IT Policies

Guidelines for use of Campus and Network Computing Resources

The King’s University (King’s) expects members of the University community to maintain the highest standards of respectful and responsible behaviour when using all Information Technology resources.

Use of King’s information technology resources must comply with all applicable laws, King’s policies, procedures, appendices and guidelines.

Policy

1.    All data and messages located on or processed by King’s Information Technology Resources are considered to be the property of King’s, and are not the property of the users of the information technology.

 2.    King’s expects that all information technology resources are used in a manner consistent with King’s mission, policies and all applicable laws. Violations of these policies and operational procedures can lead to revocation of system privileges and/or disciplinary action, including suspension, expulsion or termination.

 3.    Information Technology Resources will be used to facilitate student, faculty and staff activities in support of education, research and King’s business.

 4.    Incidental personal use is permitted so long as:

a.    It complies with this policy

b.    It does not compromise the business of King’s

c.    It does not interfere with other staff/faculty productivity

d.    It does not increase King’s costs

e.    It does not unduly impact any business or academic activity

 5.    King’s Information Technology Resources may not be used for private business activities, solicitation, amusement/entertainment purposes, political lobbying, or charitable endeavours unless expressly approved by the Director, Information Technology Services or the Vice President, Administration and Finance.

 6.    Users must stay within their authorized limits and refrain from seeking to gain unauthorized access to information technology resources beyond their permissions and privileges.

 7.    Any individual using information technology resources to create, access, transmit or receive information must protect that information in a manner that is commensurate with its value, use and sensitivity.

 8.    Employees must maintain secure passwords and the security of information technology tools including but not limited to : desktop computers, laptop computers, cell phones or PDA devices

 9.    Users are not to delete, alter, reposition, or tamper with files belonging to anyone other than themselves. Users are not to engage in any activity that violates the privacy rights of the University or any individual or is contrary to the University’s privacy policies, the Freedom of Information and Protection of Privacy Act, or the Personal Information Protection Act of Alberta and Electronic Documents Act of Canada.

 10.  King’s will protect information against unauthorized disclosure. King’s reserves the right to access, monitor and record both stored or in-transit data and the usage of information technology resources for managing the ongoing ‘health’ of the system, when there is suspected or alleged impropriety, a business need for access in the absence of an employee, a request under the Freedom of Information and Protection of Privacy Act, or as otherwise required by law. King’s has the right to use information gained in this way in disciplinary actions as prescribed in University policies, and to provide such information to appropriate internal and external investigative authorities. In cases where access to a user’s account for system trouble shooting purposes is required, the system administrator will attempt to contact the user as a courtesy. If unable to establish contact, they will proceed to carry out their work and inform the user after the fact.

 11.  Use of University information technology resources, including electronic identities, is permitted only to members of the university community, and authorized guests. Requests for authorized guest use would be made through the host department, unless the resource requested is in the public domain, such as the library catalogue system or public wireless. Unless otherwise stated, such access, including the use of electronic identities, is authorized only on an individual basis and may not be shared by multiple individuals. Anyone granted authorization to use an electronic identity must make all reasonable efforts to keep such identification private and secure.

 12.   Users will respect software copyright restrictions and may not duplicate commercial software unless licensed to do so. Users may not place any copyrighted software on a computer without verified license to do so and approval from the Information Technology Services department.

 13.  Users must take precautions not to bring viruses or other damaging software into any King’s computer or its network. This includes but is not limited to ensuring all devices (personal or King’s owned) utilized in the day to day work at Kings are reasonably protected from infection.

14.  All forms of electronic communication are expected to reflect high ethical standards and mutual respect and civility. Users must refrain from transmitting to others, inappropriate images, sounds, or messages which might reasonably be considered harassing, fraudulent, threatening, obscene (e.g. pornographic), defamatory, or other messages or material that are a violation of applicable law or University policy.  Users must be sensitive to the open nature of public spaces (for example, computer labs and classrooms) and take care not to display in such locations images, sounds or messages which might reasonably be considered harassing, fraudulent, threatening, obscene (e.g. pornographic), defamatory, or other messages or material that are a violation of applicable law or University policy.

 15.  Anyone witnessing use of King’s information technology resources in a manner that contravenes this Policy, or suspects an information technology security incident, is obligated to report it to the Director, Information Technology Services or the Vice President, Administration and Finance immediately. If the incident occurs outside of normal office hours, a report is to be made to Campus Security – 780-465-3333. They have 24 hour contact information for both the Director and the Vice President.

 16.  The University reserves the right to withhold and revoke access to its information technology resources to any individual if there are reasonable grounds to suspect that their continued access to the resources poses a threat to the operation of the resource or the reputation of the University.

 17.  System administrators of information technology resources have the responsibility to investigate and take action in the case of suspected or alleged unacceptable use. System administrators have the right to suspend or modify users’ access privileges to information technology resources. System administrators have the responsibility to take immediate action in the event the University is at imminent risk. System administrators may examine files, passwords, accounting information, data, and any other material that may aid in an investigation of possible abuse.

 18.  Non-compliance with this policy constitutes misconduct and may be handled under applicable King’s policy or law.

 

DEFINITIONS Any definitions listed in the following table apply to this document only with no implied or intended institution-wide use.

 

  

 

Members of the University Community

University staff, faculty, students, and other holders of valid King’s Identification.

Information technology resources

Information technology resources refer to all hardware, software, and supporting infrastructure owned by, or under the Custodianship of, King’s that is used to create, retrieve, manipulate, transfer and store electronic information. This includes (but is not limited to), central and non-centrally supported computers, file systems attached to these computers, operating systems running on these computers, software packages supported by these operating systems, wired and wireless networks, telecommunication and hand-held devices, data stored on or in transit on the above, as well as electronic identities used to identify and authenticate the users of the aforementioned resources.

Electronic identity

An electronic identity is any means by which a person may be identified and authenticated to access an information technology resource. This includes, but is not limited to, an account name and password, encryption keys, proximity cards, swipe cards, smart cards, or other forms of identification.

Authorized guests

Other authorized users of information technology resources may include, but are not limited to, conference attendees, prospective students, and users of University public domain resources. IDs can be requested through the respective host departments

Information Technology Security Incident

Events where there is suspicion that:

• the confidentiality, integrity, and availability of University data has been compromised

• information and information technology resources are used for, or violated by, illegal or criminal activity

• information technology resources has been attacked, is currently under attack, or is vulnerable to attack.

System administrator

System administrator refers to the person or persons responsible for configuring, installing, maintaining, and supporting information technology resources