Information Technology Policies

Telephone Use Policy

Purpose:

• To keep University telephone lines open for necessary business calls.

Policy:

• Office desk phones and cell phones (when approved) are issued for University business purposes.
• The University recognizes that there may occasionally be times when personal calls must be made or received during business hours.
• Such calls must be held to a minimum, however, and must not interfere with the employee's work. Employees are encouraged to make such calls during their breaks or at lunchtime.
• When a long–distance call results in a charge, the call must be billed to the caller's home phone number or charges reimbursed to the University.

Personal Cell Phone Use

• Use of personal cell phones must be held to a minimum and must not interfere with the employee's work.
• Employees are encouraged to make personal calls during their breaks and lunchtime.

Network Connectivity Policy

• The following applies to all users of the ESU Computer Network.
• All equipment devices and computers connected to the network are the responsibility of the East Stroudsburg University Computing Services department, Academic Computing & Administrative Computing.
• The data network at ESU is provided in support of academic and administrative services. Any equipment connected to the network must be authorized by Computing Services.

In order to protect the security and integrity of the computer and network resources against unauthorized or improper use, and to protect authorized users from the effects of such abuse or negligence, Computing Services reserves the right, at its discretion, to limit, restrict, or terminate the use of equipment or services, unauthorized or authorized, that Computing Services perceives to be an impediment or compromise to its ability to securely deliver the services for which it is responsible.

East Stroudsburg University Computer Lab & Network policy

• This policy governs the use of all ESU computer facilities and resources. This includes the use of all university computer labs and network connections.
• The university reserves the right to limit, restrict, or extend computing privileges and access to its resources.
• Persons who do not abide by the polices listed below should expect possible suspension of computer privileges and possible referral to the University Disciplinary Committee.
• Offenders may also be subject to criminal prosecution under federal or state law, and should expect Computing Services to pursue such action.
• Computing Services should be notified about violations of computer laws and policies, as well as about potential loopholes in the security of its computer systems and networks.
• The user community is expected to cooperate with the Computing Services Department in its operation of computer systems and networks as well as in the investigation of misuse or abuse.
• The Computing Services Department has the right to monitor user actions and examine all files on the lab computer hard drives and network server.

East Stroudsburg University Security Policy

East Stroudsburg University of Pennsylvania (ESU) is dedicated to providing a trusted environment for information processing. This environment includes the protection of the confidentiality, integrity, and availability of the campus information system.

Specifically,

• Confidentiality of data refers to the ability of only authorized users to read data;
• Integrity of data refers to the ability of only authorized users to create or modify data; and,
• Availability of data refers to the ability of only authorized users to have as-needed access to data.

In this regard, ESU will create a campus-wide System Security Plan.

This plan will help categorize all campus information security resources in one document, as well as help promote information security awareness on a campus wide basis. In order to help maintain a trusted environment for information processing, the ESU Director of Computing and Communication Services is also the ESU Information System Security Officer.

In this office, the Director has the following responsibilities:

• Creation and implementation of the campus-wide System Security Plan;
• Maintenance of appropriate policies with regard to information security (e.g., Acceptable Use Policy);
• Continued improvement of the campus-wide information security awareness program;
• Promotion of appropriate information security education and training for key personnel,;
• Selection of appropriate security controls for the protection of the confidentiality, integrity, and availability of the ESU information system;
• Auditing of security controls to ensure these controls are satisfying their security requirements;
• Promotion of privacy of user information;
• Managing the response to security incidents; and,
• Delegation of security responsibilities to the appropriate parties, such as IT managers.

Privacy Policy

• While the East Stroudsburg University recognizes the role of privacy in institutions of higher learning, and will endeavor to honor that ideal, there is no expectation of privacy of information stored on or sent through State System/University-owned IT resources, except as required by law.
• Use of the IT resources is a privilege and signifies agreement to comply with this policy. Users are expected to act responsibly, and follow the policies and any applicable laws related to the use of IT resources.
• Any computer and network accounts issued for your use remain the property of East Stroudsburg University (ESU).
• As property of ESU, the institution has the right to view any and all information and data regarding any use of this equipment.
• This includes, but it not limited to, all e-mail, Internet activity, data files, documents, and messaging activity.
• While it is not in the interest of ESU to look at any of the files saved by any individuals on the equipment and any information accessed, be advised that this information may be viewed to resolve issues of performance, to resolve complaints, or to respond to requests from police, FBI, or other cognizant agencies.
• ESU cannot and does not guarantee the security or confidentiality of electronic information.

While personal equipment is generally not allowed connection to the campus network, where exceptions are made, the owner should be aware that once connected to the campus network, the equipment and use of it is subject to campus policy.

