Policies & Security : Faculty/Staff Computing Policies Handbook

Responsible Computing at UVa-Wise

A Handbook for Faculty and Staff

In support of its mission of teaching, research, and public service, the University of Virginia’s College at Wise provides faculty, staff and students with access to computing and information resources. Responsible behavior is the price of admission to the College's digital community, with its attendant conveniences and benefits. Irresponsible behavior can jeopardize your computing privileges and can put you at risk for other serious consequences. The Office of Information Technology (OIT), which provides many computing and communication services for the College, has prepared this handbook to help you understand the nature of responsible computing in our digital community.

I. You, the College, and the Electronic Community

On nearly all office desktops at the University of Virginia’s College at Wise, you will find a computer. Most faculty and staff use computers at least as often as telephones for communication, as well as to help them do their work in many other ways.

The College makes information technologies available to you in many and varied forms:

  • Everyone at the College has access to information servers for electronic mail (email) and other Internet services. There are data network connections in nearly all offices to connect your office computer to the Internet.
  • The College's World Wide Web home page (http://www.uvawise.edu) provides not only important information about UVa-Wise's academic and administrative departments but provides a starting point as you navigate to other websites that may interest you or be applicable to your area of work or research.
  • The Portal provides easy access to College data from your desktop.
  • The VoIP phone system at the College provides voice mail and VoIP directory information to all users as well as many other options to make phone services easy to use and when used in conjunction with the on-line “Communicator” feature allows users to manage the many features available including voice mail and searching the history of phone calls made and/or received on their phone.  VoIP phone issues should be directed to VoIP@uvawise.edu or phone@uvawise.edu or by calling 74663. 

II. Who Owns What?

We often use the possessive word “your” but this does not always mean “ownership.” In some cases, it means “exclusive use.” We also assign ownership of computers or files or data to the College when in reality some of these items may officially be the property of the Commonwealth of Virginia, a research sponsor, or some other entity. If in doubt over the ownership of a particular item, ask your supervisor or department head, or contact the IT Security and Policy Coordinator 7-4641.

Your unit or department often owns the personal computers or workstations at your workplace. The Office  of Information Technology personnel and/or web pages are available to provide guidance about what is appropriate use of computing equipment and services for your specific workplace, and will try to communicate clearly to you any special conditions of use beyond those described in this handbook, in similar widely-available sources or in the College's policy resources. If you do not clearly understand the nature of appropriate use of computing equipment or services in your particular workplace, ask for further assistance so that we may ensure that you understand.

The department may also own software licenses—for example, word processing or spreadsheet software—that were purchased from a software vendor. The licenses usually allow you to possess ONE copy of this software per workstation. It is a violation of your software license agreement to make copies of the software without permission. You should read and abide by the software license agreement. You also may NOT make a copy of software someone else has purchased. The general rule is ONE purchase, ONE copy.

The College owns or otherwise makes available the central computers, computer labs, the computers it places on its employees' desks, the printers and other devices it has attached to them, and all the software it has installed on them. The College determines who may use these resources and provides guidance about their intended use.

The College owns the College network—all the wires, cables, switches, routers and any other networking/computing device(s) that connect the central computers, computer labs, , PC’s and perhaps connects your personal computer to each other and, beyond the campus, to the Internet. The College determines who is authorized to use its network.

The College's ownership of these resources intended for shared use imposes on it a special responsibility to ensure equitable availability. The College expects you not to overuse such resources when doing so denies effective access to other users. If you do, we will ask you to discontinue your use or reduce it to a more appropriate level.

III. College Information: Protecting a Valuable Asset

The information of any organization is one of its most valuable assets. Now that University of Virginia’s College at Wise business is conducted extensively on computers and the information is available more readily and to greater numbers of persons, you have an important responsibility to safeguard it. Meeting that responsibility may be as simple as making good practices part of your regular routine. They include:

