General Policies

Contents

Purpose
Scope
Background & Summary
Policy
General Standards
Electronic Environment
Spam
Data Storage
Network Quotas
Non-Compliance


Download Full Policy: PG 0017

Purpose

The policy is based on the principle that the electronic information environment is provided to support University business and its mission of education, research and service. Other uses are secondary. Uses that threaten the integrity of the system; the function of non-University equipment that can be accessed through the system; the privacy or actual or perceived safety of others; or that are otherwise illegal are forbidden.
By using University electronic information systems you assume personal responsibility for their appropriate use and agree to comply with this policy and other applicable Liberty University policies, as well as City, State and Federal laws and regulations.
Users of Liberty University computing resources are expected to review and understand the contents of this policy and its associated standards.

Scope

This policy applies to all students (residential and online), faculty, staff, and guests who may utilize Liberty University computing resources.

Background and Summary

This standard defines the boundaries of "acceptable use" of Liberty University’s computing resources, including computers, networks, electronic mail services and electronic information sources.
This standard will be reviewed regularly and modified as new technologies emerge and/or are implemented within Liberty University electronic information systems.

Policy

  1. Liberty University will document and communicate its standards of acceptable use of University computing resources.
  2. The acceptable use standards will support Liberty University's requirement to:
    • Protect confidentiality of sensitive information;
    • Provide information integrity;
    • Ensure IT resources remain available for University business.
  3. Liberty University will regularly review and modify these standards as new technologies emerge and/or are implemented within Liberty University electronic information systems.

Terminology

Keylogger: A keylogger, sometimes called a keystroke logger, key logger is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard (from 
 
Strong Cryptography: Cryptography based on industry-tested and accepted algorithms, along with strong key lengths and proper key-management practices. Cryptography is a method to protect data and  includes both encryption (which is reversible) and hashing (which is not reversible, or “one way”).  Examples of industry-tested and accepted standards and algorithms for encryption include AES (128 bits and higher). From https://www.pcisecuritystandards.org/security_standards/glossary.php
 
Authorized Individuals: Users who have been provided authorization either through Human Resources, Liberty University Police Department or from the Chief Information Officer (CIO), and have a business need, or investigative reason to gather the information.
 

