I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
1. Introduction

1.1. Scope

The Information Technology Acceptable Use Policy applies to anyone who has access (“User”) to Robert Morris University (“RMU”) computing and communications resources (“Systems”).

1.2. Purpose

This policy defines acceptable uses for the Systems at RMU.

2. Violations

Violations should be reported to your Manager, the Director of Information Security, or to the Information Technology Help Desk .Violation of this policy will result in disciplinary action up to and including termination of employment or expulsion from the University.

3. General

3.1. Follow all RMU policies, even as they change and are supplemented over time.

3.1.1. Additional policies regarding specific Information Technology issues may be created and/or modified and must be followed to adhere to the Information Technology Acceptable Use Policy.

3.2. Adhere to software licensing agreements and copyright laws.

3.3. Automatic updates may not be disabled.

3.4. Local Firewalls may not be disabled.

3.5. Use virus protection software and do not bypass or disable it.

3.6. Back up your data kept on your local drives. Network drives are backed up daily by Information Technology.

3.7. Do not alter RMU-supplied computer hardware or software.

3.8. Do not initiate or propagate viruses, worms, or any destructive programs.

3.9. Do not share credentials, passwords, or logon sessions

3.10. Respect the rights, granted privileges, and rightful activities of other Users.

4. E-mail

4.1. Use e-mail for purposes consistent with your role at the University.

Page 1 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
4.2. Students must comply with Google’s terms of service found here: http://www.google.com/accounts/TOS

4.3. Prohibited Uses include

4.3.1. Creating or distributing any disruptive or offensive messages, including comments about race, gender, appearance, disabilities, age, sexual orientation, religious beliefs and practice, political beliefs, or national origin.

4.3.2. Distributing pornography.

4.3.3. Sending messages that libel, harass, or threaten other individuals.

4.3.4. Using another user’s account, or forging of email header information.

4.3.5. Entrepreneurial activities, including operating a business, selling, advertising, trading or conducting any commerce not directly related to one’s role at the University.

4.4. Email sent through the Internet may only be sent through the RMU email system.

5. Anti-virus and anti-malware

5.1. Resident students get free anti-virus software (www.rmu.edu/sophos) and acknowledge upon registering their computing equipment that they will maintain active anti-virus software.

5.2. Resident students must have either Sophos or other anti-virus software installed and must be automatically kept up-to-date with current virus signatures. Automatic updates may not be disabled.

5.3. All RMU-owned PCs must have Sophos installed and must be automatically kept up-to-date with current virus signatures. Automatic updates may not be disabled.

5.3.1. Users are responsible for alerting the Help Desk immediately if:

5.3.1.1. A virus is suspected

5.3.1.2. Antivirus software is reporting it is out of date or disabled

5.4. All RMU-owned servers must have anti-virus installed and must be automatically kept up-to-date with current virus signatures.

5.5. Employees get free anti-virus software for home use (www.rmu.edu/sophos). Anyone remotely connecting, emailing attachments, or conducting any other university business must maintain active anti-virus software.

5.6. Best practices to avoid malware infections
Page 2 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
5.6.1. Never open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Delete these attachments immediately, then “double delete” them by emptying your Trash.

5.6.2. Delete spam, chain, and other junk email without forwarding.

5.6.3. Never download files from unknown or suspicious sources.

5.6.4. Never follow links contained in emails from an unknown source.

5.6.5. Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so.

5.6.6. Always scan removable media from an unknown source for viruses before using it.

5.6.7. Back-up critical data and system configurations on a regular basis and store the data in a safe place.

6. Internet

6.1. Students may connect hubs, switches, and gaming devices to the network. None of these devices or connections will be supported by RMU.

