University Policies
Technology Use Policy (formerly Appropriate Use Policy)
Approved By: President
Effective Date: June 26, 2023
POLICY STATEMENT
The purpose of this policy is to define the appropriate use of Western Illinois University (WIU) information, computing, and communication resources by all users. These services, known collectively as computing resources.
SCOPE (WHO SHOULD READ THIS POLICY)
WIU Technology Use Policy applies to any individual who utilizes WIU-owned or contracted computing resources (known collectively as all users). Users include, but may not be limited to: staff, faculty, alumni, retirees, vendors, subcontractors, students, and prospective students.
DEFINITIONS
- Computing resources: Any resource used to perform computing operations/processes, such as a tablet, computer, phone, flash drive, CD, camera, smart television, etc. This would include 3rd party hosted applications which process or utilize WIU data.
POLICY
WIU provides computing resources to its staff, faculty and students to support the University’s mission. All university-owned computing resources are the sole property of the university. Use of computing resources must be appropriately authorized and limited to University-use only. Personal use of university computing resources is strictly prohibited. Users are prohibited from sharing access to any computing resources they have been granted access to unless permission for the additional party is expressly permitted. Users should be aware that all university computing resources are subject to Freedom of Information Act (FOIA) requests. Users should assume no rights to privacy while utilizing University computing resources. The University retains the right to track and monitor computing resources at any time. Use of university computing resources is a privilege and not a right. All members of the university community are given notice of this policy by virtue of its publication.
Users are responsible for all activities originating from their account(s) and device(s), including all information sent from, intentionally requested, solicited or viewed from their account(s)/device(s). In order to educate users on appropriate cyber security practices and recognize cyber security incidents, all employees will be required to complete security awareness training within 30 days of initial employment and annually thereafter. In addition, all employees who fail phishing tests will be required to complete phishing awareness training.
Users connecting to university computing systems or data from a personal device are responsible for ensuring the security of their personal device. Users should make every effort to ensure personal computing devices used to access university systems and data are free from malware and viruses. Devices should be kept up to date with security patches and updates for operating systems and any installed software.
Users of university computing systems or data are required to take appropriate measures and due care to protect university computing systems and data and avoid damage. University computing resources may not be used for any of the following purposes or for any purpose which is illegal, immoral, unethical, dishonest, damaging to the reputation of the University, inconsistent with the mission of the University, or likely to subject the University to liability. Unauthorized uses include, but are not limited to:
- Attempts to circumvent the security mechanisms of any university system.
- Attempts to degrade system performance or capacity, or attempt to damage systems, software or intellectual property of others.
- Unauthorized viewing or use of another person’s computer files, programs, accounts, and data.
- Unauthorized use of copyrighted materials or trademarks.
- Use of computing resources to promote, help, finance, or support any political activities, including but not limited to promoting or supporting an individual, group, or organization campaigning for an elected office.
- Providing unauthorized access to computing resources such as sharing of passwords or logging in to a University system for another person’s use.
- Use of computer accounts, access codes (including passwords), or any unique identifier assigned to others.
- Disruption or unauthorized monitoring or scanning of university computing resources.
- Accessing data or computing resources without proper authorization.
Use of university computing resources by faculty and staff, including student workers, while at work and/or performing the responsibilities of their position, should be consistent with the university mission, this policy, other university policies, and other applicable state and federal laws and regulations, including the State Officials and Employees Ethics Act (SOEEA). All users of university computing resources must comply with all federal, state and other applicable laws; all generally applicable Board of Higher Education and university rules and policies; and all applicable contracts and licenses. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.
RESPONSIBILITIES (Implementation and Enforcement)
University Technology is responsible for, implementing, enforcing, updating and maintaining this policy.
RESOURCES
- Obscenity and Pornography
- Accessing, Viewing, or Downloading Child Pornography 18 USC § 2252
- Forfeiture of computer for committing above 18 USC § 2510 et seq.
- Illinois Compiled Statutes 720 ILCS 5/11-20.1
- Restriction of access by minors to materials commercially distributed by means of World Wide Web that are harmful to minors 47 USC § 231
- Data Management and Protection
- Identity Protection Act 5 ILCS 179
- Children’s Online Privacy Protection Act (COPPA)
- FTC Identity Theft Red Flag Rules
- Payment Card Industry Data Security Standards (PCI DSS)
- Gramm-Leach-Bliley Act (GLBA) Title V
- Family Educational Rights and Privacy Act (FERPA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Fair Credit Reporting Act (FCRA)
- Transporting of Obscene Materials for Sale or Distribution 18 USC § 1465
- Intercepting Electronic Communications 18 USC § 2703 et seq
- Computer Fraud 18 USC § 1030
- Illinois Compiled Statutes Computer Fraud 720 ILCS 5/16D-6
- Illinois Compiled Statutes Computer Tampering (hacking, maliciously spreading viruses, etc.) 720 ILCS 5/16D-3
- Illinois Compiled Statutes Illicit or Unauthorized Use of a Password 720 ILCS 5/16D-7
- Slander and Libel 47 USC § 230c1
- Illinois Compiled Statutes Slander and Libel 740 ILCS 145/1
- Copyright 17 USC
- Rights of Copyright Holders 17 USC § 106 to 121
- Infringement of Copyright 17 USC § 501 to 513
- Circumvention of Copyright Protection Systems 17 USC § 1201
Connect with us: