UA Little Rock INFORMATION TECHNOLOGY SERVICE USERS SHOULD HAVE NO EXPECTATION OF PRIVACY
Users must not permit or assist any unauthorized person to access IT systems. For example, any non-UA Little Rock organization or individual without appropriate authorization may not use UA Little Rock IT systems. Each campus user must have and use a unique logon/password to a campus IT system. Multiple user logons or passwords are in violation of this policy.
Users must not defeat or attempt to defeat any UA Little Rock IT system’s security, for example, by “cracking” or guessing user identifications or passwords, compromising room locks or alarm systems, utilize software that will probe a network user system, or a sniffer gathering logon/password data.
Unauthorized Data Access
Users must not access or attempt to access data on any UA Little Rock IT system they are not authorized to access. Users must not make or attempt to make any deliberate, unauthorized changes to data on an IT system. Users must not intercept or attempt to intercept data communications not intended for that user’s access, for example network sniffing or wiretapping.
Users must not conceal their identity when using UA Little Rock IT systems. Users must use their own login ID and password.
Denial of Service
Users must not deny or interfere with or attempt to deny or interfere with service to other users, on campus or off campus, by means of “resource hogging,” deliberate distribution of computer worms or viruses, or modification of any IT system. Knowing or reckless distribution of unwanted mail or other messages is prohibited.
Users must observe intellectual property rights including, in particular, copyright laws as they apply to software, licensing, and electronic forms of information.
External Data Networks
Users must observe all applicable policies of external or off- campus data networks when using such networks.
Modification of Data or Equipment
Without specific authorization, users of UA Little Rock IT systems must not cause, permit, or attempt any destruction or modification of data or computing or communications equipment, including but not limited to alteration of data, reconfiguration of control switches or parameters, or changes in firmware. “Specific authorization” refers to permission by the owner or systems administrator of the equipment.
Personal Account Responsibility
Users are responsible for the security of their IT system accounts and passwords. Any user change of passwords must follow published guidelines. Accounts and passwords are assigned to single users and are not to be shared with any other person without authorization by the systems administrator. Changing another person’s password is considered a form of harassment and unethical behavior.
Users are presumed to be responsible for any activity carried out under their IT system accounts.
Responsibility for Content
Representatives of IT publish “official” information in a variety of electronic forms. A statement of the certifying authority publishing the information will normally identify such official information. A certifying authority is that IT department or individual who certifies the accuracy of an electronic document and IT appropriateness for the conduct of IT business.
Users also publish information in electronic forms on IT equipment and/or over UA Little Rock’s networks. UA Little Rock does not have any intention or opportunity to screen such private material and thus cannot assure IT accuracy or assume any responsibility for this material. Any electronic publication provided on or over UA Little Rock equipment and/or networks, which is not legitimately identified by a certifying authority, is the private speech of an individual user. Offensive content is to be reported to the network security officer (NSO) for investigation.
The university’s electronic mail facilities should not be used:
- To send unauthorized mass mailings of any type.
- To send rude, obscene, harassing, or illegal material, or material that in any way conflicts with the regulations of the university.
- To send any material that in any way conflicts with state or federal law.
- To perform an operation or activity that degrades the performance of the UA Little Rock’s IT systems and/or network.
Threats and Harassment
Users may not use a UA Little Rock IT system to threaten or harass any person. A user must cease sending messages or interfering in any way with another user’s use of IT systems if the aggrieved user makes a reasonable request for such cessation.
Removal of Equipment or Documents
Without specific authorization by the system administrator, users must not remove any university owned or administered equipment or documents from an IT system.
Without specific authorization by the system administrator, users must not physically or electrically attach any foreign device (such as an external disk, printer, network sniffer, sniffer software, network monitoring software, modem, or video system) to an IT system.
Users must not conceal or help to conceal or “cover up” violations by any party. Users are expected to report any evidence of actual or suspected violation of this policy to the systems administrator of the facility most directly involved. In case of doubt, the report should be made to the UA Little Rock network security officer (NSO) and/or UA Little Rock chief information officer (CIO).
Reporting of Security Violations
If a user observes and/or suspects a security violation, he/she is obligated to report such to the UA Little Rock network security officer.