UNIVERSITY OF PITTSBURGH POLICY 10-02-05
CATEGORY: SUPPORT SERVICES
SECTION: Computing, Information, and Data
SUBJECT: Computer Access and Use
EFFECTIVE DATE: February 1, 2007 Revised
PAGE(S): 3
I. SCOPE
This policy establishes restrictions regarding the access and use of
University owned
and maintained computers, computer systems, computer networks, electronic
communications facilities, and other related computing facilities used to store and
process data, text, and software
used by the University.
II. POLICY
Access to University Computer Services
University owned computing equipment may be used only by:
- Faculty, staff, and students for recognized instructional research,
or
administrative purposes within the University.
- Organizations whose use of such services is for a recognized public
service. For
purposes of administering this policy, such classification will apply only if the
organization has been designated as federally tax-exempt under the Federal
Internal Revenue Statutes and whose purpose for use of such services is
approved by the University’s Office of the Provost.
- Faculty and staff under professional consulting arrangements
provided:
1) an application for services is approved by the Office of the
Provost and an
external sponsored account is established,
2) a formal contractual arrangement is entered into with
Computing Services
and Systems Development (CSSD),
3) payments at prevailing rates are made for such services, and
4) the employee is not acting as a broker for purchase of
services for any
external organization.
The agreement between the University and qualified tax-exempt
organizations or
consulting employees as defined above must be renewed on an annual basis and at
any time be canceled by either party thirty days after receipt of written notice of
cancellation by either party.
The computer services provided for external usage must be no greater than
that
normally available to internal users and will be limited to the extent that they do not
adversely affect the mission or needs of the
University.
Appropriate Use of University Computer Services
University-owned computing equipment, networks, services and resources,
including
electronic mail and other forms of electronic communication, are provided for the
purpose of conducting University-related activities and are therefore considered
University property. The University, as owner of such property, has the right to
access information on the system stored, sent, created or received by employees,
including electronic mail, as it deems necessary and appropriate. As such,
employees should not expect
individual privacy in the system.
University employees and students are obligated to protect University
computing
systems from illegal or damaging actions, either knowingly or unknowingly. The
following are considered improper use of University owned computing equipment,
networks, services, and resources:
- Using information technology resources for purposes other than
research or
instructional purposes. Computing resources may not be used for commercial
purposes or personal gain. Use of computer services for any commercial
purpose, partisan political purpose or
for any unlawful purpose is prohibited.
- Intentionally or recklessly abusing or misusing computing resources
so as to
cause damage, system interruptions, or harassment to other
persons.
- Repeatedly or purposefully engaging in activities which can be
reasonably
expected to, or do, unreasonably tax computing resources or go beyond their
intended or acceptable use.
- Borrowing, lending, falsifying or misusing a computer account
computing
resource, or allowing, or facilitating the unauthorized access to use of University
computing resources by a third party.
- Obtaining user IDs and/or password(s) of other persons in order to
use University
or University-related computing resources, or impersonating another person on a
computing resource.
- Using electronic media to harass or threaten other persons, or to
display, design,
copy, store, draw, print, or publish obscene
language or graphics.
- Submitting or causing to be submitted to the University false,
misleading, harassing
or deceptive help requests or complaints.
- Using University computing resources to gain or attempt to gain
unauthorized
access to computing resources either inside or outside
of the University.
- Intercepting or attempting to intercept or otherwise monitor any
communications
not explicitly intended for him or her without
authorization.
- Copying, reading, accessing, using, misappropriating, altering,
publishing or
destroying computer files, output data, documents or other files of another
individual or attempts to do so, without the permission of that individual, project
leader, or authorized
administrator.
- Making, distributing and/or using unauthorized duplicates of
copyrighted material,
including software applications, proprietary data, and information technology
resources. This includes sharing of entertainment (e.g., music, movies, video
games) files in
violation of copyright law.
- Violating the terms and conditions of software license agreements
for software
distributed by the University of Pittsburgh by giving, lending, selling, or leasing
such media or software to others for
their own use.
- Interfering with the operation of the University’s information
technology resources
by deliberately attempting to degrade or disrupt resource performance, security,
or administrative operation including, but not limited to, intentionally introducing
any
computer virus or similar disruptive force into any computing
resource.
- Using a computer, computer system, computer network, or any other
University
property for the creation, design, manufacture, preparation, display, or distribution
of any written or graphic
obscene material is prohibited.
- Willfully, fraudulently and without authorization gaining or
attempting to gain access
to any computer, computer system, computer network, or to any software,
program, documentation, data or property contained in any computer, computer
system or computer network is prohibited, including obtaining the password(s) of
other persons in order to use University or University-related information
technology resources without proper authorization or impersonating another
person or an information technology resource. This includes, borrowing, lending,
falsifying, or misusing a computer account or allows, or facilitates the
unauthorized access to use of University information technology resources by a
third party.
Reporting Violations of Computer Use Policy
Violations of this policy should be reported immediately to the department
with
responsibilities for compliance with this policy, including Human Resources, the Office
of General Counsel, and CSSD. Violations can also be reported by sending e-mail to
abuse@pitt.edu. The University will strive to maintain confidentiality to the extent
possible consistent with
other obligations.
Disciplinary Action
Violations of this policy will result in the appropriate disciplinary
action, which may
include loss of computing privileges, suspension, termination, or expulsion from the
University, and legal action.
Violations of any federal, state, or local law concerning the unauthorized
access or
use of University computers and computing services will result in the appropriate
disciplinary action up to, and including termination
from the University.
III. REFERENCES
Policy 10-02-04, Computer Data Administration
Policy 10-02-06, University Administrative Computer Data (UACD) Security
and
Privacy
Policy 10-02-11, Computer Account Administration
Policy 10-02-12, Direct Charging for Computing and Information Systems
Services