Information Technology Resource Use Policy

GUIDING PRINCIPLES

We are stewards of technology, therefore, God requires accountability in our use of these gifts. As a community that yields to the Lordship of Jesus Christ, Westmont College expects responsible use of technology by students, faculty and staff. Therefore, the following principles will guide our use of technology.

1. Respect for one another’s need for access

Students, faculty and staff who are involved in educational or research activities or the administration thereof should have the highest priority in the use of technology. Their use should not be hindered by others engaged in lower priority activity. Westmont College is a community where all members should act in their neighbor’s best interest.

Not hindering legitimate access also means that staff and students do not waste technological resources, such as but not limited to computers, telephones, networks or printers. It also includes destruction of any resource, either physically or by software.

2. Respect for one another’s values and feelings

New technologies often increase our ability to communicate as well as miscommunicate. Communication should illustrate respect for others and a sense of personal integrity. Ephesians 4:29 is applicable here: “Do not let any unwholesome talk come out of your mouths, but only what is helpful for building others up according to their needs, that it may benefit those who listen.” Thus, communication that degrades or harasses individuals or groups is unacceptable.

The need to communicate with respect and integrity is particularly important in our contacts with those both inside and outside of Westmont College. Our communications will reflect not only on the College, but also on its Christian mission.

3. Respect for one another’s property

Theft or unauthorized use of either tangible property or intellectual property will not be tolerated. This includes unauthorized copying of copyrighted software, which is not only unethical, but also is illegal.

4. Respect for one another’s privacy

Respect for others also means respect for their privacy. Unauthorized reading or altering information belonging to someone else, whether in files, email, or any other communication form is prohibited.

Note: these Guiding Principles were adapted from Responsible Use of Technology at Calvin College

 

RESPONSIBLE USE POLICY DETAIL

Westmont College’s information systems, including but not limited to computers, voicemail, email and access to the Internet, are provided as tools in support of the programs of the College. The principal concern of this responsible use policy is the effective and efficient use of Information Technology (IT) resources. Hence the primary focus is to ensure that the resources are used in a manner that does not significantly impair or impede their use by others in the pursuit of the mission of the College.

A. Scope

This policy applies to any user (faculty, staff, student or other) of the College’s IT resources, whether initiated from on or off-campus. This includes any telephone, computer and information system or resource, means of access, networks, and the data residing thereon. This policy applies to the use of all College IT resources whether centrally administered or locally administered, and whether residing on-campus, on college-owned resources, or in the cloud.

B. Overview

Telephones, computers and networks can provide access to resources on and off-campus, as well as the ability to communicate with other users worldwide. Such open access is a privilege, and requires that individual users act responsibly. Users must respect the rights of other users, respect the integrity of the systems and related physical resources, and observe all relevant laws, regulations, and contractual obligations.  Employees and students are also obligated to observe the behavioral guidelines in the Westmont Community Life Statement

  1. The telephone, computing and networking facilities at Westmont are provided as tools in support of the programs of the College. All users of the facilities are responsible to use them in an effective, efficient, ethical and lawful manner, consistent with Westmont’s mission as a Christian academic institution. The philosophical and ethical underpinnings of these policies are found in the Community Life statement.

  2. All existing laws (federal, state and local) and Westmont regulations and policies apply, including not only laws and regulations that are specific to telephones, computers and networks, but also those that may apply generally to personal conduct. This may also include laws of other states and countries where material is accessed electronically via College IT resources by users within those jurisdictions, or where material originating within those jurisdictions is accessed via College IT resources.

  3. We believe all people should be treated with respect. Thus, fraudulent, harassing, pornographic or obscene materials, whether written, aural or visual, are expressly forbidden on any portion of the network, and may not be stored on any college-owned computer or telephone systems.

  4. The College reserves the right to limit access to its resources when policies or laws are violated and to monitor routing information of communications across its network services and transaction records residing on College resources. The College may monitor and restrict the content of material transported across College networks or posted on College systems to preserve network/system integrity and continued service delivery. Specific details are given in Section C below.

C. Policy Provisions

1. AUTHORIZED USE

Westmont’s IT resources are owned by the College, and access is a privilege granted to faculty, staff and students in support of their studies, instruction, duties as employees, official business with the College, and other College-sanctioned activities. Access may also be granted to individuals outside of Westmont for purposes consistent with the mission of the College.

Employees and students of the College are permitted to use these resources occasionally for purposes that are not College-related.

The privilege of using Westmont IT resources may not be transferred or extended by members of the College community to outside individuals or groups without explicit approval from IT.

Gaining access to the College’s IT resources does not imply the right to use those resources. The College reserves the right to limit, restrict, remove or extend access to and privileges within, material posted on, or communications via its IT resources, consistent with this policy and applicable law, and irrespective of the originating access point.

It is expected that these resources will be used in an effective and efficient manner in support of the mission of the College as authorized by Westmont. All other use not consistent with this policy may be considered unauthorized use and could subject the user to possible civil charges, criminal charges or disciplinary actions.

