University Policies

Technology Use Policy (formerly Appropriate Use Policy)

Approved By: President
Effective Date: June 26, 2023

POLICY STATEMENT

The purpose of this policy is to define the appropriate use of Western Illinois University (WIU) information, computing, and communication resources by all users. These services, known collectively as computing resources.

SCOPE (WHO SHOULD READ THIS POLICY)

WIU Technology Use Policy applies to any individual who utilizes WIU-owned or contracted computing resources (known collectively as all users). Users include, but may not be limited to: staff, faculty, alumni, retirees, vendors, subcontractors, students, and prospective students.

DEFINITIONS

  • Computing resources: Any resource used to perform computing operations/processes, such as a tablet, computer, phone, flash drive, CD, camera, smart television, etc.  This would include 3rd party hosted applications which process or utilize WIU data.

POLICY

WIU provides computing resources to its staff, faculty and students to support the University’s mission. All university-owned computing resources are the sole property of the university. Use of computing resources must be appropriately authorized and limited to University-use only. Personal use of university computing resources is strictly prohibited. Users are prohibited from sharing access to any computing resources they have been granted access to unless permission for the additional party is expressly permitted. Users should be aware that all university computing resources are subject to Freedom of Information Act (FOIA) requests. Users should assume no rights to privacy while utilizing University computing resources. The University retains the right to track and monitor computing resources at any time. Use of university computing resources is a privilege and not a right. All members of the university community are given notice of this policy by virtue of its publication.

Users are responsible for all activities originating from their account(s) and device(s), including all information sent from, intentionally requested, solicited or viewed from their account(s)/device(s). In order to educate users on appropriate cyber security practices and recognize cyber security incidents, all employees will be required to complete security awareness training within 30 days of initial employment and annually thereafter. In addition, all employees who fail phishing tests will be required to complete phishing awareness training.

Users connecting to university computing systems or data from a personal device are responsible for ensuring the security of their personal device. Users should make every effort to ensure personal computing devices used to access university systems and data are free from malware and viruses. Devices should be kept up to date with security patches and updates for operating systems and any installed software.

Users of university computing systems or data are required to take appropriate measures and due care to protect university computing systems and data and avoid damage. University computing resources may not be used for any of the following purposes or for any purpose which is illegal, immoral, unethical, dishonest, damaging to the reputation of the University, inconsistent with the mission of the University, or likely to subject the University to liability. Unauthorized uses include, but are not limited to:

  • Attempts to circumvent the security mechanisms of any university system.
  • Attempts to degrade system performance or capacity, or attempt to damage systems, software or intellectual property of others.
  • Unauthorized viewing or use of another person’s computer files, programs, accounts, and data.
  • Unauthorized use of copyrighted materials or trademarks.
  • Use of computing resources to promote, help, finance, or support any political activities, including but not limited to promoting or supporting an individual, group, or organization campaigning for an elected office.
  • Providing unauthorized access to computing resources such as sharing of passwords or logging in to a University system for another person’s use.
  • Use of computer accounts, access codes (including passwords), or any unique identifier assigned to others.
  • Disruption or unauthorized monitoring or scanning of university computing resources.
  • Accessing data or computing resources without proper authorization.

Use of university computing resources by faculty and staff, including student workers, while at work and/or performing the responsibilities of their position, should be consistent with the university mission, this policy, other university policies, and other applicable state and federal laws and regulations, including the State Officials and Employees Ethics Act (SOEEA). All users of university computing resources must comply with all federal, state and other applicable laws; all generally applicable Board of Higher Education and university rules and policies; and all applicable contracts and licenses. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.

RESPONSIBILITIES (Implementation and Enforcement)

University Technology is responsible for, implementing, enforcing, updating and maintaining this policy.

RESOURCES