Standard

General Standards

  1. General Standards for the acceptable use of Computing Resources require responsible behavior with respect to the electronic information environment at all times.
  2. Behavior of all users on the network will be consistent with the mission of the University, and in accordance with "the Liberty Way" (for students) and/or The Faculty Handbook (for residential faculty), The LU Online Faculty Handbook (for online faculty) or The Employee Handbook (for staff).
  3. All users will maintain compliance with all applicable local, state, federal and international laws and regulations.
  4. All users will maintain truthfulness and honesty in personal and computer identification.
  5. All users shall respect the rights and property of others, including intellectual property rights and Copyright laws.
  6. Copyright infringement is the act of exercising, without permission or legal authority, one or
    more of the exclusive rights granted to a copyright owner under section 106 of the Copyright Information
    Act (Title 17 of the United States Code). Those rights include the right to reproduce or
    distribute a copyrighted work, as well as the right to make derivate works from the copyrighted
    work. In the file-sharing context, downloading or uploading substantial parts of a copyrighted
    work without authority constitutes infringement.  In the academic context, copying or
    paraphrasing parts of a copyrighted work as your own constitutes infringement.  Unauthorized
    distribution of copyrighted material, including unauthorized peer-to-peer file sharing, 
    unauthorized downloading and unattributed copying, is expressly forbidden, and may subject
    violators to civil and criminal liabilities.  In general, anyone found liable for civil copyright
    infringement may be ordered to pay either actual damages or "statutory" damages of not less
    than $750 and not more than $30,000 per work infringed. For "willful" infringement, a court
    may award up to $150,000 per work infringed. A court can also assess costs and attorneys' fees.
    For details, see Title 17, United States Code, Sections 504, 505.
    Willful copyright infringement can also result in criminal penalties, including imprisonment of
    up to five years and fines of up to $250,000 per offense.  For more information, see the Web
    site of the U.S. Copyright Office, especially its FAQ’s.
  7. All users shall exhibit behavior consistent with the privacy and integrity of:
    •  Electronic networks;
    •  Electronic data and information;
    •  Electronic infrastructure and systems.
  8. All users shall protect the value and intended use of human and electronic resources.
  9. All users will maintain the computing resources provided to them by:
    •  Keeping up to date with operating system patches;
    •  Keeping up to date with university software patches (Office, Adobe, etc.);
    •  Running anti-virus software;
    •  Running personal firewall software.
  10. Faculty /Staff will allow their systems to be managed via the IT Desktop Management department, to ensure their systems are kept up to date, and collect appropriate asset management data.
  11. All useres shall utilize passwords in accordance with the Password Policy - PG0006. 
  12. All users will report incidents such as stolen laptops or passwords, or severe virus outbreaks that are not automatically cleaned by resident Anti-Virus software. Malicious activity should be reported to the HelpDesk.
  13. All users will protect University sensitive information, such as passwords, Social Security Numbers, Credit card numbers, etc.
  14. Faculty/Staff are responsible for exercising good judgment regarding the reasonableness of personal use. Such use must not interfere with official duties or violate appropriate use guidelines elsewhere in this standard.
  15. All users consent that their use of the University Network may be monitored for compliance to this policy and applicable laws and regulations.
  16. All users that are physically on the Liberty University campus shall initiate an automated screen lock after an inactivity period not to exceed 15 minutes to protect systems when the operator walks away.
    • The screen lock must require the password to regain system use.
    • Users shall activate a screen lock whenever the system is left unattended.
    • Users shall terminate active sessions when finished by logging off or shutting down the system as appropriate. In cases where active jobs are still running, the screen lock shall be activated. For example, do not just switch off the monitor when leaving a PC unattended.
    • Users should physically secure systems from unauthorized use when left unattended, such as through use of a key lock, a locked drawer, or a secured facility

Liberty University electronic information environment

  1. All Liberty Usernames and E-mail accounts are property of Liberty University and as such Liberty University retains exclusive rights to the creation, assignment, revocation, usage and content management of all Liberty Usernames and E-mail accounts.
  2. The following activities and behaviors are prohibited:
    •  Interference with or disruption of the computer or network accounts, services or equipment of others, including but not limited to, the creation, installation, transmission, or propagation of computer “worms” and “viruses”, or activities that would result in a denial of service.
    •  Revealing passwords (either your own or someone else’s) or otherwise permitting the use by others of your accounts for computer and/or network access.
    •  Altering or attempting to alter files or systems without authorization.
    •  Unauthorized scanning of the University network for security vulnerabilities.
    •  Unauthorized network monitoring of other users activities.
    •  Attempting to alter any University computing or network components (including, but not limited to routers, switches, wireless access points, etc.) without authorization.
    •  Unauthorized wiring, including attempts to create unauthorized network connections, or any unauthorized extension or re-transmission of any network service; For example, setting up your own wireless bridge is prohibited.
    •  Intentionally damaging or destroying the integrity of electronic information.
    •  Intentionally disrupting the use of electronic networks or information systems.
    • Intentionally wasting human or electronic resources.
    • In order to maintain the integrity of network performance; students are not to utilize ad-hoc, peer-to-peer applications which are specifically used for file-sharing (such as Kazaa, Vuze, BitTorrent, eDonkey, etc.) while on the University network.
    • All applications operated on the University network shall be properly licensed.
    • All 3rd party software must be properly licensed. Each user accepts personal responsibility for the legality of all software not installed by Desktop Management or approved by the IS Accounts Management & Compliance office.
  3. Unlawful and inappropriate communications are prohibited, including, but not limited to:
    •  Threats of violence
    •  Any communication which violates the legal rights of others
    •  Obscene and profane communications
    •  Pornography
    •  Harassing communications (as defined by law)
    •  Defamatory communications
    •  Transmitting unsolicited bulk messages or ‘spam’ (see Section 3 below).
    •  Any communication which could be utilized for academic cheating
    •  Selling or purchasing access to University computing resources
    • Marketing of personal services or merchandise or negotiating such services
    • Any communication which introduces, installs, transmits or propagates a computer virus