2. DATA SECURITY, CONFIDENTIALITY AND PRIVACY

Westmont users are responsible for ensuring the confidentiality and appropriate use of College data to which they are given access, ensuring the security of the equipment where such information is held or displayed, and abiding by related privacy rights of students, faculty and staff concerning the use and release of personal information, as required by law or existing policies.

For the purposes of this policy, all institutional data is to be considered sensitive and/or confidential. Access to such data is based on an individual’s “need to know” and is restricted to uses directly related to assigned duties. Users are responsible for the security of any accounts issued in their name and any institutional data they may retrieve, modify, reproduce or destroy. Disclosure of confidential information to unauthorized persons or entities, or the use of such information for self-interest or advantage, is prohibited. Access to institutional data by unauthorized persons or entities are prohibited.

“Private” means inaccessible to all others; “confidential” means access is limited to authorized individuals in whom the college has placed confidence. A user’s programs and files are treated as confidential unless the person has explicitly made them available to others. Information Technology personnel can and will access files when necessary for the maintenance of the network and central computer systems. However, even when performing maintenance, every effort is made to ensure the privacy of a user’s files.

In general, information stored on College computers is to be considered confidential unless the owner grants explicit permission to other individuals or groups to view that information or intentionally makes it available to the public. However, all users of Westmont’s IT resources are advised to consider the open nature of information disseminated electronically, and should not assume any degree of privacy or restricted access to such information as it may be intercepted, copied, read, forged, destroyed, or misused by others. One ought to write email in such a way that one would feel comfortable if it was seen by anyone else.

Unless the law provides otherwise, no personal right of privacy exists in any information placed by students or employees on college-owned computers, or transmitted via the college’s voicemail or email systems. Email, voicemail and computer files will not be viewed unless authorized by the user or by legal authorities with appropriate documents. However, in the event of a college investigation stemming from a complaint of alleged misconduct, voicemail, email or files may be locked or copied by IT management to prevent destruction and loss of information, and/or the contents may be reviewed.

An account (email or voicemail) is assigned to an individual and may not be used by others without explicit permission from Information Technology. That individual is responsible for the proper use of the account, including proper password protection. Accounts are never deactivated or removed except under the following circumstances:

  1. The account holder has contacted IT staff and has directly requested their account be deactivated or removed.  The account holder will need to provide verification of their identity before any action is taken.

  2. The security of the account has been compromised.  In the event of a security breach, the account will be deactivated and the account holder will need to contact the IT department to re-activate their account.

  3. The account holder has committed a violation of the College’s Resource Use Policy.  In the event of a violation, the offending account may be deactivated or blocked from use of College IT resources until the situation has been addressed (for information regarding the consequences of non-compliance with the College’s Resource Use Policy, see section D1).

All logins, requests for web pages and commands executed by users are recorded in log files that are owned and maintained by Information Technology. This information is monitored for inappropriate activity and may be the basis for policy enforcement.

Requests for disclosure of confidential information and retention of potential evidence will be honored when approved by authorized College officials or legal authorities, or when required by state or federal law.

3. NETWORK AND SYSTEM INTEGRITY

Activities and behaviors that threaten the integrity of College computer networks or systems are prohibited on both College-owned and privately-owned equipment operated on or through College resources. These activities and behaviors include but are not limited to:

  • Interference with or disruption of computer systems,networks, and related services, including, but not limited to, the propagation of computer “Malware,” (computer worms, viruses, trojans, rootkits, ransomware, etc.), “Adware,” or “Spyware.”

  • Intentional or careless acts that will place an excessive load on a computer or network to the extent that access to networks or information systems by others may be disrupted or substantially degraded.

  • Processing excessively large amounts of data or excessive system utilization to the extent that these interfere with network or system performance unless authorized in advance by the administrator(s) responsible for all of the equipment affected.

  • Failure to comply with requests from appropriate College officials to discontinue activities that threaten the operation or integrity of computers, systems or networks.

  • Revealing passwords or otherwise permitting the use by unauthorized others, by intent or negligence, of personal accounts for computer and network access. Individual password security is the responsibility of each user.

  • Altering or attempting to alter files or systems without authorization.

  • Unauthorized scanning of computers and networks for security vulnerabilities and unauthorized attempts to circumvent data protection schemes or uncover security loopholes.

  • Connecting unauthorized equipment to the campus network or computers.

  • Attempting to alter any College computing or network components without authorization or beyond one’s level of authority, including but not limited to bridges, routers, hubs, wiring, connections, etc.

  • Negligence leading to damage of College electronic information, information technology resources, computing systems or networks.

  • Utilizing network or system identification numbers or names that are not assigned for one’s specific use on the designated system.

  • Using campus resources to gain unauthorized access to any computer system.

  • Violating Copyright and Fair Use practices (see section C7).

  • Attempting to circumvent data protection schemes or uncover security loopholes.

  • Masking the identity of an account or machine.

  • Capturing passwords or data on the network not meant for you.

  • Modifying or extending Westmont network services and wiring beyond the area of their intended use. This applies to all network wiring, hardware and in-room jacks.

