51吃瓜网视频

Policy 6.1.3

Policy 6.1.3

SUBJECT: COMPUTER SECURITY

Students, employees, vendors, or any other person who utilizes the computer and networking services of 51吃瓜网视频 Baptist University must understand that the computers and network circuits are the property of 51吃瓜网视频 Baptist University. The university retains the right to regulate how these technologies may be used in order to provide the security, privacy, and performance demanded in today's networked world. Any data related to instructional materials or scholarly works created with these university resources at a faculty member's own initiative, remains under the faculty member's ownership and control. Such data or works include but are not limited to course syllabi, lecture notes, musical or other compositions, textbooks, scholarly papers or articles see policy 1.5.2 (Intellectual Property).

Enforcement of Security - The department of information technology services (IT) is charged with the task of maintaining security, privacy, and performance for all computer and network services for all campuses of 51吃瓜网视频 Baptist University. The University Technology Committee will serve as an advisory body to the IT department, and will form ad hoc technology grievances committees as the committee and IT department deem necessary. The IT department will monitor all computer systems and network circuits in order to fulfill this mandate. All users of university computers and network services must understand that the equipment and technologies are the property of the university, unless expressly excluded in writing by the university administration, and will be monitored electronically. The director of information technology services will define the steps necessary to maintain the level of security required by federal statutory requirements. Suspected cases of violation of university computing security policies should be reported to the director of information technology services, who will be responsible for discovering the nature and extent of the violation and reporting it to the president. In order to accomplish these investigative tasks, the director of information technology services has the legal right to take possession of any computing device that is attached to the university network system, private or university-owned, for analysis. Any actions taken by the IT director to seize equipment or disable an account may be brought in writing by the aggrieved party to the attention of the University Technology Committee to request an appeal of the decision. The University Technology Committee, in consultation with the president and the IT director (a permanent member of this body), may request an in camera formal review of the written complaint. The decision by this body will be final.

Risk of Personal, Non-work Related Loss - Employees, students, vendors, or others who utilize the university computer and network circuits should be aware that personal, non-work related computer files, private, or other electronically stored information may be deleted if the IT department determines that urgent maintenance or security work is needed on a given computer or circuit. While all reasonable steps will be taken to preserve such personal information, no guarantee is possible and none is implied or offered. Employees, students, vendors or any person using any of the university computers or network circuits for storage of such personal, non-work related information are strongly encouraged to make their own backups of these files on personal media. While reasonable notification of a purge will be given, the university is not liable for loss or damage to personal data or equipment used on the networks of any university campus.

Access to Computers and Network Circuits - The IT department will provide user accounts to students, employees, vendors, and others who may have a justifiable need to access these services as described in university policy 6.1.5, (Coordination and Distribution of Computer Accounts).

Unauthorized use of university computers or unauthorized access to stored data, or dissemination of passwords or other confidential information to gain access to a computer system or data is in violation of criminal law (Computer Crimes, Section 33.01, Texas Penal Code), and can be a Class B or Class A Misdemeanor or a Felony of the third degree. Alteration, destruction, or false entry of data which impairs its validity, legibility, or availability of any record maintained by the university is a violation of Tampering with Governmental Record (Section 37.10, Texas Penal Code) - a Class A Misdemeanor.

Unauthorized use of computer accounts also includes use of computer accounts for purposes other than those intended by the funding source. In particular, the use of instructional and research accounts funded by the university for the purposes of private gain or for purposes other than instruction and research can be regarded as a misuse of funds.

Physical Security - Physical security is a serious challenge as is control of passwords and other security issues. Security of computer equipment is the responsibility of the department or campus in which the equipment is located.

Removal of university equipment from the assigned location to another location may constitute a security violation. Removal of equipment from university premises without written authorization from the appropriate school dean, department director, or IT director is considered a security violation and may be considered theft or misuse of funds.

Network Security - The university maintains a complex networking system that allows interconnection between offices, campuses, and the world. There are many computer software applications that would jeopardize these network systems if installed on any university computer. A provision in university policy 6.1.2 prohibits any person connected to 51吃瓜网视频 Baptist University from installing any software application on any computer without first seeking permission of the director of information technology services. The integrity of university data, the privacy of university students and personnel, and the ability to operate such a networked system all depend upon strict compliance with these regulations. The IT department will run random tests to detect and locate unauthorized computer applications, unapproved electronic hardware devices, unauthorized intrusion, and prohibited services in order to provide the security and privacy demanded by the university.

Unauthorized Viewing or Changing of Data - In the case of administrative data (student and employee files, etc.), only authorized users are to have access to the data. "Browsing" of data by unauthorized users is a violation of university regulations and federal law. Unauthorized changing of data is a violation of the State Penal Code and such actions will be prosecuted. This policy applies to all users on all campuses. In addition, unauthorized access of another person's account to view his or her files comes under this heading as well. Such access includes, but is not limited to, accessing another student's files, accessing a professor's files, and accessing a colleague's files without proper authority. It is to be emphasized that giving one's password or other user account information to an unauthorized user of the system is a violation.

Data Security and Backing Up of Critical Files - The IT department is responsible for maintaining a backup system for critical university data. While every effort is made to ensure that reliable backups are available in the event of crisis, the various schools and external campuses of the university are urged to backup files that are mission-critical to them. Campuses or schools who choose to backup their files should give great attention to the physical security of these media.

All users are warned that data integrity can be lost with a single infiltration of malicious code (e.g. some viruses, worm, or trojans).The integrity of university data depends upon the responsible use of computers by all. A single user's carelessness could infect the entire network system. It is conceivable that such an infiltration of the networked systems could destroy the integrity of current data and files, and it could be difficult to determine how deeply into backup media the infection has traveled. All users must be aware that backups of mission-critical files must have a high priority in daily operations.

Contact for Interpretation: President

This policy statement supersedes all previous policy statements on this subject.

Revisions:

- 08/14/2017 - Revision-title change
- 02/27/2009 - Revision-minor change
- 04/16/2007 - Review
- 03/30/2005 - Review
- 12/15/2004 - Revision-new link, new language
- 09/15/2004 - Revision-title change
- 06/11/2004 - Reissue as 6.1.3
- 06/11/2004 - Revision-restructure and new language
- 08/09/1994 - Inception as policy 8.1.15

Printable Policy 6.1.3

听