Information Technology Policy

Internet Usage Privacy Policy

1.0 Purpose

Chowan University provides numerous information technology resources to benefit all members of the university community. These resources include web sites, email, course management systems as well as computer systems such as MyCU which are more specialized in their use and application. The University also provides network and Internet access through its campus networks to members of the campus community.

All of these resources allow users to communicate with each other, the University, and to gain access to data with greatly increased ease and efficiency.

2.0 Scope

This policy applies to all users of university technology resources, which is defined as all information technology network equipment, facilities, and services made available to Chowan University and the data stored there. The term information technology includes all university owned and operated computers, software, hardware, and switch infrastructure.

3.0 Policy
Information that is transmitted across university resources will be recorded. That information will include but not be limited to the following items:

  •  Internet address of the computer being used
  •  The web pages requested or viewed
  •  The network software accessed
  •  The web page which referred the user to any CU web page
  •  The internet browser used
  •  The date, time, and duration of the activity
  •  The accounts accessed
  •  The volume of data stored and transferred

This information will be tied to an individual’s account and can be requested by a supervisor at any time. That request must initially go to Human Resources. The HR director will evaluate the request and either deny the information to the requestor or officially inform the Assistant VP of Information Technology that there is a valid request and to provide the information to the requestor.

4.0 Review and Modification

Any amendments to this policy must be forwarded to the Assistant VP of Information Technology for review. That amendment would then go before the senior staff for review before becoming final.

Mobile Device Acceptable Use Policy

1.0 Overview
This policy defines Mobile Device use for all University employees on University-owned mobile devices.

2.0 Purpose
The University provides employees reliable technology for business purposes while maintaining security, legal compliance, and system integrity. These mobile devices can be, but are not limited to, laptops, tablets, PDAs, or cell phones. Any of these devices that connect to a University resource is a potential security threat and must be managed the same as a University desktop. Standard security practices for login and data retention should be used.

3.0 Scope
This policy applies to all University employees (including but not limited to administrators, faculty, staff, and contractors) and all University-owned mobile devices. This also applies to personal devices that are used to access University resources including email.

4.0 Policy
It is the responsibility of any employee of the University who uses a mobile device to access University resources, including email, to ensure all security protocols normally used in the management of data be applied. Any mobile device used must be utilized appropriately, ethically, and responsibly.

4.1 Access Control

1. Information Technology (IT) reserves the right to refuse the ability to connect mobile devices to the network if that equipment is deemed to put systems, data, or employees at risk. This decision will be made by either the Vice President of IT or the Network Administrator
2. End users wishing to connect their devices must register them with the IT department before being allowed on the network.

4.2 Security
1. All users of mobile devices must employ reasonable physical security measures. End users are expected to physically secure all mobile devices whether they are in use or being carried.
2. All mobile devices except phones must be protected with strong passwords, and follow the University password policy.
3. Any phones should be protected by a pattern or PIN.
4. It is incumbent on the user to report any lost or stolen device to IT immediately. If recovered, the device can be submitted to IT for re-provisioning.

4.3 Data
While mobile devices should be used to access University resources during the course of normal work duties, there is never an instance in which storing data with personally identifiable information such as student IDs or social security numbers on the device is acceptable. This is strictly forbidden and will result in at least a loss of network privileges and possibly up to job termination.

5.0 Revision History

Version 1.0 |  Date 11/2/2016 |  Author Jay Howell | Revisions Original 
 

Chowan University Email Policy

1.0 Purpose
This email policy is intended to help employees and students understand the acceptable use of university issued email addresses. Email services are provided by the University to support its primary role of education and any other associated functions.

2.0 Scope
This policy applies to all faculty, staff, students, alumni, retirees, and contractors that have been issued an active university email address. This policy applies to the use of sending or receiving emails and attachments with a university supplied address.