6.2. Where RMU wireless access is provided, you may not operate your own wireless system.

6.3. Prohibited Activities, including but not limited to

6.3.1. Any activity that is in violation of any local, state, federal or international law

6.3.2. Posting obscene material

6.3.3. Violating copyright laws or other intellectual property rights

6.3.4. Distributing, viewing, or saving pornography or other obscene material on any RMU system or network

6.3.5. Using RMU computing resources for pyramid or other solicitation schemes

6.3.6. Impersonating any person or entity or forging anyone else’s digital or manual signature

6.3.7. Sending bulk or commercial messages without the approval of your Senior Vice President

6.3.8. Forging, altering or removing electronic headers

6.3.9. Sending very large messages or files to a recipient with the intent to disrupt a server or account

Page 3 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
6.3.10. Engaging in activity to restrict, inhibit, or degrade any other user’s use of the network

6.3.11. Reselling or distributing your network access or software licenses to any third party

6.3.12. Interfering with University-owned wired or wireless equipment

6.3.13. Modifying or extending the wiring and/or data jacks on campus

6.3.14. Using RMU computing resources for commercial purposes

7. Passwords

7.1. Do not disclose your password(s) to anyone. University personnel will never request your password(s).

7.2. Change passwords a minimum of every 60 days, even on systems that cannot automatically force the password change.

7.3. Follow password composition rules on all Systems:

7.3.1. Passwords must be a minimum of 7 characters.

7.3.2. Passwords must contain a combination of alphabetic, numeric, and alphanumeric characters. (Examples of alphanumeric characters are $#@^%&(*)

7.3.3. Avoid simple variants of names or words (even foreign words), simple patterns (AbCd, 1234, xyza, etc.) famous equations (E=MC2, pi=3.14159, etc.), or well-known values(zip codes, birthdays, phone numbers, etc).

7.3.4. Passwords history must be enforced for a minimum of the previous 3 passwords.

7.4. Do not write down your password or send any password via e-mail or instant messaging.

7.5. Avoid using the “Remember Password” feature in applications.

7.6. If you suspect your account or password has been compromised change the password and notify the Help Desk at x2211 immediately.

8. Access

8.1. Keep your login information confidential. Access is granted to an individual and may not be transferred to or shared with another User.

8.2. Utilize inactivity timeouts to lock and password protect your PC after 10 minutes of inactivity. Depending on the confidentiality of your data, you may want or be required to shorten this time. IT can advise upon request.
Page 4 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
8.3. Access only Systems for which you have been granted a login ID and password.

8.4. Protect any information retrieved from a password-protected source with an equivalent level of privacy and security, e.g., data saved to a local drive from a query or report data printed on paper must carry the same level of protection as the source data.

8.5. If you have access to a secured Information Technology location, do not admit someone into that location without permission from Information Technology. Contact the Help Desk at x2211 or [email protected] permission.

8.6. Do not engage in any activity that could disrupt any system.

9. Data Privacy

9.1. All data, including e-mail, is owned by RMU and may be viewed by an RMU system administrator upon request by a Senior Vice President, the Vice President Human Resources or the Chief Student Life Officer & Dean of Students.

9.2. Email address book information is the property of Robert Morris University and may not be shared with any external entity.

9.3. Student Records

9.3.1. Student records are confidential and are protected under the Family Educational Rights and Privacy Act of 1974 (FERPA). Under FERPA, authorized users may access this information only in the legitimate educational interest of the student. All information must be kept confidential. Sharing account names and passwords to administrative databases, applications, and systems is prohibited.

9.3.2. Requests for access to student records must be submitted to and approved by the owner of the data prior to access being granted. Access will be reviewed annually.

9.4. Financial data privacy is governed by the Graham-Leach-Bliley Act. All RMU Financial information must adhere to these requirements.

9.5. Social Security Numbers

9.5.1. Unless required by law, or with permission of a Senior Vice President, social security numbers are not to be collected, requested, transmitted via e-mail, used or stored. If approved this information must be encrypted when transmitted or stored on computer systems.

9.5.2. All non-name references to students must be by RMU Student ID Number or computer account name and all non-name employee references must be by RMU Employee ID Number or computer account name.

