission to copy, modify, or otherwise use any part of it. Any software for which the the University or the state has obtained a license, will be used in accordance with the terms of the license.
- Each user's programs and data are considered his/her private property.Users shall therefore not attempt to access, copy, modify, replace, delete or otherwise make use of any other user's account or its contents. Users also shall not harass or annoy other users, nor subject other users to obscene or offensive language through the campus network.
- Users shall not attempt to copy, modify, replace, delete or gain unauthorized access to any software component or data file that is part of, or is used by, the computer operating system and/or other computer management programs.
- The Data Center reserves the right to access user data and programs for appropriate management purposes, such as performing backups, and to ensure system integrity and security, subject to the limitations of Connecticut General Statutes.
- Users must not attempt unauthorized modification or repair of any equipment owned or controlled by the University. No equipment will be connected to or disconnected from the network without prior, written permission from the Data Center.
- Computer resources shall not be used for non-academic work without the written permission of the appropriate authorities. Non-academic work includes,but is not limited to: personal record-keeping, game-playing that is not assigned class work, and any task related to the management of a private business.
- The University and its authorized personnel reserve the right to perform computer resource management functions, which include but are not limited to: setting priorities on the use of University computer facilities, establishing expiration dates for user files and accounts. and limiting or denying access to computer resources when system maintenance or repairs are required,or when environmental conditions present & risk to users or equipment.
- User programs and data are considered his/her private property, and therefore are his/her responsibility. While efforts are made to ensure that reasonable security and backup procedures are carried out, the University and its personnel shall not be held liable for damage to, theft of, or loss of, user programs and data by means of procedural error, equipment malfunction, vandalism, or natural or man--made disaster.
Section B - Consequences of Policy Abuse
- The Data Center reserves the right to immediately disable any account in possession of programs, procedures or other information that presents a security threat to the system, network and/or other users. Examples include,but are not limited to any program or procedure that is designed to: obtain other users' passwords; obtain access to restricted programs, systems or data; modify restricted programs, systems or data; obtain system privileges beyond those initially granted to the user account by authorized Data Center or University staff; deceive system management personnel or inhibit system management efforts.
Use of the system to harass other users, transmit obscene or offensive language, or otherwise threaten system users or resources shall be cause for immediate disabling of the account. Possession of unauthorized information,such as confidential student, personnel or financial data will also because for immediate disabling of the account. When a student account is disabled by the Data Center, the account will remain disabled until the situation is investigated and appropriately resolved. If the investigation results in charges being filed against the account owner, the account will remain disabled until a final disposition is determined through the campus judicial process. Punishable offenses, sanctions and the judicial process are described in the ECSU student Handbook under 'Connecticut State University offenses and Maximum Sanctions - Proscribed conduct " and "The Connecticut State University Guidelines for student Rights and Responsibilities and Judicial Procedures. "
University employees are expected to comply with university policies and regulations. when such is not the case, the university may take action through the disciplinary process of the appropriate collective bargaining agreement. Criminal charges may also be filed by Eastern Is University Police under state and/or federal computer crime laws. For example, Connecticut law states:
"A person is guilty of the crime of unauthorized access to a computer system when, knowing that he is not authorized to do so, he accesses or causes to be accessed any computer system without authorization. "
[Connecticut General Statutes, Sec. 53a-2511]
"A person is guilty of an attempt to commit a crime if ... he [is in] possession of materials to be employed in the commission of the crime,which are specially designed for such unlawful use or which can serve no lawful purpose of the actor under the circumstances
[Connecticut General Statutes, Sec. 53a-491]
"A person is guilty of conspiracy when, with intent that conduct constituting a crime be performed, he agrees with one or more persons to engage in or cause the performance of such conduct, and any one of them commits an overt act in pursuance of such conspiracy. I
[Connecticut General Statutes, Sec. 53a-481]