Acceptable Use Policy: I.D.
PURPOSE:
The computing resources at South Plains College support the educational, instructional, research, and administrative activities of the College and the use of these resources is a privilege that is extended to members of the SPC community. Users of these services and facilities have access to valuable College resources, to sensitive data, and to internal and external networks. Consequently, it is important to behave in a responsible, ethical, and legal manner.
In general, acceptable use means respecting the rights of other computer users, the integrity of the physical facilities and all pertinent license and contractual agreements. If an individual is found to be in violation of the Acceptable Use Policy, the College will take disciplinary action, up to and including suspension or termination of employment. Individuals are also subject to federal, state and local laws governing interactions that occur on SPC information technology resources.
This document establishes specific requirements for the use of all computing and network resources at South Plains College. (See Texas Administrative Code, Title 1, Part 10, Chapter 202, Subchapter C (TAC§202) and Texas Higher Education Coordinating Board)
SCOPE:
The SPC Acceptable Use policy applies equally to all individuals utilizing SPC information technology resources (e.g., full time and part time employees, students, retirees, agents, consultants, contractors, volunteers, vendors, temps, etc.).
Information technology resources include all College owned, licensed, or managed hardware and software, and use of the College network via a physical or wireless connection, regardless of the ownership of the computer or device connected to the network.
RIGHTS AND RESPONSIBILITIES:
As members of the College community, users are provided with the use of scholarly and/or work-related tools, including access to the Library, to certain computer systems, servers, software and databases, to the campus telephone and voice mail systems, electronic mail resources, and to the Internet. There is a reasonable expectation of unobstructed use of these tools, of certain degrees of privacy (which may vary depending on whether the user is a College employee or a registered student), and of protection from abuse and intrusion by others sharing these resources.
In turn, users are responsible for knowing the regulations and policies of the College that apply to appropriate use of the College's technologies and resources. Users are responsible for exercising good judgment in the use of the College's technological and information resources. Just because an action is technically possible does not mean that it is appropriate to perform that action.
Users are representatives of the SPC community, and are expected to respect the College's good name in electronic dealings with those outside the College.
PRIVACY:
All users of College networks and systems should keep in mind that all usage of information technology resources can be recorded and is the property of SPC. Such information is subject to the Texas Public Information Act and the laws applicable to college records retention. Employees have no right to privacy with regard to use of college-owned resources. SPC management has the ability and right to view employees’ usage patterns and take action to assure that College resources are devoted to authorized activities.
Electronic files created, sent, received, or stored on SPC information technology resources that are owned, leased, administered, or otherwise under the custody and control of SPC are not private and may be accessed by authorized personnel in accordance with the provisions and safeguards provided in the Texas Administrative Code 1 TAC§202 (Information Security Standards).
ACCEPTABLE USE:
The SPC network exists to support research, education, and administrative activities by providing access to computing resources and the opportunity for collaborative work.
Primary use of the SPC network must be consistent with this purpose.
Access to the SPC network from any device must adhere to all the same policies that apply to use from within SPC facilities.
1. Users may use only SPC information technology resources for which they are authorized.
2. Users are individually responsible for appropriate use of all resources assigned to them, including the computer, the network address or port, software and hardware, and are accountable to the College for all use of such resources.
3. Authorized users of South Plains College resources may not enable unauthorized users to access the network. The College is bound by its contractual and license agreements respecting certain third-party resources; users must comply with all such agreements when using SPC information technology resources.
4. Users should secure resources against unauthorized use or access to include SPC accounts, passwords, Personal Identification Numbers (PIN), Security Tokens (i.e. Smartcard), or similar information or devices used for identification and authorization purposes.
5. Users must report shareware or freeware that is installed on SPC-owned equipment unless it is on the approved software list found on MySPC. When software is installed, it must be reported to the SPC-IS Service Desk via email.
6. Users must not attempt to access SPC information technology resources without appropriate authorization by the system owner or administrator.
RESTRICTIONS:
All individuals are accountable for their actions relating to SPC information technology resources. Direct violations include the following:
1. Interfering or altering the integrity of SPC information technology resources by:
a. Impersonating other individuals in communication;
b. Attempting to capture or crack passwords or encryption;
c. Unauthorized access, destruction or alteration of data or programs belonging to other users;
d. Excessive use for personal purposes, meaning use that exceeds incidental use as determined by supervisor; or,
e. Use for illegal purposes, including but not necessarily limited to violation of federal or state criminal laws.
2. Allowing family members or other non-authorized persons to access SPC information technology resources.
3. Using the SPC information technology resources for private financial gain or personal benefit. Users are not permitted to run a private business on any SPC information technology resources. Commercial activity is permitted but only for business done on behalf of SPC or its organizations.
4. Activities that would jeopardize the College's tax-exempt status.
5. Using SPC information technology resources for political gain.
6. Using SPC information technology resources to threaten or harass others in violation of College policies.
7. Intentionally accessing, creating, storing or transmitting material which SPC may deem to be offensive, indecent or obscene (other than in the course of academic research or authorized administrative duties where this aspect of the research or work has the explicit approval of the SPC official processes for dealing with academic ethical issues).
8. Not reporting any weaknesses in SPC information technology resources security or any incidents of possible misuse or violation of this agreement by contacting the Information Security Officer.
9. Attempting to access any data or programs contained on SPC information technology resources for which authorization has not been given.
10. Making unauthorized copies of copyrighted material.
11. Degrading the performance of SPC information technology services; depriving an authorized SPC user access to an SPC information technology resource; obtaining extra information technology resources beyond those allocated; or circumventing SPC security measures.
12. Downloading, installing or running security programs or utilities that reveal or exploit weaknesses in the security of a system. For example, SPC users must not run password cracking programs, packet sniffers, or port scanners or any other non-approved programs on SPC information technology services.
13. Engaging in acts against the aims and purposes of SPC as specified in its governing documents or in rules, regulations, and procedures as adopted by SPC.
Related Policies, References and Attachments:
An index of approved SPC-IS policies can be found on the SPC Policies website at https://www.southplainscollege.edu/human_resources/policy_procedure/?%20. The SPC Information Security Program and SPC Information Security User Guide are also available on the Information Technology Services Policies website.
Approved by: Executive Council, 8/6/2018