Computer Lab Rules & Regulations (1,2)

• No food or drinks are allowed in the campus computer labs.
• Computer facilities are to be used by registered ESU students, faculty, and staff only. Users should bring their university IDs when using the facilities.
• Computing Services staff have the authority to use any equipment in the computer labs, or to request that others stop using any equipment in these labs, either temporarily or permanently.
• Physical abuse of the computer equipment is prohibited and will result in loss of computer lab privileges, university disciplinary action, and criminal prosecution.
• You must not attempt to modify in any way a program that Computing Services supplies for any type of use at its sites.
• You must abide by the terms of all software licensing agreements and copyright laws.
• You must not deliberately perform acts that are wasteful of computing resources or that unfairly monopolize resources to the exclusion of others.
• Printing of multiple copies of any documents including resumes, thesis, and dissertations is strictly prohibited.
• Restrict recreational use on lab computers to low traffic times. Students needing the computers for academic purposes have priority. Recreational users may be asked to discontinue their use to provide access for academic applications. Recreational use over modem access is absolutely forbidden. Recreational use includes, but is not limited to, game playing, IRC (Internet Relay Chat), and other chat channels.
• You are expected to frequently use the anti-virus program to scan disks and files for viruses. It is each user's responsibility to protect his/her own diskette from a virus. The university is not responsible for infection of non-university software or hardware.
• Faculty who have scheduled a computer lab for a class have priority to the lab and may request students to leave. It is the user's responsibility to consult the schedule for open lab time. Schedules are posted outside each lab.
• Deliberate introduction of a virus affecting the computer labs and/or network will result in suspension of computer privileges, referral to the University Disciplinary Committee and possible criminal prosecution.
• Assist Computing Services in the conservation of paper and printer toner by on-screen editing, and running spell check and print preview options before printing a copy of the document.

Network Rules, Regulation, and User Guidelines

Many of the Internet resources are provide by the U.S. Government. Abuse of the system thus becomes a Federal matter above and beyond simple professional ethics. Access to and use of the Internet is a privilege and should be treated as such by all users of the system. (Internet Activities Board 1/89)

• Any network traffic exiting the University is subject to the acceptable use policies of the network through which if flows (Voicenet, SSHENET, SSHENET II, etc.), as well as to the policies listed below.
• Sharing of network accounts for any reason is prohibited. You must not reveal your account password to anyone. Users are responsible for any misuse of their account that is due to their own negligence. Users are responsible for reporting unauthorized use of their account to Computing Services. Accounts can not be transferred to or used by other individuals.
• ESU reserves the right to hold you financially responsible if, through negligence or deliberate action, it's computer resources are compromised in any way by you or someone using your account.
• You are responsible for protecting your account and its contents. Passwords only provide limited protection of electronic material in your account.
• You are responsible for your files. Files are to be copied to a removable media. Computing Services is not responsible for your personal files.
• ESU students, faculty, staff, and administrators are considered priority users. The network administrator has the right to limit affiliated or guest network access based on priority users needs.
• You must not use the university computing network resources to gain or attempt to gain unauthorized access to remote computers.
• You must not deliberately perform an act that will seriously impact the operation of computers, terminals, peripherals, or networks. This includes, but is not limited to, tampering with components of a local area network (LAN) or the high-speed backbone network, otherwise blocking communication lines, or interfering with the operational readiness of a computer.
• You must not harass others by sending annoying, threatening, obscene, or offensive messages, this includes sending chain letters.
• You must not attempt to monitor another user's data communications, nor may you read, copy, change, or delete another user's files or software, without permission of the owner and Computing Services.
• If a computer account is being used in such a way that it causes conflicts with other machines, accounts, or people, some or all access privileges may be removed from the account.
• Remember, just because you can perform a particular action does not entitle you to take that action.
• You are responsible to comply with all applicable laws of the United States when using the university computing network.
• You are not permitted to setup a server or use serving software without the written permission of Computing Services.

Acceptable Use of the Network (3)

• Use for purposes of, or in support of, education and research.
• Use for purposes of technology transfer to or from the academic community.
• Use for participating in the economic development programs of Pennsylvania.

Unacceptable Use (4)

• Use of SSHENET for illegal purposes or for unauthorized access to systems, software, or data.
• Activities that interfere with the ability of others to use SSHENET or other facilities connected to the network effectively.
• Use by commercial organizations for internal communications.
• Distribution of unsolicited marketing, advertising, or personnel recruiting materials.
• Use by commercial organizations that does not meet the above.
• Use of your account or the network for business or commercial purposes.