3.0 Responsibilities
Individual users are responsible for the account that have been assigned to them. The use of email by these individuals assumes and implies compliance with this policy. The University expects individuals to use their assigned email accounts in a manner that does not violate university policy or community standards, violate the privacy rights of its employees and students, discloses confidential information of the university or otherwise detract from or cause harm to the University and/or individuals employed or associated with the university.

4.0 Policy

4.0.1 University use of email

Email is the official means for communication within the University. Therefore, the University has the right to send emails to any authorized user and expect those communications will be received and read in a timely fashion.

4.0.2 Assignment of email addresses
The University Information Technology department will assign email address using the naming convention used for that group of users. Students will be created using the first letter of their first and middle name, their last name, birth month, and birthday. For example, John Q. Doe born on January 10 would be JQDoe0110@chowan.edu. Faculty and staff are created using the standard naming convention of the first five characters of their last name followed by their first name initial. An example would be John Doe’s email address is DoeJ@chowan.edu.

4.0.3 Email retention
The University uses Google Apps for Education to provide email services to its users. Email is not designed to be a record retention system and the University follows Google’s policies regarding email and retention. Any email address that is removed from the system results in that user’s emails and records of those emails being removed at the same time. Any deleted email in an active account will remain in trash until Google’s policy removes it forever. The University will cooperate with any request for discovery of an account, upon the approval of the Vice President for Human Resources, but it is understood if items are outside of the time frame dictated by Google, then the University will not be able to comply with the request. Students that have left school the previous academic year are removed from the system at the beginning of the next fall semester. With the exception of retirees, faculty and staff are removed at the end of their last day as an active employee.

4.0.4 Expectation of Privacy
The University recognizes the importance of privacy in an academic setting and will not routinely monitor a user’s email. There are certain circumstances in which the University might monitor, access, or disclose a user’s communications without permission of that user. These circumstances can include the following:

  •  When required by a legal authority;
  •  To preserve the health and safety of a user or other individual;
  •  To maintain the integrity of the network or other university systems;
  •  When there are grounds to believe a breach of university policy or violation of the law has taken place.

4.0.5 Procedures

The Executive Director of Information Technology will review this policy as needed and reserves the right to change it at any time. Any changes will be published to the Chowan website and the next printing of the student handbook.

Chowan University Password Policy

Purpose

The purpose of this policy is to create a standard for the creation of passwords, frequency of change, protection, and resetting of those passwords on Chowan University accounts and systems.

Scope

This policy covers any personnel including, but not limited to faculty, staff, students, alumni, and guests, that have an account or access to a system controlled by the Chowan University.
System Requirements

  •  Information Technology (IT) requires new users to enroll in SSRPM (Self Service Reset Password Management).
  •  The previous eight passwords may not be reused.
  •  Passwords must be changed every 180 days.

Individual Responsibilities

  •  Create a strong password
  •  Safeguard the password. For example, do not write it down or store it any place where it can be discovered.
  •  Never share a password with a roommate, friend, or other acquaintance.
  •  Reserve these credentials for Chowan University accounts and access only. Do not use these credentials for external web sites, banking, online purchases, music services, or other services on the web.

All use of a Chowan University account and access is assumed to be by the person assigned to that account. Account owners are held responsible for all activity on their account. Failure to conform to these rules my lead to suspension of account privileges.

Password Creation Guidelines
Passwords must meet the following minimum requirements:

  • Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
  •  Be at least eight characters in length
  •  Contain characters from three of the following four categories:
    •  English uppercase characters (A through Z)
    •  English lowercase characters (a through z)
    •  Base 10 digits (0 through 9)
    •  Non-alphabetic characters (for example, !, $, #, %)

Support
Enrollment in the SSRPM allows account holders to unlock, reset, and change their passwords. If the user’s account in inaccessible, he or she can stop by the IT department’s offices with appropriate identification and the password can be manually reset.

Policy Date: May 10, 2016

Chowan University WWW Disclaimer

The Chowan University Web servers promote the University to the general public and assist users both on and off campus to find information about the University, its programs, and the people that make up the Chowan community.

