IT Policies

Computer Usage Policy Mandatory

This policy outlines the rules and guidelines for using institute computer systems, networks, and equipment.

Policy ID: IT-POL-007
Effective Date: September 15, 2023
Last Updated: September 5, 2023
Approved by: IT Security Committee

Purpose

The purpose of this policy is to outline the acceptable use of computer systems at Our institute. These rules are in place to protect the employee and Our institute. Inappropriate use exposes Our institute to risks including virus attacks, compromise of network systems and services, and legal issues.

Scope

This policy applies to employees, contractors, consultants, temporaries, and other workers at Our institute, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by Our institute.

Policy Details

General Use and Ownership

While Our institute's network administration desires to provide a reasonable level of privacy, users should be aware that the data they create on the corporate systems remains the property of Our institute.

  • Employees are responsible for exercising good judgment regarding the reasonableness of personal use.
  • For security and network maintenance purposes, authorized individuals within Our institute may monitor equipment, systems, and network traffic at any time.
  • Our institute reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.

Security and Proprietary Information

The user interface for information contained on Our institute's systems should be classified as either confidential or not confidential.

  • Keep passwords secure and do not share accounts.
  • All computers should be secured with a password-protected screensaver.
  • Encrypt all confidential information in storage and in transit.
  • Postings by employees from a institute email address to newsgroups should contain a disclaimer stating that the opinions expressed are strictly their own.

Unacceptable Use

The following activities are, in general, prohibited. Under no circumstances is an employee of Our institute authorized to engage in any activity that is illegal under local, state, federal or international law while utilizing Our institute-owned resources.

  • Violating the rights of any person or institute protected by copyright, trade secret, patent or other intellectual property.
  • Introduction of malicious programs into the network or server.
  • Revealing your account password to others or allowing use of your account by others.
  • Using a institute computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws.
  • Making fraudulent offers of products, items, or services originating from any institute account.

Policy Compliance

The institute will measure and verify compliance to this policy through various methods, including business tool reports, internal and external audits, and feedback to the policy owner.

Compliance Measurement

The IT Directorate will verify compliance to this policy through periodic monitoring and audits. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Definitions

Proprietary Information

Proprietary information includes but is not limited to: institute budgets, product information, roadmaps, strategic plans, customer lists, employee information, and any other information that is not publicly disclosed.

Incident Response

Any violations of this policy will be reported to the IT Security team for investigation and appropriate action.

Download PDF Print Policy Share Policy Report Issue

Related Policies

Security Policy

Guidelines for protecting institute data and systems from threats.

View Policy

Data Management

Policies for handling, storing, and classifying institute data.

View Policy

Network Usage

Rules for using institute networks and internet access.

View Policy