E-Mail

• An e-mail account is provided for each faculty, staff and student member of the campus community. This e-mail account must be used for all ESU business. Forwarding of mail to an outside e-mail system is not condoned. In addition to not receiving support and not being backed-up, outside e-mail accounts increase the campus's vulnerability to e-mail born viruses.
• Student email is deactivated 90 days after graduation, or they cease to be enrolled, because of the abundance of email account breaches.
• Computer access and web accounts are available to all registered students. Your account will remain active as long as you register for courses from semester-to-semester, register in the spring for the following fall semester, or register in the fall for the following spring semester.
• If you are not registered as stated or if your semester credit total equals zero your account (web and computer) will be disabled a week after the last day to register for a class, and purged a month after it is disabled.
• Maintenance of a user's electronic mailbox is the users' responsibility.
• Never assume that your e-mail can be read by no one except yourself; others may be able to read or access your mail. Never send or keep anything that you would not mind seeing on the evening news.
• Be professional and careful about what you say regarding other persons. E-mail is easily forwarded.
• Cite all quotations, references and sources.
• Use discretion when forwarding mail to group addresses or distribution lists. It's preferable to reference the source of a document and provide instructions on how to obtain a copy.
• Avoid forwarding personal e-mail to mailing lists of Usenet without the original author's permission.
• Be careful when using sarcasm and humor. Without face to face communications your joke may be viewed as criticism.
• Chain letters are strictly prohibited and should be reported to Computing Services.
• Bulk Mailing is strictly prohibited and should be reported to Computing Services.

FTP- File Transfer Protocol

• When possible limit downloads, especially large downloads (1 Meg+), for after normal high traffic hours locally and for the remote ftp host; preferably late in the evening.
• Copy downloaded files to your personal computer hard drive or disks to remain within disk quota. If downloading from an FTP site to a lab computer, the downloads must be moved to the user's floppy disk after the download is complete.
• It's the user's responsibility when downloading programs, to check for copyright or licensing agreements.
• Routinely and frequently virus scan your system, especially when receiving or downloading files from other systems to prevent the spread of a virus.

Residence Hall Internet Usage Policy

In order to access the Internet in a residence hall, the student must read and accept the Campus Network Usage Policy when setting up their connection the first time. It reads as follows:

• I am registering for connection to the East Stroudsburg University of Pennsylvania computer network through my residence hall room using my own personal computer. The use of the university's computer network is a privilege, not a right. I understand and consent that if I violate the campus computer use policies I may lose my network connection and I will be subject to any other sanctions or penalties that may result from such actions. By acceptance of this notice I agree to abide by university computer use policies.
• I agree to use the IP (Internet Protocol) address automatically assigned by Computing Services and will not assign my own. I agree that I will not use my computer as a gateway serving service to any other computer.
• I further agree to limit the use of my computer to perform to the following specifications for on or off campus network access:
  • Configured to use TCP/IP protocol only.
  • Windows 10/11 , Mac OS 10.14 (Mojave) and newer linux only with all critical updates installed.
  • Not to use my connection for business purposes.
  • Not to share my connection or connection/configuration information with others.
  • Not to setup a wireless access point as wireless is provided.
  • Not act as a server to provide applications and other software to any other persons.
  • Not to act as a server in any form.
  • Not act as an FTP server to provide software through the FTP protocol or any other protocol that provides for file transfer from my PC to another PC.
  • Not act as an e-mail server, proxy server, web server, or file server; this includes MUSIC and MOVIE files.
  • Not provide user accounts on my personal computer for other persons use.
  • Not act as a gateway or provide access to the Internet for other computers.
  • Not download software from university servers.
• I understand that I am not permitted to use my computer as a web server. If I wish to have off-campus access to a web page, I will place the page on one of the authorized campus web servers. Instructions for setting up a web page can be found at http://www.esu.edu/ac.
• I understand it is my responsibility to have a functioning  Ethernet Network Interface Card installed configured to use the TCP/IP protocol, functioning and updated anti-virus and spy ware software.
• I understand and agree that I am responsible for not violating any applicable copyright laws when downloading files to my computer, including movie and music files, and for obtaining legal copies of all software installed on my personal machine.
• I understand that if I change rooms during the semester Academic Computing MUST be notified by calling 3789.
• By acceptance of this document, I am agreeing to the above conditions and understand the implications of not complying with those conditions.

Reference

1. Rinaldi, Arlene,H. "The Net User Guidelines and Netiquette" Academic/Institutional Support Services, Florida Atlantic University. July, 1994
2. "Policies on the Use of Computer Systems and Facilities" Lehigh University Computing Center, August 1992
3. "Temple University Academic Computer Usage Policy" Temple University, September 1994
4. PREPnet Standard Acceptable Use and Connection Policy and Agreement, August 1992

Privacy

These computers are owned and operated by the East Stroudsburg Computing Services Department, which reserves the right to monitor any action or any record of any action that you perform while using the ESU academic computing system. This department has the right to monitor your actions because these facilities are owned and operated by ESU: access to this equipment by members of the ESU community is not a right, but a privilege.

The ESU Computing Services Department also reserves the authority to delegate the right to monitor user actions to any legitimate representative of ESU. This right to look over your shoulder is a right that members of Computing Services and their proxies try to exercise in a judicious fashion. Your files and records may be examined, at any time, without your prior knowledge.