Misuse and Abuse of Information Technology Resources

1.0 Overview

Students, granting agencies, donors and other groups providing sources of funding that support information technology resources at Clarkson University expect that these assets will be used in a lawful manner and in support of instructional, research and service missions sanctioned by the University.

2.0 Purpose

The purpose of this policy is to ensure appropriate enforcement mechanisms exist to enforce existing information technology policies and procedures.

3.0 Scope

This policy applies to all users of Clarkson University information technology resources regardless of affiliation, and irrespective of whether those resources are accessed from on-campus or off-campus locations.

4.0 Policy

4.1 Reporting

Reports of apparent misuse or abuse of Clarkson University information technology resources are to be made to the Office of the Chief Information Officer (CIO).

4.2 Suspension or termination of access

Service managers, system administrators, and security and network engineers may temporarily suspend or block access to an account when it reasonably appears necessary to do so in order to protect the integrity, security, and functionality of University or other computing resources, or to protect the University from liability.

The technician responsible for a particular service may disable access unilaterally if processes in an assigned account are causing or reasonably appear likely to cause damage to systems or data or serious service degradation for other users. Except when prohibited by law, inappropriate, or impractical, the technician will notify the involved individual prior to disabling the computer account. Where prior notification is not permitted, appropriate, or practical, the technician will make all efforts to notify the involved individual afterward in a timely manner. Unless other policies are invoked, access will be restored as soon as possible after the removal of the threat.

4.3 Technical Investigation

The Office of the CIO will coordinate technical investigation and computer forensics for complaints of misuse or abuse of University information technology resources.  All investigations will comply with applicable law, and University policies and procedures.

4.4 Disciplinary Process

Reports of misuse or abuse are normally resolved through established University disciplinary policies and procedures applicable to the relevant user. The University may also refer suspected violations of applicable law on the part of any individual to appropriate law enforcement agencies.  University Counsel, and other law enforcement officials as appropriate, shall address misuse or abuse of Clarkson University resources by persons not affiliated with the University.

4.5 Consultation

The Chief Information Officer (CIOs) is available to provide consultation or advice related to technology use or misuse to any University, campus, or unit administrators or individual personnel.

6.0 Definitions

7.0 Revision History

Draft Policy v0.1 – 6 Sept 2013 – jfiske