  • Choose a good password for your computer account — one that is not “guessable.” Make it a combination of 8 or more letters and numbers or special characters. For help choosing a good password, see http://www.uvawise.edu/oit/SecureComputing/good-passwords. Commit it to memory. Never write it down and never tell it to anyone. On some systems you will be required to change your password on a regular basis.
  • Log off your computer when you leave your desk. Keep information displayed on your screen confidential, just as you would keep confidential printed material on your desk or in your files away from wandering glances.
  • Back up your data regularly making several generations of backups. Store the backup diskettes where they would be available in the event of a disaster, and know how to restore the backed-up data.
  • Log off your computer when you leave your desk and use a password-protected screen saver. Keep information displayed on your screen confidential, just as you would keep confidential printed material on your desk or in your files away from wandering glances.
  • Reformat used storage media and use them again. Destroy diskettes, CDs, and other electronic media when they are no longer reusable. Do not recycle any that contain sensitive data or College-licensed software.
  • Lock your CDs and other electronic media in your desk or in a locked, fire-resistant cabinet.
  • Contact the Help Desk when College-owned electronic devices (such as desktop computers, laptops, PDAs, iPads and cell phones), are ready for surplus or transferring them from one College employee to another employee.
  • It is not advisable to use email for confidential information and/or when there would be concern if all or part of the email were forwarded to other parties.
  • Apply the security safeguards discussed in this training not just to on-site devices and data, but also to protect devices and data taken off College premises. Special precautions are necessary for small portable devices (such as laptops and PDAs), which can be easily lost or stolen. Home computers used for College business should be secured.
  • If you become aware that sensitive College data may have been inappropriately exposed, contact the IT Security and Policy Coordinator at abuse@uvawise.edu.
  • Your electronic data files are extensions of printed files in your care. It is your responsibility to ensure that both electronic and paper files in your care be safeguarded, especially if they contain sensitive information such as data about individual students, employees, patients, clinical trial participants, donors, and others. If you are unsure what is expected of you, ask questions.

College policies require you to protect College information. If you aren't already, you need to become familiar with these current policies.

  • The Disclosure of College Records policy (UVa Financial and Administrative Policies Manual, Policy XV.C.1, http://www.virginia.edu/~polproc/pol/xvc1.html) establishes employee responsibility for the security of its information. This includes reports, memos, messages and accounting, student and personnel data. You may just see or hear the information or you may be asked to manipulate the information, record it or simply file it. The information may be on paper, on computer disk or tape or on audio- or videotape.

The policy states that all employees are responsible for protecting College records and that each department is required to make protection of this information a part of its overall business plan.

  • Retention, protection and filing practices and techniques for all files and records is governed by the state records management program (Code of Virginia, Chapter 7, Public Records Act, http://leg1.state.va.us). Where necessary the College will develop specific regulations and procedures for electronic media within departments needing
    • standards for electronic file organization,
    • measures for protecting sensitive information stored electronically, and
    • procedures for file backup and restoration.
  • The Family Educational Rights and Privacy Act, or FERPA, requires the College to protect the confidentiality of student educational records (see the Office of the College Registrar's related information). These include academic records, financial records, disciplinary records, medical records and placement office records.

To be in compliance, the College must obtain the written consent of a student before disclosing information. The right of a student to see his or her records does not extend to parents or guardians.

The College may not release directories, rosters, lists or address labels of students to parties not affiliated with the College when a student has requested that this information be withheld. And, the College may not post grades and test scores publicly using any personally identifiable information, without the written consent of the students involved.

  • The Gramm-Leach-Bliley Act requires that personally identifiable financial data, such as bank and credit card account numbers, be safeguarded against unauthorized access or use.
  • The Health Insurance Portability and Accountability Act requires that protected health information be safeguarded against unauthorized access or use.
  • Read and understand these policies and take time to see how they apply to your work responsibilities.
  • Ask questions if you are unsure of what is expected of you.
  • Be aware that student, employee, patient, clinical trial participant, donor and other personally identifiable information is the most sensitive information with which you may come in contact and should be treated accordingly. The College forbids the use of any data for one's own personal gain or profit, for the personal gain or profit of others, or to satisfy personal curiosity. Do not view or access data that are not required for the performance of your job.

IV. Email: Rules, Responsibilities, and Privacy

The College primarily uses Microsoft Outlook as the preferred email application and webmail is also available. 