The Chowan University servers and the information maintained and referenced on them are provided "as is" with no warranties of any kind. Chowan University disclaims all liability of any kind arising out of your use of, or misuse of, these servers and the information contained and referenced within them.

All parties storing materials on the Chowan University Web represent and warrant to Chowan University that the installation, copying, distribution, and use of such materials will not violate any other party's proprietary rights and that these materials do not contain any libelous or defamatory content.

While University departments will make every effort to ensure the accuracy of material published on the Web, discrepancies may sometimes exist between printed and electronic information. In any such case, the printed version of the material should be considered the official version. If you have questions about any information that appears on the Chowan web, please contact the originating department directly. Opinions expressed in personal or non-departmental home pages should be construed as those of its author, who is responsible for the information contained therein. If you have questions or comments about a particular page or document, please contact its author directly.

It is a violation of legal and ethical standards to claim someone else's work as one's own. Written permission of the person or organization possessing ownership must be secured before use of any trademarked or copyrighted material. Unauthorized use and/or distribution of others' intellectual property (including but not limited to text, images and software) is theft.

The University assumes no responsibility, legal or otherwise, for the content of individual home pages. Any claims asserted against an individual author for material contained in his or her home page shall be the responsibility of that individual author.

Information Technology (IT) is responsible for operation of the University computing services and for the design and maintenance of the Chowan University home page. IT is not responsible for the completeness, accuracy, or timeliness of information provided by other departments or individuals. However, if you have any general comments, suggestions, or concerns about Chowan's pages, please do not hesitate to direct them to the IT office (website@chowan.edu).

Use Of Computers and Data Policy

I. Purpose

The purpose of this policy is to define responsible and ethical behavior of all users in order to preserve the availability and integrity of university resources.

Chowan University provides and maintains computing and telecommunications technologies through the Office of Information Technology and various departmental computer systems. The university relies heavily upon these systems to meet educational, informational, operational, and financial needs. These systems and machines must be protected from misuse and unauthorized access. Chowan's computers, computer systems, and computer networks, as well as the data they store and process, must be operated and maintained in a secure environment and in a responsible manner. This policy applies to all university computer systems and refers to all hardware, data, software, and networks associated with these computers.

This policy covers all computers and servers ranging from single user personal computers to those connected to any university network. Academic departments may have individual policies in addition to this general policy. In addition to this acceptable use policy, users of these computer systems are subject to applicable state and federal laws.

Computing resources are provided to support the education, research, and work of its students, faculty, and staff. The priorities for use of these resources are:

HIGHEST: All education, research, and administrative purposes of Chowan University.
MEDIUM: Other uses indirectly related to Chowan’s purposes with education or research benefit, including personal communications.
LOWEST: Recreation, including game playing.
FORBIDDEN: Includes, but is not limited to, selling Chowan’s resources, commercial activities not sanctioned by the President’s office, intentionally denying or interfering with service, unauthorized use or access, reading or modifying files without proper authorization, using the technology to impersonate another, violations of laws or other Chowan policies.

II. Computer Use Guidelines

To ensure continued compliance with computer usage guidelines, Chowan University designates certain personnel to investigate alleged computer abuses. The university reserves the right to examine files in such cases.

A. Use of Chowan Facilities

All users (students, faculty, staff and authorized others):

• should report any malfunction to the person on duty or to the organization responsible for the facility immediately. Do not attempt to move repair, reconfigure, modify or attach devices to the systems.
• are requested to finish any food or drink before using computing facilities.
• are to recognize that academic use of the workstations have priority over all other uses. Recreational use in computing facilities is permitted during periods of light usage; however, you may not play games or engage in other recreational activities when others are waiting to use the workstations for academic purposes.
• must realize that individual computing center facilities and other university facilities may post additional operational rules and restrictions that are considered part of this policy.
• must not load or modify any software onto any hard drive without specific prior permission of the system administrator or custodian of the files.

