Chapter5-Planning for Security

Activity5

Draft a simple issue-specific policy, using the format provided in the text, outlining “Fair and Responsible Use of College Computers,” based on the rules and regulations you have been provided in your institution. Does your school have a similar policy? Does it contain all the elements listed in the text?

Policy Statement

This policy has been adopted to outline the acceptable use of all campus computers. Strong adherence to this policy is a must and any student not doing so will be considered to be in violation of campus policy. Violators are subject to disciplinary actions established by administration and the IT department.

User Responsibility

The following guidelines are to be followed by all authorized users accessing university owned computers.

General Computer Usage

As a registered student, you are responsible for the protection of all information and data that you have access to. Whether directly or indirectly. It is also the responsibility of the student to recognize what, if any, of that data or information is sensitive and take the necessary measures to keep it that way.
To help in the protection of all data, sensitive or otherwise choose a user name and password that is easy to remember, but hard for others to guess.
Never under any circumstance share or disclose your username and/or password.
At no time is gaming permitted on campus computers. No exceptions.
Respect all legal protections such as copyright and licenses. Never copy software or use shareware without written permission from the author or an IT administrator.
Log of all workstations or computers when you have completed your task.
In the classroom environment, properly shut down all computers at the end of the period prior to leaving.
Only registered students and faculty are permitted to use campus machines.
Inform an IT administrator if you observe or learn of any suspicious activity.

Internet Use

Access to the Internet is only permitted through the campus firewall, router and content scanning software. Access through any other means is not permitted.
Only authorized personnel is permitted to install modems, software, or any other types of hardware.
Internet users should never visit web sites that are offensive to others, contain sexual content, or are in violation of the law. Remember that you are responsible for anything that you do on the system. The school reserves the right to keep and maintain logs on all Internet usage, as well as, block any web sites that are deemed offensive or in violation of the law.
If you have any doubt about Internet use or content, consult an IT administrator before proceeding.

Electronic Mail

It is the responsibility of the student to maintain his or her own mailboxes; if an email is no longer needed delete it in order to reduce memory usage and storage space.
Do not send excessively large attachments.
Scan all transmissions for viruses.
Refrain from offensive, racist, or lewd language when constructing emails.
Emails should never contain information relating to an extreme political nature, violence, and hatred or illegal activity.
All electronic transmissions are monitored and scanned for viruses, and offensive content.
The school reserves the right to keep and maintain logs on all electronic mail usage.

* Note:

All data, information, hardware and software belongs solely to the school, treat it with respect and keep security in mind at all times.
Your computer, workstation and all logins to the network are monitored regularly.
Logs are audited and maintained regularly.

KennesawState does have a similar policy and contains the elements as described above.