You can expect that, except in specific circumstances, the content of the email files associated with your account will be treated as confidential by the College because it does not routinely examine or monitor such content, except when you have been notified in advance that such examination or monitoring is an expectation in your specific workplace. You should be aware, however, that email messages can sometimes be records that are subject to review with sufficient justification. They may be subject to Virginia Freedom of Information Act if they were produced, collected, received or retained in pursuance of law or in connection with the transaction of public business. They may lose whatever confidentiality they have if their release is compelled by orders issued through courts of law. Also, officials overseeing the College's disciplinary processes may rule that email or other files are evidence that may be reviewed as part of investigations. Under these circumstances, the privacy of your email is not guaranteed. To understand how OIT system administrators deal with requests for individual-account log or content information by persons other than the account holder, see http://www.uvawise.edu/oit/SecureComputing.

Although you might have downloaded and/or deleted your email messages, OIT's delivery systems work in such a way that messages may be preserved for a time as computer files on centrally-administered disks and at system back-up locations, so your capacity to control if and where copies exist is not absolute. The array of storage locations is another factor making the confidentiality of your email conditional. And, although some email programs allow for use of encrypted email, most still produce messages in plain text; they are like postcards in that others might view the messages in transit or those left in plain view.

Sometimes messages are so badly misaddressed that they cannot be delivered and will end up in the hands of computing staff for redirection. People often make mistakes in addressing their mail that puts private messages in the mailbox of someone other than the intended recipient. If you are the recipient of such a message, common courtesy dictates that you either return the message to the sender with a brief note explaining its misdirection or that you delete the message.

College procedures allow OIT's system administrators to view and modify any files, including email messages, in the course of diagnosing or resolving system problems and maintaining information integrity. OIT system administrators, as part of their jobs, are expected to treat any such information on the systems as confidential. However, if an administrator comes across information that indicates illegal activity, he or she is required to report the discovery to appropriate authorities. For example, electronic mail messages that carry threats to persons or their immediate families may be prosecuted and punished as felonies under Virginia law. If an OIT system administrator inadvertently encounters an email message containing a threat or other illegal content, it will be turned over to law enforcement officials.

College policies prohibit certain other kinds of email messages. For example, email, College computers, and the College network cannot be used by individuals for commercial purposes or for personal gain. Such policies pertain to email just as they do to any other College resource and are enforced when brought to the attention of appropriate College officials.

Large-scale mailings (to more than 1,000 addresses) impose loads on the College's electronic mail services. They should be used judiciously and often require approval from the president, executive vice president, other vice presidents or deans. You will be wise to coordinate any large-scale mailing with the College's email postmaster (postmaster@uvawise.edu). For guidance, see UVa-Wise Policies.

Email accounts are vulnerable to malicious use when others know the owner's computing ID and password; carefully protect your electronic identity from use by anyone other than you. Your email account is also subject to misuse when you leave open a computing session that you have begun in a College computing lab (or other shared-computer locations) or when you fail to logout from the College Web Mail service before you close your browser. It is prudent to reboot the computer you use in any shared-computer setting when you finish your work there or when you leave any workstation, even if you plan to return to it soon. You are held accountable for any misuse of your email account.

Other important tips related to email:

  • Remember, the email messages you send become the possession of the receiver. They can easily be redistributed by recipients, and rules of disclosure by their systems apply to mail they received from you. When in doubt, double-check the addresses of your intended recipients.
  • Do think before you send email—once sent, it is almost impossible to keep email messages from reaching their destinations.
  • Realize that College policy and secure passwords provide good but not complete assurance of the privacy of your email messages. When the confidentiality of a message is of the utmost importance, only a person-to-person conversation may be sufficiently secure.
  • Delete messages that should not be preserved.
  • Never send or forward chain mail, whether it promises fame and fortune, or even supposed donations for a sick child. In virtually every known case, the claims made by such messages are untrue. A message that has been forwarded ten or more times is by definition in our policy a chain letter. This policy violation is a waste of computing resources and a nuisance and often offends recipients.
  • Don't pass on unconfirmed rumors—especially about viruses—because they often only cause needless panic.
  • Don't open or execute attachments about which you have any question, even if they appear to be coming from a friend. Attachments have become an increasingly popular way of automatically distributing viruses, and your friend may not even know that his or her email account is being used for that purpose.
  • Configure your email program so that attachments are only opened when you choose to open them.
  • If you are sending attachments, include personalized text and specific references to the attachment (i.e., "Attached, in Word format, is my paper on...") to help the recipient know that the message and attachment are indeed from you.
  • College policy prohibits use of College resources, computing or otherwise, for commercial purposes.