B. Authorization and Security

For each user, authorization to computer resources includes, but is not limited to, electronic mail, administrative records, library services and departmental-specific programs.

Each user:

• must have a valid, authorized account and may only use those computer resources which are specifically authorized;
• may only use his/her account in accordance with its authorized purpose;
• is responsible for safeguarding his/her computing accounts and should change passwords often to ensure privacy and security.

C. Honor Code

Users:

• must not use the computer systems to violate any rules in the Employee Handbook or the Chowan University Student Handbook or any local, state, or federal laws.
• should disclose to the appropriate authorities misuses of the computing resources or potential loopholes in computer systems security and cooperate with the systems administrator in the investigations of abuses.

III. Common Forms of Computer Abuse

Misuse or abuse of the university's computers, computer systems, computer networks, programs and data is forbidden. Violations in the areas listed below will be considered academic misconduct, misdemeanor, or felony as appropriate to the situation and will be dealt with accordingly (see Section IV of this policy).

A. Privacy

Violations of the university's or another user's privacy include, but are not limited to, the following:

• attempting to access another user's computer files without permission;
• supplying or attempting to supply false and misleading information or identification in order to access another user's account;
• the unauthorized "borrowing" or examination of another user's output;
• deliberate, unauthorized attempts to access or use the university's computers, computer facilities, networks, programs, data, or any system files other than those designated for public access;
• connecting a wireless access point to the network without authorization by the Information Technology department;
• the unauthorized manipulation of the university’s computer systems, programs, or data;
• the unauthorized capturing of computer network data directly from the network backbone or networking media.

B. Theft

Violations in this area include, but are not limited to:

• abusing specific computer resources such as the Internet
• attempting unauthorized access to computers outside the university using the university's computers or communication facilities;
• removing any computer equipment (hardware, software, data, pictures, articles, or books) without proper authorization;
• copying, attempting to copy, or distributing copyrighted or licensed software, data, pictures, articles, or books without proper authorization.
• abusing printing resources such as printing material that is not academic related or pertaining to university business.

C. Vandalism

Alteration or attempted alteration of programs, digital data or other files, as well as resource or equipment destruction or disruption is considered vandalism. Violations include, but are not limited to:

• the installation of software or the intentional spreading of viruses which causes harm to computer systems or to another user's account;
• tampering with or obstructing the university's computer systems; • inspecting, modifying or distributing data or software without proper authorization or attempting to do so;
• damaging computer hardware and software.

Any intentional attempt to harm or destroy data or equipment will result in immediate cancellation of user privileges and require restitution.

D. Copyright Issues

The university owns licenses to a number of proprietary programs. Users who redistribute software from the computing systems break agreements with the university’s software suppliers as well as applicable federal copyright patent and trade secret laws. Therefore, the redistribution of any software from computing systems is strictly prohibited except in the case of software, which is clearly marked as being in the public domain. Chowan University will not provide legal defense for individuals who may be accused of making unauthorized copies.

If the university is issued or fined because of unauthorized copying or use by students, faculty or staff, it may seek payment from the individuals as well as subject them to disciplinary action that may include expulsion or dismissal. Violations include, but are not limited to copying, transmitting or disclosing data, software or documentation without proper authorization.

E. Harassment

Harassment of others may be the sending, viewing or printing of unwanted messages or files. Violations include, but are not limited to:

• interfering with the legitimate work of another user;
• the sending of abusive or obscene messages via computers;
• the use of computer resources to engage in abuse of computer personnel or other users.

F. Games, Chain Letters and Miscellaneous

Unethical, inappropriate, or illegal use is prohibited. Uses commonly considered unethical include, but are not limited to:

• sending chain letters or unauthorized mass mailings. Chain letters and unauthorized mass mailings may be prohibited by State and Federal law;
• using the network for non-professional or illegal activities, which may include obscenity, pornography, threats, harassment, copyright infringement, defamation, theft, or unauthorized access.

