REFERENCE:N.J.S.A. 18A:64A-12(o); N.J.S.A. 47:3-8.1 et seq.; 18 U.S.C. §2530 et seq.
PURPOSE: To maintain the integrity and security of the College’s property and information, particularly in light of rapidly growing technology.
- The College has provided computer and communication systems to employees to support the conduct of its business. These systems include individual PCs provided to employees, all associated software, the College’s telephone, voice mail and electronic mail systems, all centralized computer equipment, and the local and wide-area networks. No use of these systems should ever conflict with the primary business purpose for which they have been provided, with the College’s ethical responsibilities or with applicable laws and regulations. Each user is personally responsible to ensure that this Regulation is followed. Access to the College’s computer and communications systems is a privilege and must be treated with the highest standard of ethics. All members of the community are expected to use computing and information technology resources in a responsible manner.
- All data in the College’s computer and communication systems (including documents, other electronic files, e-mail and recorded voice mail messages) is the property of the College. As such, it is subject to disclosure to law enforcement and other third parties. Consequently, employees should always ensure that the business information transmitted via the College’s computer and communication systems is accurate, appropriate, ethical and lawful.
- The College may inspect and monitor such data at any time. No individual should have any expectation of privacy for messages or other data recorded in the College’s systems. This includes documents or messages marked “personal and confidential” or “private,” which may be inaccessible to most users but remain available to the College. Likewise, the deletion of a document or message may not prevent the College’s access to the item or completely eliminate the item from the system.
- The College strives to maintain a workplace free of harassment and sensitive to the diversity of its employees. The College’s systems must not be used to create or transmit material that is derogatory, defamatory, obscene or offensive, such as slurs, epithets, cartoons, images, jokes or anything that might be construed as harassment or disparagement based on race, color, national origin, sex, sexual orientation, age, physical or mental disability, medical condition, marital status, or religious or political beliefs. Similarly, the College’s systems must not be used to solicit or proselytize others for commercial purposes, causes, outside organizations, chain messages or other non-job-related purposes. Nothing in this policy shall prohibit the use of the College’s computer system or Internet access for the purpose of legitimate academic research. However, where such research involves the viewing, copying, downloading or printing of materials which may be considered derogatory, defamatory, obscene or offensive by others, such viewing, copying, downloading or printing of these materials must be performed in a manner which prevents their disclosure to persons who have not knowingly agreed to view their contents.
- Security procedures in the form of unique user sign-on identification and passwords have been provided to control access to the College’s host computer system, networks and voice mail system. The following activities, which present security risks, should be avoided:
Illegal Security Activities:1. Attempts should not be made to bypass, or render ineffective, security facilities provided by the College.
2. Passwords should not be shared between users. If written down, passwords should be kept in locked drawers or other places not easily accessible.
3. Document libraries of other users should not be browsed unless there is a legitimate business reason to do so.
4. Changes or modifications to the hardware configuration of computer equipment should never be made by individual users. Requests for such changes should be directed to Information Technology.
5. Additions to, or modifications of, the standard software configuration provided on the College’s PCs should never be attempted by individual users (e.g., autoexec.bat and config.sys files). Requests for such changes should be directed to Information Technology.
6. Personal software should never be loaded to the College’s computers by individual users. This practice risks the introduction of a computer virus into the system. Requests for loading such software should be directed to Information Technology.
7. Information must be downloaded from trusted, recognized and reliable sources. The failure to download from an appropriate source may subject the College’s computer system to viral contamination and/or security breaches. Users are expected to demonstrate respect for intellectual property, ownership of data and system security mechanisms.
8. The College’s computer facilities should not be used to attempt unauthorized access to or use of other organizations’ computer systems and data.
9. Computer games should not be loaded on the College’s PCs.
10. The College purchases and licenses the use of computer software for business purposes, and does not own the copyright to this software or its related documentation. No employee shall remove or copy such software from any of the College’s computers. The Department of Information Technology, alone, is authorized to install, copy and remove software on any of the College’s computers.
11. Unlicensed software should not be loaded or executed on the College’s PCs.
12. Software documentation for programs developed and/or licensed by the College should not be removed from the College’s offices.
13. The location or installation of computer equipment in offices and work areas should not be changed by individual users. Requests for such changes should be directed to Information Technology.
- There are a number of practices which individual users should adopt that will foster a higher level of security. Among them are the following:Basic Security Guidelines:1. Turn off your personal computer when you are leaving your work area or office for an extended period of time.2. Exercise judgment in storing documents on the College’s networks, based on a realistic appraisal of the need for confidentiality or privacy.
3. Remove previously written information from diskettes before copying documents on such diskettes for delivery outside the College.
4. Back up any information stored locally on your personal computer (other than network-based software and documents) on a frequent and regular basis.
5. Be careful when addressing and sending messages to avoid confidential messages from being delivered to the wrong hands. Check the message header for accuracy (particularly where people share the same last name and first initial) before sending it. Once sent, a message cannot be stopped from being delivered.
g. Any questions about this Regulation, should be directed to your area head. In an effort to provide you with some guidance, the following are only examples of the common types of conduct which (in addition to other conduct) is not acceptable under this Regulation and which constitute violations of the Regulation:
Violations of the Computer & E-mail Usage Regulation:
1. Sending or posting discriminatory harassing, or threatening messages or images;
2. Using the College’s time and resources for personal gain;
3. Stealing, using, or disclosing someone else’s code or password without authorization;
4. Violating the copyright law;
5. Failing to observe licensing agreements;
6. Engaging in unauthorized transactions that may incur a cost to the College or initiate unwanted internet services and transmissions;
7. Sending or posting messages or material that could damage the College’s image or reputation;
8. Participating in the viewing or exchange of pornography or obscene materials;
9. Sending or posting messages that defame or slander other individuals;
10. Attempting to break into the computer system of another organization or person;
11. Refusing to cooperate with a security investigation;
12. Sending or posting chain letters, solicitations, or advertisements not related to business purposes or activities;
13. Using the Internet for political causes or activities, religious activities, or any sort of gambling;
14. Jeopardizing the security of the College’s electronic communication systems;
15. Sending or posting messages that disparage another College’s products or services;
16. Passing off personal views as representing those of the College;
17. Sending anonymous e-mail messages; and
18. Engaging in illegal activities.
- Any employee who violates this Regulation may be subject to disciplinary action up to and including termination, as well as, civil liability and/or criminal sanctions.
Revised by: The Executive Vice President
Approved: 12/01/99 The President’s Cabinet
Distribution: Standard (Reg. 1-2) plus College-wide