V. About Web Pages and Individual Websites

The College's Web server and software tools provide the opportunity for you to develop and publish an individual website, if you are permitted to do so under the rules of your particular workplace. OIT's Training Services group and the College Library provide courses designed to help you create a website. Remember that you are expected to act responsibly when publishing Web pages, just as you are in all use of computing resources at the College.

Responsibility

All users of College computing systems must comply with the requirements of responsible computing in the College environment, as outlined here and in the full array of College computing policies (see UVa-Wise Policies). Individual users assume full legal responsibility for the content of their Web pages, and they must abide by all applicable local, state, and federal laws, including laws of copyright. Copyright law pertains to many types of materials, including cartoons, pictures, graphics, text, song lyrics, and sounds (including most MP3 and other files shared via so-called peer-to-peer procedures). See Section VI for additional important information about copyright.

The College is not responsible for the content of Web pages other than those defined as its "official" Web pages (the official Web pages of College schools, departments, divisions, and other units). As a neutral provider of computing services and access to the Internet, OIT does not review in advance or monitor the content of any materials transmitted, received, published or stored on or otherwise available through its systems. If OIT receives complaints regarding the content of such materials, it will refer the complaint to the appropriate disciplinary system within the College, and it will cooperate with any resulting investigation in accord with the policies, procedures, and principles described or cited in this handbook. You are also responsible for the way you handle information you gather using your Web pages (to review the College's practices for its own Web pages, see UVa-Wise Policies).

Assumptions about audiences who will see information you publish

You will be wise to remember the very public nature of information you disseminate on the Internet through the World Wide Web. Information in a Web page is often available to everyone who can get to the Web. You must not assume that your information is restricted to only a close circle of colleagues, or even to the University of Virginia’s College at Wise community.

Fundraising and Advertising

You may not use Web pages for fundraising or advertising for commercial or non-commercial organizations, except for College-related organizations and College-related events and in accord with policies governing these activities.

Use of the College Name, Logo, Seal, or Photographs

You may not use the College name in your Web pages in any way that implies College endorsement of other organizations, products, or services. You may not use College logos and trademarks, including the Highland Cavalier, the College seal or photographs copyrighted by the College. Photos from the College's home page and secondary pages are copyrighted by the photographers and cannot be used or reproduced in any form. Requests for permission to use the College logos or seal in Web or print publications should be directed to the Office of Media Relations (email kathy.still@uvawise.edu or phone (276) 376-1027.

VI. Copyrights: Ethical and Legal Use

As noted above, unauthorized use of copyright-protected or licensed materials (including, but not limited to, graphic images, movies, music or audio files, and written word) is a serious matter and is a violation of federal law. Any individual, who reproduces and/or distributes digitized copyrighted material without permission and in excess of "fair use" has violated federal digital copyright law, has put him or herself at real personal risk for a lawsuit brought by the copyright owner, has violated College policy and the Employee Standards of Conduct. An introduction to copyright law and College copyright policy is at http://library.uvawise.edu/CopyrightAndPlagiarism.

Individuals who use Peer-to-Peer (P2P) software, including but not limited to: LimeWire, FrostWire, KaZaa, iMesh etc., to listen to or view files over the network often unknowingly allow their computers to be used by the software to share these files and all the individuals' personal files with everyone on the Internet, therefore Peer-to-Peer software and/or applications are not allowed to be used and/or running on the College’s network.

Copyright laws and policies also apply to software. Most software available for use on computers at the University of Virginia’s College at Wise is protected by federal copyright laws. The software provided through the College for use by faculty, staff, and students may be used only on computing equipment as specified in the various software licenses. Licenses sometimes specify that you may use the software only while you are a member of the UVa-Wise community.

It is the policy of the College to respect the copyright protections given to software owners by federal law. It is against College policy for faculty, staff, or students to copy or reproduce any licensed software on College computing equipment, except as expressly permitted by the software license. Of course, faculty, staff, and students may not use unauthorized copies of software on College-owned computers.

It is worth repeating that at the University of Virginia’s College at Wise, unauthorized use of copyrighted material of all types is a serious matter. Any such use is without the consent of the College and is subject to College disciplinary action and possible prosecution through the federal court system.