IV. Penalties

Misuse or abuse of computing services is not simply unethical; it can be a violation of user responsibility as well as Federal law. Therefore, Chowan University will take appropriate action in response to user misuses, unethical use, or abuse of computing services. Actions may include, but are not limited to the following:

• access to all facilities and systems may be suspended temporarily or removed permanently;
• legal action may be taken to recover the damages;
• referral to law enforcement authorities outside Chowan University;

Alleged abuse or misuse of computing services by students, faculty or staff will be referred to the Director of Information Technology. If evidence of a violation is found, the matter will be dealt with by the Director of Information Technology or referred to the Vice President of Academic Affairs and/or the Vice President of Student Affairs and be treated as misconduct, misdemeanor, or felony as appropriate. After referral to the appropriate office, violations, depending upon their gravity, will result in sanctions ranging from the following:

• suspension of the user’s account until the user has a conference with the Director of Information Technology.
 • suspension of the user’s account for a period of one week.
• suspension of the user’s account for the remainder of the semester
• preliminary suspension
• suspension from the university
• expulsion from the university

A user has the right to a fair hearing by the appropriate disciplinary committee concerning the policy violation and the disciplinary action recommended.

V. Distribution of this Policy

Chowan University will ensure that all users are aware of the policy by publishing and distributing it inappropriate media to reach all faculty, staff and students.

Revised and endorsed by the Director of Information Technology, Jay Howell 10/17/2006 

Your Responsibilities as a Member of the Chowan Network

Chowan University provides access to its computer network to members of the campus community, and promotes the development of a community of electronic learners with rights and responsibilities. The Chowan computer network is essential to meeting the educational, informational, operational, and financial needs of the institution. The university provides access to the network with the understanding that network use, like other areas of campus life, will be guided by the university mission statement. Chowan’s mission statement is:

Chowan University is a four-year coeducational institution committed to excellence in teaching, learning, and service. The university provides the environment for students to become learners who possess the skills, knowledge, creativity, and ethical values necessary to survive and flourish in a rapidly changing, culturally diverse, global society. Chowan University, as a church-related institution, was founded upon and is dedicated to Judeo-Christian values. Consistent with this heritage, the university is guided by the historic principles of religious and intellectual freedom, academic excellence, the dignity and worth of each individual, an atmosphere of open dialogue, freedom of inquiry and expression, and a moral commitment to the pursuit of truth.

The university fulfills its mission with a careful blend of both liberal arts courses and professional courses. Recognizing that such a blend of knowledge and experience is particularly suited to the needs of contemporary society, Chowan takes as a priority the need to connect general education with specialized education, theoretical learning with practical learning, and intellectual skills with vocational skills. These connections are emphasized throughout the four years normally required to satisfy graduation requirements.

The university meets the academic, social, and spiritual needs of its students by affording personal attention in a caring context, providing extracurricular opportunities which facilitate positive life experiences, furnishing diverse programs maintained in appropriately appointed physical facilities, promoting and supporting the ideal of responsibility to self and others, and employing a qualified and diverse faculty and staff who are committed to the mission of the institution.

The campus computer network is part of that “environment” in which the university expects students to demonstrate their developing “skills, knowledge, creativity, and ethical values.” When you use the campus computer network, you do so as a member of a community of learners who share “a moral commitment to the pursuit of truth.” Responsible participation in this community requires respecting the values inherent in the university’s mission and abiding by policies that ensure the mutual benefit of all members of the community.