9.6. Software Licenses

Page 5 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
9.6.1. Licenses are owned and maintained by RMU IT

9.6.1.1. Licenses may never be used or distributed without written consent from the contract owner

10. Support Services

10.1. IT Help Desk

The Information Technology Help Desk serves as a central point of contact for the Robert Morris University community for providing technical support services.

10.1.1. Hardware – Hardware issues encompass installation, maintenance, upgrades, and connectivity.

10.1.1.1. University owned – The IT Help Desk will fully support University owned, technology-related hardware issues.

10.1.1.2. Personally owned – The IT Help Desk will provide limited support and guidance to resolve hardware issues with personally owned and will refer users to the vendor or manufacturer of the equipment if necessary.

10.1.2. Software

10.1.2.1. University owned – The IT Help Desk will fully support any software problems regarding Robert Morris University purchased and developed software.

10.1.3. Classroom/Lab Management – The IT Help Desk will support technology-related issues in classrooms and Labs.

10.1.4. Network Access – Only RMU equipment purchased through the Help Desk will be eligible for access to the RMU Administrative network. All other equipment will have Internet access and can access RMU applications through supported access methods, e.g. http://it.rmu.edu/vmware-view

10.2. ResNet

ResNet is an outreach of the Help Desk dedicated to resident students and is located in Lexington and Yorktown halls.

10.2.1. ResNet will make best-effort attempts to remediate problems with student computing equipment.

10.2.2. Students requesting help from ResNet must sign a release form before service can be undertaken on their equipment.

10.3. Training
Page 6 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
Training on selected University-developed administrative applications will be provided by Information Technology. See www.rmu.edu/training for more information.

11. Physical Security of Electronic Devices

11.1. Access to RMU servers will be physically secured.

11.2. Lock or logoff your workstation when it’s unattended.

11.3. When restricted and/or sensitive information is retained on media the media must be stored in a secure storage location (locked) or destroyed per DOD 5220.22.

11.4. Laptops left unattended must be secured by a cable lock or kept in a locked container.

11.5. All phones and other portable devices (eg: netbooks, tablets, smartphones, handheld devices) that contain data about RMU or have access to any RMU resource including Email must be passcode protected and must auto lock after 10 minutes.

12. Library Policies

12.1. Intellectual Property

Illegal copying and use of copyrighted material is specifically prohibited. All intellectual works (data, pictures, articles, books, etc.) in the research databases are protected by copyright unless it is explicitly noted otherwise.

12.2. Faculty/Staff

12.2.1. Usage – Library faculty and staff work in compliance with current institutional computer usage policies as defined herein. It is our belief that the use of a computer is no different than the use of any other University provided equipment (i.e., audio/visual, telephone, typewriter, etc.) and as such, Library employees are expected to work in accordance with the usage policies set forth in those documents.

12.2.2. Access/Security – Because of the unique nature of library work, access to proprietary databases and other electronic resources is necessary and requires special treatment. In some cases, special passwords are required to access a variety of applications that are needed to fulfill the Library’s mission. These include but are not limited to: 1) the Voyager database; 2) shared cataloging databases; 3) the OCLC interlibrary loan database; and 4) proprietary informational databases. Access and security are unique to all of these applications.

12.2.3. Resources Needed – While the University furnishes employees with network resources (e.g., e-mail, Sentry Secured Services, etc.) the Library requires additional tools outside of those provided by Robert Morris. The Library, in consultation with the Provost, shall be the sole determiner in deciding which resources are needed by the Department in order to fulfill its mission. Library staff members will work closely with
Page 7 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
members of the University community to ensure that all acquisitions are compatible and compliant with existing institutional computing hardware and software.

12.3. Students

12.3.1. Usage – Students using Library resources, either in-house or via remote access, are subject to all applicable institutional policies.