VII. Good Citizenship in the Internet Community

As more than one writer has observed, the Internet isn't a thing; it is neither an entity nor an organization; it isn't owned or run by anyone. It is a world of millions of publishers with some of the characteristics of a frontier. The only code of behavior on that frontier is one that demands individual responsibility and accountability and that rewards those attributes with rational self-government, albeit quite limited in scope. The College provides Internet access to faculty, staff, and students with the expectation that they be good, accountable, and responsible Internet citizens. But, what does that mean in practical terms? You can be a good Internet citizen by following a few simple rules:

READ

and understand all applicable policies, including those pertaining to connecting personal equipment (see Section X) to the College network.

KNOW

what it means to take responsibility for your safety and security in the Internet environment and for deciding what is right and wrong in circumstances where often rules have not yet been written. You must take responsibility for educating yourself about the medium that you're using and for helping shape its use by good personal behavior.

BE AWARE

of the thousands of others who rely on the College's computers to do their work. Consider how your online behavior will affect them.

UNDERSTAND

that College policies that address failures of honesty and integrity, including theft, plagiarism, disruptive conduct and misuse of materials and property, must guide your computing activities, just as they guide your activities in the workplace, classroom, or elsewhere on Grounds.

 

DON'T

let colleagues, relatives, or any other person gain access to the College's computing resources through your account. Understand that you will be held accountable for any abuse of computing resources by persons who use your UVa-Wise computing ID and password.

DON'T

use computer accounts, computing IDs, and passwords that belong to someone else. To do so violates policy.

BE ACCOUNTABLE

for your actions. Hiding your identity to avoid responsibility for your behavior on the network or using someone else's network identity are—at a minimum—violations of policy, and they may be serious violations of law.

DON'T

play games that waste shared computing resources and have no mission-related purpose. You are not authorized to use your computer account or access to play such games.

KNOW

that local, state, and federal laws and regulations pertain to computing activities wherever appropriate—laws dealing with fraud, forgery, harassment, extortion, gambling, threats, copyright, obscene content, among others. Violators may be prosecuted.

BE WARY

of those who will (sometimes unknowingly) provide online information that is untrue or fraudulent. If you are not certain, ask.

KNOW

that messages you post to newsgroups or Web pages in an attempt to be humorous may not be received in that spirit. Remember that archives of newsgroups and Web pages remain accessible for years.

DON'T MISUNDERSTAND

Your access to computing resources can be revoked. In extending these resources, the College trusts faculty, staff, and students to make responsible use of them. If you violate that trust, you may lose access through various processes described elsewhere in this booklet.

VIII. Threats to Your Online Safety and Security

The Internet community is under regular attack—at varying levels of seriousness—from "outlaws." Such outlaws (both within our community and outside it):

  • steal other people's computing IDs and passwords;
  • disrupt computer systems and networks;
  • flood electronic mail systems with unwanted messages (spam);
  • send forged electronic messages from celebrities, politicians, the College president, a faculty member or, maybe, YOU;
  • post messages that threaten other people;
  • spread viruses;
  • subscribe others to mailing lists, or unsubscribe them, without their permission;
  • or invade the privacy of others.

Faculty, staff, and students who do these things at the University of Virginia’s College at Wise may lose computing privileges and suffer other severe consequences from the disciplinary entities at the College. They might also be subject to prosecution under state and federal laws.

Cracking Passwords

Your password may be guessed or "cracked" if you choose a common word, or a friend's or a pet's name, or your nickname, or the name of your favorite team or the name of a celebrity. Choose a password that combines letters, numbers, and special characters (for example, $, *, !). Whether you use your UVa-Wise computing ID and password or not, it is your responsibility to keep them secure. Do not let anyone talk you into "sharing." Don't keep your password and computing ID together. If you can remember your password without writing it down, that is best. Don't tell your friends—or anyone, even someone assisting you with problem solving—what your password is. Change your password regularly. For help choosing a good password, see http://www.uvawise.edu/oit/SecureComputing/good-passwords.

Crashing and Disrupting the System

Malicious computer users make the system stop working or perform poorly. It's like speeding, shop-lifting, spray-painting cars or slashing tires. These users find out, from a variety of sources—sometimes each other—about things they can do to disrupt the systems. In almost every instance, such behavior violates the law, and, in every instance, it violates College policy. Consequences are severe.