Respecting the Values Inherent in the University’s Mission

In accordance with its mission, Chowan upholds certain standards of community decency, promotes the development of ethical values, and emphasizes personal responsibility. The values inherent in the university’s mission statement have specific implications for how the university’s computer and other resources will be used. These include:

a. Academic Excellence—To insure that computer resources are used in ways that promote academic excellence, educational use has priority over other uses. Use of the network in ways that limit others’ educational use—such as time-consuming or multiple-terminal-consuming game playing or excessive message-sending during peak lab hours—violates the university’s commitment to academic excellence by interfering with others’ use of the computers to pursue educational goals. Talking and noise making in the computer labs also diminishes others’ opportunity to use the computer resources for educational purposes. Computer labs are designated only for Chowan students, faculty, and staff. Children and unauthorized guests are not allowed in the computer labs.

b. The Dignity and Worth of Each Individual. Each member of the network community is expected not only to respect the basic rights of others, but to act in ways that respect the equal dignity and worth of all persons regardless of race, class, sex, or creed. Accessing or sending racially or sexually degrading or harassing materials is not in keeping with the dignity and worth of individuals. Pornographic materials, because they tend to reduce persons to objects, fail to respect the dignity and worth of whole individuals. Viewing such materials in the computer labs is not only offensive to the decency of others, but can also create an atmosphere of sexual harassment.

c. An Atmosphere of Open Dialogue. Open dialogue is essential to learning. Therefore, every member of the network community has a right to enter into dialogue without fear of harassment. Practices such as “flaming,” personal attacks, and sending harassing messages diminish the possibility of open dialogue.

d. Freedom of Inquiry and Expression. All members of the network community possess a basic right to freedom of inquiry and expression, and a responsibility to exercise that right within the bounds of decency and ethical responsibility. Members of the network community will at all times respect the intellectual property rights of others and will conduct themselves in keeping with copyright and other laws.

e. A Moral Commitment to the Pursuit of Truth. Participation in the network community is guided by our common commitment to the pursuit of truth. Because all information available through computer networks is not equally worthy of attention, network members will need to exercise discernment in the acquisition and dissemination of information via the computer network just as they do in the classroom.

Abiding by Policies for the Mutual Benefit of All

The Chowan University “Policy on Use of Computers and Data” has been devised to ensure that the university’s computer resources are utilized in ways that ensure the greatest possible benefit to all users and to the institution. Responsible membership in the network community requires abiding by the rules and guidelines set forth in the Policy statement.

 

Chowan University Distance Education Statement of Privacy

The Southern Association of Colleges and Schools Commission on Colleges (SACSCOC), under Federal Requirements compliance, requires that all institutions have a written policy for protecting the privacy of students enrolled in distance education courses. The purpose of this document is to outline the steps Chowan University takes to effectively verify student identity. This policy applies to all credit distance learning courses offered at Chowan University. This approach is consistent with the mission of Chowan University and its commitment to learning and to providing instructional opportunities.

1. FERPA: Chowan University complies with the Family Educational Rights and Privacy Act of 1974 (FERPA). The official FERPA statement is available for student and public view on the Chowan University website. By strict adherence to FERPA, Chowan University protects the privacy of all students, including those enrolled in distanced education courses.

2. Secure Login and Password:

(a) Blackboard: The Blackboard Learning Management System is a secure environment which ensures privacy for faculty and students to interact via assignments and examinations. The privacy of the student’s grades is maintained with the Blackboard Learning Management System. Students at Chowan University are initially issued a unique student username. The username is entered into any distance learning course upon enrollment, and is required for the student to access any enrolled course. This unique student username and an eight-digit, alphanumeric password uniquely identifies him/her within the Blackboard Learning Management System. This student username remains the unique identifier for the student throughout his/her academic career. The student maintains the password and has the ability to create a new password. Students are responsible for keeping their student login information confidential, and for notifying Chowan University if they believe their login information has become compromised.

(b) Email Communications: Students enrolled in Distance learning courses are expected to use the Chowan University email as the method of secure communication. Students are issued a school email address that uses the same naming convention as Blackboard with the same password. Students are responsible for keeping their email login information confidential, and for notifying Chowan University if they believe their login information has become compromised.

3. Course Approval: Distance learning courses at Chowan University undergo a review process that ensures faculty/student interaction. The establishment of a strong relationship with the student helps the faculty to identify student needs and ensure personal work. Additionally, SafeAssign is used to promote academic integrity.