Defining the University’s approach to acceptable use of its IT Systems for students
This control procedure defines the University’s approach to acceptable use of its IT systems, and directly supports the following policy statement from the Information Security Policy:
The university’s security policies and expectations for acceptable use will be communicated to all users to ensure that they understand their responsibilities. Information security education and training will be made available to all staff, and poor and inappropriate behaviour will be addressed.
This procedure is intended to be read and understood by all students accessing University information, IT systems, networks or software using any University or personally owned device.
The computing resources at the University are provided for use by staff and students in support of teaching, learning, research, consultancy and administrative activities. Their use for any other purpose which interferes with these primary aims, or which otherwise acts against the interests of the University, is prohibited.
The University reserves its right to withdraw access to computing facilities for non-approved purposes at any time. Use of University computing facilities for students' commercial gain is prohibited.
You are bound by the Law of England and Wales when using computing facilities. Many specific items of legislation apply, but the ones of prime importance are:
It is your responsibility to ensure that your activities do not contravene these or any other laws. Your supervisor may be able to assist if you are in doubt.
If you are accessing computers abroad, remember that you may also be bound by the laws of that country.
You must not use the computing facilities to access, create, store or transmit offensive, indecent, obscene, discriminatory or extremist material. You must not send threatening, abusive, obscene or otherwise offensive E-mail.
In using the computing facilities you must not cause annoyance or needless anxiety to anyone else, nor prevent them making proper use of the facilities, for example by:
The University may log all forms of IT use. Monitoring systems is necessary for administrators to identify and investigate technical or security related problems, and also provides an audit log in the event of misconduct or criminal investigations.
The University also reserves the right to inspect any items of computer equipment connected to the network. Any IT equipment connected to the University’s network will be removed if it is deemed to be breaching University policy or otherwise interfering with the operation of the network.
The University may need to access or suspend any user’s account for business purposes. Action will only be taken where it has been authorised by a suitable administrative representative.
You will be issued with a username and password to allow access to University computing facilities. This should be long and memorable.
You must not reveal the password to anyone else under any circumstances. You must not allow anyone else to use a computer logged in under your name without your immediate supervision. If you believe your password has been compromised, you should take steps to change it immediately.
Where your access services are provided by other organisations, you must abide by their regulations. Any breach of such regulations will be regarded as a breach of these University regulations.
In particular, you must abide by the acceptable use policy for JANET, the Joint Academic Network, with which you should familiarise yourself. This policy is available on the World Wide Web at: http://www.ja.net/documents/publications/policy/aup.pdf.
You must not jeopardise the computing hardware in any way, for example by:
The university reserves the right to charge students for the cost of rectification of damage which they cause and/or take further disciplinary action.
Students shall not copy software from, nor introduce software to University computing facilities without the express permission of a member of staff responsible for those facilities.
Students must not copy datasets to or from University computing facilities unless they have established that they are acting within any copyright conditions applying to the material.
Students must comply with any reasonable request or instruction issued by any IT Services staff with respect to the use of University computing facilities. Improper behaviour towards IT Services staff may result in formal disciplinary action.
Whilst the University endeavours to provide a high level of service, failure of any element of the computing service will not be accepted as valid excuse of failure to reach an acceptable standard in assignments or examinations unless no other reasonable method of conducting the work was available.
In the event of a breach of these regulations, your access to some or all or the computing facilities may be withdrawn pending the outcome of disciplinary proceedings. This may seriously affect your ability to complete your course of study satisfactorily.
If at all in doubt, ask your tutor for guidance.
This control procedure needs to be understood in the context of the other policies and procedures constituting the University’s Information Security Management System.
A review of this policy will be undertaken by the Information Security Manager annually or more frequently as required, and will be approved by the Information Security Board.