Forging Email

It is not hard to forge electronic messages. It also is usually against the law in its own right, and, in connection with the sending of unsolicited bulk email, may violate other state or federal laws.

"Spamming"

Spam is essentially the same message emailed over and over and broadcast to recipients who did not request it. Just because a message is annoying, off-topic or stupid doesn't make it spam; the defining characteristic of spam is the volume with which it is sent. Most common forms of spam violate Virginia law. Spamming is an international problem; however, unfortunately no one as yet has found an effective way to eliminate it. See http://www.uvawise.edu/oit/SecureComputing/FAQ to understand what you can and can't do about spam. In many cases, simply deleting the unwanted message is the best action you can take.

Restrictions on "Sexually Explicit Content" for government owned computers

Producing, exchanging and retrieving information electronically by taking advantage of computer technology presents valuable opportunities for the College. While employees and students are encouraged to use this technology, its use carries important responsibilities. The General Assembly of Virginia enacted an amendment to the Code of Virginia which places certain restrictions on the use of Government owned computers and College-owned networks. As required by the legislation we are providing you with a copy of the amended code section (click here for a copy).  Also, please refer to Virginia State Code 2.2-2827 for the Virginia State law on this matter.

Controlling Access to Your Computing Files

The College's computing environment is designed to be an open environment. Many faculty, staff, and students want or need others to view and use their computer information—their files. An instructor may want students to find a class assignment on the network. A student may want to share some information with friends. Computer systems are designed to let this happen.

 

But many faculty, staff and students do not want others seeing their messages, work or research. On computers, you can control who can see your files by protection settings. Use these settings as you would locks to keep your files private. However, malicious users realize that many people don't know how to use the settings. Get assistance in using the settings by contacting the Helpdesk.

Understand that the use of personal/personal use storage media, including but not limited to USB “thumb” drives, cell phones (including Android® and iPhones®), iPads®, College owned hard drives used for backup and stored on-site, external hard drives, Dropbox®, Sparkle Share®, and/or similar applications, “the cloud”, etc. is not encouraged and may lead to theft and/or exposure of data/information to known and/or unknown sources.  If you choose to store College data and/or information on such devices, said data/information cannot contain any sensitive and/or critical data including, but not limited to: Social Security Numbers; students, their personal information and/or their grades; ID numbers; personnel action items (i.e. evaluations, reprimands, terminations, etc.). Also understand that if you use these storage methods you will be required to grant the Office of Information Technology at The University of Virginia’s College at Wise, and/or their representative(s), the right and access to scan these devices/medias/accounts for disallowed/inappropriate content following proper procedure.  Furthermore, upon termination of employment, all College information/data must be removed from these devices/medias/accounts.  You must also understand and agree that neither UVa nor UVa-Wise, but you alone, will be solely liable for all compensation/fees/issues etc. stemming from any breach of security on these devices/medias.

Because some people don't know how to limit access to their files, sometimes information is left unintentionally unprotected. When people are good citizens of the Internet community, unprotected files are not a problem. Good Internet citizens respect one another's privacy. Persons who gain access to resources either by directly breaking into them or because they are just poorly protected violate the Ethics in Computing policy, among an array of other College policies could be subject to disciplinary action and/or legal ramifications. If you have any doubt about whether any resources or materials were intended to be public, ask the owner before you look. If you happen across resources or materials that you suspect weren't intended to be public, let the owner know. That owner may have no idea that he or she has left something open to worldwide viewing.

IX. What You Should Do if You are a Victim of Computing Abuse or Irresponsible Behavior

Unfortunately computer abuse, malicious behavior, and unauthorized account access do happen. Should any of these things happen to you, report them to OIT, your system administrator or other appropriate College authority. Computing resource abuse should be reported to the electronic mail address abuse@uvawise.edu. This step will alert a number of OIT and College staff to your situation. Abuse cases are handled individually and confidentially.

X. Security and Connecting Your Equipment to the College Network

If you connect your personal computer equipment to the University of Virginia's, College at Wise network, you are responsible for the security of your resources -- not only for risks to the resources themselves but also for the possibility that your unsecured resources can be used by anyone on the Internet as remote locations to mount attacks on other computing systems.

