Authorized Software Policy:   IT

PURPOSE:

Authorized software is any software that is acceptable for use on SPC information technology resources. The purpose of the Authorized Software Policy is to provide a set of measures that will mitigate information security risks associated with authorized software.

 

SPC has negotiated special pricing and licensing for a variety of software available to all students, faculty and staff. Other software is readily available in the open market place that has some kind of licensing agreement under which the user is subject. Some software is considered to pose a security threat to SPC and its use may be restricted.

 

Users entrusted with SPC information technology resources are responsible for maintaining licensing information for any software the user installs, and if requested by the College, must provide SPC with licensing information. This includes, but is not limited to, smart phones, ipads, tablets, laptops, etc.

 

Non-compliance with copyright laws regarding software is subject to civil and criminal penalties imposed by federal and state laws. These penalties are applicable to the College and/or an individual.

 

SCOPE:

The Authorized Software Policy applies to all users of SPC information technology resources.

 

POLICY STATEMENT:

All software installed or used on College-owned information technology resources must be appropriately licensed.

 

SPC-IS Client Support Services shall maintain sufficient documentation to validate that the software is appropriately licensed. Persons installing or authorizing the installation of software should be familiar with the terms of the agreement.

 

Users shall accept the responsibility to prevent illegal software usage and abide by College policy on the use of copyrighted materials requiring the College community to respect copyright law.  These responsibilities include:

 

  1. Do not illegally distribute or share software with anyone.
  2. All software must be license compliant, including personally purchased software.
  3. All software licenses must be readily available.
  4. Report any suspected or known misuse of software to SPC-IS Client Support Services.

 

 

The following general categories of software are specifically prohibited on all SPC Information Technology Resources unless specifically authorized by the Information Security Officer:

  1. Software used to compromise the security or integrity of computer networks and security controls such as hacking tools, password descramblers, network sniffers, and port scanners.
  2. Software that proxies the authority of one user for another, for the purpose of gaining access to systems, applications, or data illegally.
  3. Software which instructs or enables the user to bypass normal security controls.
  4. Software which instructs or enables the user to participate in any activity considered a threat to local, state or national security, including the assistance or transfer of information leading to terrorist activity or construction or possession of illegal weapons.
  5. Any other software specifically prohibited by the Information Security Officer.

 

Related Policies, References and Attachments:

An index of approved SPC-IS policies can be found on the SPC Policies website at https://www.southplainscollege.edu/human_resources/policy_procedure/?%20.  The SPC Information Security Program and SPC Information Security User Guide are also available on the Information Technology Services Policies website.

 

Approved by: Executive Council, 8/6/2018