12.3.2. Printing – Network printing policies for students which are set forth in existing University IT policies apply in the Library environment with the addition of students being able to pay for printing by using the “chip” on their Freedom Cards.

12.3.3. Remote Access – To date, all library databases other than ROBCAT are positioned behind Sentry Secured Services and require passwords for access. Students using Library provided databases are subject to the licensing terms that have been established by individual vendors.

12.3.4. Resources Provided – The Library, in consultation with Academic Administrators and faculty, shall be the determiners in deciding which resources are needed by students in order to fulfill the academic mission and accreditation requirements of the Institution. Library staff members will work closely with members of the University community to ensure that all acquisitions are compatible and compliant with existing institutional computing hardware and software.

13. RMU Owned Computer Hardware and Software Acquisition and Maintenance

13.1. Approvals

13.1.1. Academic – All requests for computer hardware and software must be submitted to the Academic Technology Committee that is chaired by the Associate Vice President, Academic Affairs. The Associate Vice President, Academic Affairs works closely with Information Technology and Business Operations to leverage purchasing agreements and ensure technical compatibility with the Academic computer images. The Academic Technology Committee compiles associated costs, justification for the purchase, and submits the request for final approval.

13.1.2. Non-Academic – All requests for computer hardware and software must be submitted to Information Technology Help Desk after department manager approval. Information Technology ensures technical compatibility with computer images, assists in the compilation of associated costs and helps to build the justification for the purchase. If a purchasing agreement does not exist, Information Technology and Business Operations will identify and qualify preferred suppliers before the request is submitted for final approval.

13.2. Classification of Purchases

Page 8 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
13.2.1. Capital – A purchase is considered a capital purchase if the total amount of the project is over the capital threshold, currently $1000, and the project has a useful life of more than one year. If the purchase qualifies as capital, submission for the purchase, including justification, must be made to the Capital Committee after approval. Submit requests to Financial Planning & Analysis (FP&A) Contact, Revere.

13.2.2. Expense – If your purchase does not meet the criteria above then it is an expense. For items that have not been budgeted, contact your FP&A Contact for assistance.

13.3. PCs and Workstations (User Computers)

13.3.1. Requests for PCs must follow normal approval processes outlined in 9.1 above.

13.3.2. The Help Desk, [email protected] or x2211, is the Information Technology contact for PC purchases. The Help Desk establishes technical standards for desktop and laptop computers, works with Business Operations to negotiate volume purchasing agreements and with your FP&A Contact to establish operating vs. capital leases.

13.3.3. Only standard computers may be purchased. Exceptions are made for special-purpose equipment such as equipment for learning labs. The Help Desk publishes standard configurations at www.rmu.edu/pcstandards. The Help Desk will assist in entering the purchase requisition, will receive the equipment upon delivery and install it.

13.3.4. Special-purpose equipment, i.e., non-standard equipment, will not be imaged or configured by the Help Desk.

13.3.5. Special-purpose equipment, i.e., non-standard equipment, will not be connected to the RMU Administrative network.

13.4. Ownership and Responsibilities

13.4.1. The University retains ownership of equipment purchased by the University.

13.4.2. All servers deployed on Robert Morris University infrastructure must be owned by a university operational group that is responsible for system administration. Approved server configuration guides must be established and maintained by each operational group, based on business needs and approved by Information Technology. Operational groups should monitor configuration compliance and implement an exception policy tailored to their environment.

13.5. Printers and Scanners

13.5.1. Requests for Printers and Scanners must follow normal approval processes outlined in 9.1 above.

13.5.2. Contact the Help Desk, [email protected] or x2211, with your request for a printer or scanner.

Page 9 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
13.5.3. Amcom is the University’s print and scanner supplier. Requests for printers other than standard Amcom equipment will be approved for the following circumstances:

13.5.3.1. The Requestor can substantiate the need for confidentiality.

13.5.3.2. The Requestor is in a location that isn’t economically feasible for Amcom to support with standard copier/printer/scanner equipment.