Any misuse of your equipment through your neglect in providing safeguards may be reason to deny access for your equipment to our network. "Neglect" in this instance may take many forms -- here are a few:

  • Failure to:
    • use a strong password
    • limit access to your equipment
    • keep files from unknown sources off your equipment
    • back up your files
    • use up-to-date antivirus software
    • keep your operating system up-to-date
    • keep application software updated
    • turn off or delete unneeded software features
  • Use of Unauthorized:
    • Equipment: routers, hubs, WAP's (wireless access points) etc.
    • Rogue servers; any computer running server services (this includes ICS)
    • subnets
    • illegally obtained and/or shared software
    • peripherals

There are now in effect requirements for student-owned computers and penalties for non-compliance. These are as follows:

 

All computers attached to the College network must have and maintain the following:

  • The operating system must have all current critical patches
  • An adequate anti-virus program with current virus definitions
  • Must not have a copyrighted material in a file-sharing program such as, but not limited to, KaZaa, Napster, or Windows file-sharing. *A violation of copyright laws may also result in local, state, and/or federal legal proceedings.

XI. Disciplinary Action for Abuse of Computing Privileges

Faculty and staff at the College have both rights and responsibilities. Faculty Rights and Responsibilities are listed in the Faculty Handbook available online through the World Wide Web at http://www.uvawise.edu/oit/SecureComputing/Policies/StaffHandbook. Staff will find similar information listed in the Human Resources Policies and Procedures Manual available at www.hr.virginia.edu/policies.html.

Prohibited conduct related to computer access and use for which faculty and staff may be subject to disciplinary action are defined in their respective "standards of conduct." Included are:

  • The use of obscene or abusive language (a Group I offense for staff, resulting in written notice; three "active" Group I offenses result in suspension without pay);
  • Unauthorized use or misuse of state property or records which includes electronic data (a Group II offense for staff, resulting in written notice and/or suspension without pay);
  • Willfully or negligently damaging or defacing state records, state property or other persons' property (a Group III offense for staff, resulting in written notice and removal or notice and suspension of up to 30 workdays without pay);
  • Falsification of records; and
  • Theft or unauthorized removal of state records, state property or other persons' property.

Of course, violations of law that occur in the context of computing activities also have serious consequences in each disciplinary system at the College.

Sanctions involving central College computing and communications resources for violation of policy or for law are set by the various disciplinary entities, then communicated to and carried out by OIT. In instances of immediate threat to the computing and communications systems, OIT takes direct and immediate action to safeguard the resources it is charged to protect.

XII. How OIT Handles Computer Violations

OIT will investigate allegations of faculty, staff or student abuse of computing resources. Briefly, for faculty and staff:

  1. 1.        When OIT is notified (usually through abuse@uvawise.edu) that a faculty or staff member appears to be abusing computing resources, all of his or her computing privileges may be suspended immediately when such an action is warranted to protect the computing resources and to assure reliable service to the rest of the community.
  2. 2.        Depending on the nature and severity of the infraction, often, OIT staff will notify the faculty or staff member through phone contact, electronic or U.S. mail of the apparent violation and a copy and/or notification may be sent to HR and/or the Provost. Frequently, the matter is resolved at that step by explanation from the faculty or staff member, and, in the case of minor issues, assurance from the faculty or staff member that the behavior will not continue. If computing access has been suspended, it is usually restored at successful conclusion of this step.
  3. 3.        If the alleged infraction is a crime and/or of a severe nature and/or if the matter cannot be resolved at Step 2, OIT may refer the matter through College offices responsible for disciplinary processes, the choice of which depends on the role of the person alleged to have committed the misdeed (i.e., the person's supervisor, the Office of the Provost, the Office of Human Resources), or through law enforcement officials if the matter involves an apparent violation of law. Computing access may remain suspended during these processes. Sometimes, individuals in the College community who are complaining about the behavior take the matter directly to those College disciplinary entities or to law enforcement.

XIII. UVa-Wise Computing Policy Digest

It is your responsibility as a user of the University of Virginia’s College at Wise's computers and networks to be familiar with the policies that govern their use. By using your computing ID at UVa, you automatically agree to abide by all of the policies, terms, and conditions, including but not limited to the information in this publication and the policies posted at www.uvawise.edu/academicaffairs/faculty_handbook and UVa-Wise Computing Policies.

Have further questions? Please contact the IT Security and Policy Coordinator or the Help Desk.