  • Placing content on web pages or social media which violates either the Responsible Use Policy or the Community Life Statement.

In the event of a violation, the offending account and/or device may be deactivated or blocked from use of College IT resources until the situation has been addressed (for information regarding the consequences of non-compliance with the College’s Resource Use Policy, see section D1).

4. ACADEMIC HONESTY

The College will not tolerate academic cheating or plagiarism in any form. Users of information technology resources are expected to uphold the standards of Westmont College (see the Student Handbook for specifics).

5. COMMERCIAL AND POLITICAL ACTIVITY

Use of the College’s information technology resources is strictly prohibited for hosting or serving unauthorized commercial activities, personal or political gain, private business, fundraising, or use otherwise unrelated to the College. This includes soliciting, promoting, selling, marketing or advertising products or services, or reselling College resources.

6. HARASSMENT

Unlawful harassment is prohibited by the college policy on harassment  In addition, harassment of others via electronic methods is prohibited under California State Penal Code Section 653m and other applicable laws and College policies. It is a violation of this policy to use electronic means to harass, threaten, or otherwise cause harm to a specific individual(s), whether by direct or indirect reference. It may be a violation of this policy to use electronic means to harass or threaten groups of individuals by creating a hostile environment.

7. COPYRIGHT AND FAIR USE

Federal copyright law applies to all forms of information, including electronic communications. Violations of copyright laws include, but are not limited to, making unauthorized copies of any copyrighted material (including software, text, images, audio, and video), and displaying or distributing copyrighted materials over computer networks without the author’s permission except as provided in limited form by copyright fair use restrictions. The “fair use” provision of the copyright law allows for limited reproduction and distribution of published works without permission for such purposes as criticism, news reporting, teaching (including multiple copies for classroom use), scholarship, or research.

8. TRADEMARKS AND PATENTS

Unauthorized use of trademarked names or symbols, including Westmont’s, is prohibited. Where College resources are used, the College retains ownership of all faculty, staff and student inventions and other intellectual property that may be patented, copyrighted, trademarked or licensed for commercial purposes.

9. ELECTRONIC COMMUNICATIONS

College electronic communications are to be used to enhance and facilitate teaching, learning, scholarly research, support academic experiences, and to facilitate the effective business and administrative processes of the College.

The following activities and behaviors are prohibited on College or privately-owned equipment or networks operated on College resources:

  • Altering electronic communications to hide one’s identity or to impersonate another individual. All email, news posts, chat sessions, or any other form of electronic communication must contain the sender’s real name and/or user ID.

  • Initiating or forwarding electronic “chain letters”.

  • Sending unsolicited commercial advertisements or solicitations.

  • Operating unofficial email reflectors.

  • Sending messages to large numbers of users.

  • Use of system aliases by non-authorized personnel.

  • Use of official aliases to broadcast unofficial and/or unauthorized messages.

  • Attempting to monitor or tamper with another user’s electronic communications, or reading, copying, changing, or deleting another user’s files or software without the explicit permission of the owner.

The College reserves the right to send electronic communications, including large group or broadcast messages, to its own users.

The College reserves the right to limit the size of individual messages being transmitted through College resources.

10. INTERNET

The College reserves the right to block categories of Internet content as well as specific sites. Currently the College blocks Internet sites that are known to be pornographic, or that facilitate the practices of plagiarism, gambling, or digital piracy. Procedures exist to make exceptions to this blocking when requested for academic purposes.

D. Consequences of Non-Compliance

1. COLLEGE

An individual’s computer use and/or network connection privileges may be suspended immediately upon the discovery of a possible violation of these policies. This suspension does not reflect an assumption of guilt, but the need to secure the system from modification. Because of the nature of the networking, Information Technology may not know who owns a computer that may be involved in a violation. In this case, access to the network from that computer will be suspended until the owner of the computer contacts Information Technology and resolves the issue.

The Information Technology staff will judge an offense as either major or minor. The Information Technology staff will normally deal with a first minor offense. Additional offenses will be regarded as major offenses. Substantiated, major violations by students will be confidentially reported to the Dean of Students; those of faculty to the Provost, and those of staff to the employee’s supervisor.

Violations of these policies will be dealt with in the same manner as violations of other college policies and may result in disciplinary review.

2. CIVIL AND CRIMINAL

In addition to the above, certain inappropriate use of Information Technology resources may result in personal criminal and/or civil liability.

E. Reporting Irresponsible or Inappropriate Use

Suspected violations of this policy, potentially bearing external or legal consequences for the College, or originating from an outside source, should be reported to one of the directors of Information Technology

Information Technology personnel will advise the user on what if any action to take, act directly when appropriate, and/or refer the violation to other offices for further action. IT personnel will also assist other offices with investigations of suspected policy violations when appropriate. Information Technology personnel may also be contacted to report violations when the complainant is unable, or it is not desirable, to do so through other channels.

Westmont Public Safety should be notified if an individual’s health and safety appears to be in jeopardy or if a violation of law may be involved.

F. Exceptions

Anyone desiring an exception to this policy must obtain written approval from Information Technology.