13.6. Auxiliary Computer Equipment

13.6.1. Auxiliary Computer Equipment includes devices such as mice, USB drives, and pointing devices.

13.6.2. Approval for purchases of Auxiliary Computer Equipment up to $100 may be made at the department level.

13.6.3. Requests over $100 must follow normal approval processes outlined in 9.1 above.

13.6.4. All purchases should be approved equipment and purchased from approved suppliers. Current approved equipment and approved suppliers can be found at www.rmu.edu/pcstandards.

13.6.5. If you require equipment not approved or not offered by an approved supplier, contact the Help Desk, [email protected] or x2211.

13.7. Servers, Network, and Data Center Equipment

13.7.1. Requests for Servers, Network, and Data Center equipment must follow normal approval processes outlined in 9.1 above.

13.7.2. Purchases will be made from approved suppliers. Approved suppliers will be selected by Information Technology and Business Operations.

13.7.3. The Senior Director Technical Services, [email protected], is the Information Technology contact for these purchases.

13.8. Software

13.8.1. Requests for RMU-standard PC software for which RMU has a university-wide license, e.g., Microsoft Office products, may be submitted directly to the Help Desk, [email protected] or x2211. RMU-standard software can be found at www.rmu.edu/pcstandards.

13.8.2. Requests for RMU-standard PC software for which RMU does not have a university-wide license must go through normal department approval procedures and the purchase will be charged to the department’s budget. This category of software can also be found at www.rmu.edu/pcstandards.
Page 10 of 11

I N F O R M A T I O N T E C H N O L O G Y & S E R V I C E S

Robert Morris University

Information Technology Acceptable Use Policy Revision 15 (11/10/2014)
13.8.3. All other requests for software must follow normal approval processes outlined in Section I above. The Help Desk, [email protected] or x2211, is the Information Technology contact for Software purchases.

13.9. Maintenance of Equipment

13.9.1. PCs – Contact the Help Desk, [email protected] or x2211 for service on a PC. The Help Desk will arrange warranty work by scheduling the service with the Requestor. If a PC is not under warranty, costs of repair or replacement are the responsibility of the Requestor. In this case the Help Desk will recommend repair or replacement and will first attempt to repair the computer from the used parts inventory.

13.9.2. Printers and Scanners

13.9.2.1. Amcom is responsible for the maintenance, repair, and replacement of the Amcom-owned equipment. Contact the Amcom Purchasing and Business Center at 412-397-3691 or [email protected].

13.9.2.2. For all other printers, contact the Help Desk, [email protected] or x2211 for assistance. The Help Desk will recommend a course of action based on the age of the printer, the nature of the problem, and the cost of a replacement. All costs are the responsibility of the Requestor.

13.9.3. Auxiliary Computer Equipment – Owners are responsible for the maintenance and support of their auxiliary desktop computer equipment.

13.9.4. Servers, Network, and Data Center Equipment – Information Technology is responsible for securing adequate maintenance contracts on critical equipment in support of disaster plans. A schedule of contracts, service levels, contacts, and phone numbers will be kept in the department for departmental access. Business Operations will participate in selecting appropriate suppliers for these services.

13.9.5. Software – Information Technology is responsible for maintaining university-wide standard software. Requests for on-going maintenance and support of Academic software must be submitted to the Academic Technology Committee during the annual budgeting process. Administrative department specialized software, which is used only by one department, is the responsibility of that department.

13.10. Information Technology reserves the right to refuse access to the RMU Administrative network or technical support for equipment purchased outside of this policy.

Page 11 of 11

Is this question part of your Assignment?

We can help

Our aim is to help you get A+ grades on your Coursework.

We handle assignments in a multiplicity of subject areas including Admission Essays, General Essays, Case Studies, Coursework, Dissertations, Editing, Research Papers, and Research proposals

Header Button Label: Get Started NowGet Started Header Button Label: View writing samplesView writing samples