SUNY Oneonta's Information Technology resources are intended for the exclusive use of people having a relationship with the institution who have been assigned a valid user account. SUNY Oneonta information technology facilities are a valuable resource for campus use, and they should be conserved. This policy defines the acceptable use of the Information Technology resources, both physical (computers, networks, etc.) and informational (passwords, data, software, etc.).
Information and access to it are essential to the educational mission and the business processes of SUNY Oneonta. Information Technology must be used in a way that does not unreasonably compromise users’ privacy, the security of information or availability of resources to support the work of the SUNY Oneonta community.
Applicability of the Policy
This policy applies to anyone who uses any of SUNY Oneonta's Information Technology resources.
Policy Elaboration Individual Accountability
Use of Information Technology resources by an individual will be granted through an assigned user account or accounts. Usernames and passwords will be issued to employees and students through the Account Creation process or other processes as required. Access for others will be granted through the Sponsored Account process or other processes as required. Acceptance of this policy is required to obtain an account and access to Information Technology Resources. Oneonta passwords must not be shared and must be protected from malicious use. The user is responsible for any activity related to their accounts. Changing another person's password or representing another person without their authority is prohibited. A specific individual will always be responsible for activity in any cooperative account, such as a club or departmental accounts. Users are responsible for their use of Information Technology resources including accounts and usernames. The following uses are not permitted based on the New York State Information Technology Policy IT Best Practice Guideline:
- Writing personal communications in a manner that could reasonably be interpreted as official State or SUNY Oneonta policies,
- Conducting of outside employment or self-employment activities or private marketing or private advertising of products or services not related to SUNY Oneonta activities,
- Engagement in political activity,
- Soliciting for or promoting any not-for-profit, religious, political or personal causes, except in cases where SUNY Oneonta has endorsed such activity.
- Obtaining personal services, including but not limited to dating or social network sites for personal use (ex. using an assigned email account to sign up for a personal Facebook site), except in the case of students
- Mass distribution of any communication, including “chain” letters, except as permitted in SUNY Oneonta’s Broadcast Email Policy, Transmitting rude, obscene or harassing material via any electronic facility provided by SUNY Oneonta could be considered harassment.
Users should take care to avoid sending, forwarding or otherwise transmitting material that may be considered harassing. Users should be aware that federal Telecommunications legislation specifies penalties for harassment, the transmission of indecent material and for the transmission of indecent material to people, or available to people, under 18 years of age even at their request. Inappropriate display of offensive material may be considered harassment.
Unauthorized access to restricted databases, servers or networks is prohibited and will be considered a violation of this Policy. Addition of a server or any other device on any of the SUNY networks must be authorized by the departments of technology services. Users must not browse, access, copy or change other users’ files, nor change public files without authorization. Users must not attempt to modify any computer system or software in any unauthorized manner. The use of malicious software, such as "worms" and "viruses" destructive to computer systems, is illegal. Users are prohibited from circumventing, probing or scanning security measures unless such activity is included in their job duties.
Users should be aware that information content may be protected by copyright laws. Ownership of information should be considered prior to use. Users of SUNY Oneonta's Information Technology resources should be aware of their responsibilities under intellectual property laws including United States Copyright Law and the Digital Millennium Copyright Act. Copyrighted software must only be used in accordance with its license or purchase agreement. Users do not have the right to receive and/or use unauthorized copies of software or make unauthorized copies of software for themselves or others.
Personal use should be subordinate and subject to the educational and business needs of SUNY Oneonta and not interfere with the conduct of the institution's business. Personal use should not interfere or disrupt in any way other users, SUNY Oneonta’s Information Technology systems, network users, services or equipment.
Personal Use by Non Students
Personal use of SUNY Oneonta’s Information Technology systems should be limited and consistent with the requirements of Executive Order No. 7 (concerning the personal use of State Property). Where the personal use of such Information Technology systems has been granted, such use should be permitted only with the restrictions outlined below. Personal use should only account for an incidental amount of a user’s time. Personal use is restricted to SUNY Oneonta employees and is not extended to the employee’s family members or acquaintances.
Personal Use by Students
Personal and recreational use of SUNY Oneonta's Information Technology resources is permitted for students. Recreational use such as game playing, the use of social media, and the viewing of online television and videos must not impede academic uses.
Violations of this Policy for the Use of Campus Information Technology are treated like other academic dishonesty or misuse of property violations consistent with Federal, State, SUNY and SUNY Oneonta policies. Violators may also be billed for illegal use of the computer systems and may be prosecuted for statutory violations.
SUNY Oneonta will make every effort to ensure but cannot completely guarantee the privacy of email because of the nature and technology of electronic communication. Users should expect that email may be insecure because of external factors such as lost or stolen passwords and computer "hacking." Confidential or personally identifiable information should only be transmitted in the most secure manner available. Users should be aware that SUNY Oneonta's backup files may contain copies of email messages and electronic files even if those email messages or files have been deleted from the users' accounts and network drives. Though email messages, electronic files, and network use are not routinely monitored, the institution does maintain the right, as owner of the campus network and servers, to review, monitor or forward them. Such files may also be subject to the NY State Freedom of Information Law.
Permission to monitor or review email or electronic files or network activity may be granted by the SUNY Oneonta President or their designee under the following circumstances:
- Abuse has been reported and must be investigated,
- There is an imminent risk to health or safety,
- Investigations of alleged inappropriate activity related to an individual’s employment or studies,
- When the institution is legally required to do so.
Permission to monitor or review email or electronic files under the following circumstances may be granted by the Information Security Officer (ISO) or their designee:
- It is required to diagnose and resolve technical problems.
- SUNY Oneonta has a legitimate business purpose to do so (such as following the termination, death, or extended absence of an employee). In such cases, the access must be approved by the SUNY Oneonta ISO or designee and the Dean, AVP, or Chief Officer for the employee's school or area. The SUNY Oneonta ISO or designee will provide access for the supervisor to determine which files are pertinent. The files will be copied or forwarded to a location accessible by the supervisor or their designee(s). No other files will be copied. Original files associated with the account will not be moved, deleted, or altered. The original files and accounts will be disabled and deleted in accordance with established SUNY Oneonta policies.
Information Security Officer –Designated by the President, the Information Security Officer (ISO) is responsible for overseeing Oneonta’s IT Security environment. See Section 2 of SUNY Oneonta’s Information Technology Security Program.
Information Technology resources - Computers, notebook computers, mobile devices, servers, computer networks, network connections, modem connections and any other device that involves computing and/or network connectivity. It also applies to computer files, programs, or data stored on floppy disk, hard disk, magnetic tape, CD-ROM, cartridge, removable hard drives, zip drives, flash drives, network storage or any other digital storage media.
Username - An individually assigned unique computer identifier. Also known as user code or user-id.
User Account – Any account assigned to an individual to provide access to various IT resources. Common accounts include domain accounts providing, among other things, login to computers; email accounts; Banner or Webservices accounts; and Angel Course Management accounts.