Acceptable Use Guidelines

University of Maryland Policy on the Acceptable Use of Information Technology Resources
(Approved as amended by the university Senate on April 3, 2006. Signed by President Mote on April 5, 2006)

Primary Principles: Freedom of Expression and Personal Responsibility

Freedom of expression and an open environment to pursue scholarly inquiry and for sharing of information are encouraged, supported, and protected at the University of Maryland. These values lie at the core of our academic community. Censorship is not compatible with the tradition and goals of the university. While some computing resources are dedicated to specific research, teaching, or administrative tasks that would limit their use, freedom of expression must, in general, be protected. The university does not limit access to information because of its content when it meets the standard of legality. The university's policy of freedom of expression applies to computing resources.
Concomitant with free expression are personal obligations of each member of our community to use computing resources responsibly, ethically, and in a manner which accords both with the law and the rights of others. The university depends first upon a spirit of mutual respect and cooperation to create and maintain an open community of responsible users.

General

This policy sets forth standards for responsible and acceptable use of university information technology (IT) resources. These resources include computer systems, computer labs, applications, networks, software, and files.

IT resources are provided to support the academic, research, instructional, and administrative objectives of the university. These resources are extended for the sole use of university faculty, staff, students, and all other authorized guests to accomplish tasks related to the status of that individual at the university, and consistent with the universityâ€™s mission.

Those using university IT resources, whether at the university or elsewhere, are responsible for complying with security standards set forth by the Vice President and Chief Information Officer (VP/CIO), safeguarding identification codes and passwords, and for using them solely for their intended purposes. Individuals are solely responsible for their personal use of IT resources and are prohibited from representing or implying that statements related to such use constitute the views or policies of the university.

The maintenance, operation, and security of IT resources require responsible university personnel to monitor and access systems and networks. To the extent possible in the electronic environment and in a public setting, a userâ€™s privacy will be preserved. Nevertheless, that privacy is subject to applicable federal and state law, including the Maryland Public Information Act, and the needs of the university to meet its administrative, business, and legal obligations.

Prohibited Conduct

The following provisions describe conduct prohibited under this policy:

Altering system software or hardware configurations without authorization; disrupting or interfering with the delivery or administration of IT resources.
Attempting to access or accessing another's accounts, private files, e-mail messages, or intercepting network communication without the owner's permission except as appropriate to your job duties and in accordance with legitimate university purposes.
Misrepresenting oneself as another individual in electronic communication.
Installing, copying, distributing, or using digital content (including software, music, text, images, and video) in violation of copyright and/or software agreements or applicable federal and state law.
Engaging in conduct that interferes with othersâ€™ use of shared IT resources.
Using university IT resources for commercial or profit-making purposes or to represent the interests of groups unaffiliated with the university or unassociated with the normal professional activities of faculty, staff or students without written authorization from the university.
Ignoring individual departmental or unit lab and system policies, procedures, and protocols.
Facilitating access to university IT resources by unauthorized users.
Exposing sensitive or confidential information or disclosing any electronic information that one does not have the authority to disclose.
Knowingly using IT resources for illegal activities. Criminal or illegal use may include obscenity, child pornography, threats, harassment, copyright infringement, university trademark infringement, defamation, theft, identity theft, and unauthorized access.

Enforcement

Violation of the provisions of this policy constitutes unacceptable use of IT resources, and may violate other university policies and/or state and federal law. Known or suspected violations should be reported to the appropriate university computing unit. Reports may also be sent to the security unit within the Office of Information Technology (abuse@umd.edu). If possible, reports should include a copy of any non-sensitive information relevant to the putative violation.

Violations will be acted upon by the appropriate university authorities and/or law enforcement agencies. Violations may result in the restriction or revocation of access to IT resources; faculty, staff, or student disciplinary action; academic dishonesty proceedings through the Student Honor Council; or legal action.

The VP/CIO or designee may suspend, block, relocate to a secure location, or restrict access to information and network resources when necessary to protect the integrity, security, or functionality of university IT resources or to protect the university from liability. Notice of such action will be provided to the designated security contact for the affected unit.

Administration

Individual areas within the university (including divisions, colleges, schools, and departments) may elaborate upon this policy with unit-specific policies as long as they do not violate the spirit and intent expressed elsewhere in this policy.

Consistent with university System of Maryland requirements, this policy will be reviewed and updated annually or as needed based on the recommendations of the VP/CIO.

Smith School Specific Policy Addendum to the University of Maryland Policy on the Acceptable Use of Information Technology Resources

Password Protection

User should comply with the strong password policy set forth by the Smith Office of IT. Sharing of the password is strictly prohibited.

Data Ownership

The users are responsible for security and access control of the data created, stored and deleted on their personal computer and any publicly accessible computers.

Data Storage

There will be no storage of digital media files (audio and/or visual) on the server unless they are related to teaching or learning. It is permissible to store mail files, including mail archives, in your network drive.

Privacy Protection

Agreement for Smith School Help Desk Service Access

The users, by accepting and using any personal computing device provided by Smith School of Business, agree to allow the Help Desk to have unlimited access to the computing device. This access is only for purposes of performing service and support, both requested and non-requested.

If the personal computer uses external passwords like password protected screensaver or BIOS boot password, the user must provide the password to the Help Desk Manager.

By accepting and using the computing device, the users also are certifying that they understand that failure to furnish the Help Desk with the appropriate password or tampering with our administrative account access will result in a complete forfeiture of our support for your system.

Communication

Individuals are solely responsible for their personal use of IT resources and are prohibited from representing or implying that statements related to such use constitute the views or policies of the university.