Spam

Spam is defined as unsolicited, bulk electronic mail which includes ‘junk’ e-mail, advertisements, chain letters, etc.

  • Virginia state law prohibits spamming (SB 881 Computer Crimes Act; electronic mail).
  • All users of Liberty University computing resources are subject to federal and state spamming laws and the penalties that may be incurred if found in violation of those laws.
  • Spam sent to Liberty University accounts, or sent from Liberty University accounts is unacceptable and violates the terms of acceptable use of Liberty University computing resources.
  •  Liberty University users are permitted to send a single e-mail to no more than fifteen (15) users per instance.
  • Exceptions to this limit may be granted for special circumstances, and those exceptions must be approved by the CIO.
  • Any user of the Liberty University e-mail system who sends spam could have their Liberty University account being disabled. 
  • Reactivation of of all accounts that have been disabled as a result of sending spam must be approved by the CIO.
  • To prevent the proliferation of unsolicited, bulk electronic mail, and to protect a student in the event their e-mail account is compromised, any outgoing message which contains more than 100 recipients will not be sent from the Liberty University e-mail system.
  • Certain Liberty University administrative offices such as Human Resources, the Office of the President, etc., maintain the right to send unsolicited, bulk electronic mail to University computing resource users' Liberty University e-mail accounts and are not considered spam.
  •  No Liberty staff, faculty, student or alumni may unsubscribe from these official internal bulk mailings (those sent to liberty.edu addresses).
  • Bulk e-mail campaigns which send electronic mail to external addresses (non liberty.edu domains) must:
    • Be approved by the Marketing Department, Creative Media, the Business Intelligence Office (BIO) or Administrative Information Management (AIM).
    • Utilize our bulk e-mail campaign software and processes as established by the Business Intelligence Office. 
  • All bulk e-mail campaigns from faculty and staff (non-course related) must:
    • Be approved by Human Resources, the Marketing Department, Creative Media and the Business Intelligence Office.
    • Utilize our bulk e-mail campaign software and processes as established by the Business Intelligence Office. 
  • Any user who violates the bulk e-mail campaign requirements may have their access to the bulk e-mail campaign application disabled or revoked.  Reactivation of all accounts that have been disabled or revoked as a result of violating the bulk e-mail requirements must be approved by the CIO.
  • Faculty may send a mass e-mail to all students on their course roster through Outlook or 
    Blackboard, provided the content of the e-mail is course related.
  • If you feel you are being spammed please forward the message in question to emailscams@liberty.edu .
 

Storage

All storage of data is to be done in compliance to our data storage policy (PG 0023 - Data Storage). 

 

Bandwidth Quotas

  1. Users will be allocated 40 gigabytes of bandwidth per month. While most users will never reach this 40 gigabyte limit, those that do will have a reduced upload and download speed (similar to dial-up) for the remainder of their 30-day period.
  2. Effective in the Fall term of 2011:
    • Users who approach or exceed their bandwidth quota will receive a series of e-mails notifying them of when:
      • They are approaching their bandwidth quota;
      • They have reached their bandwidth quota and their upload and download speed has been reduced;
      • Their upload and download speeds are returned to normal.
    •  Exceeding bandwidth quotas.
      • The first time a user exceeds their bandwidth quota, their upload and download speed will be reduced to 256 kbps for the remainder of their 30-day period.
      • The second occurrence of a user exceeding their bandwidth quota will result in the reduction of their upload and download speed to 256 kbps for an additional 30 days.
      • The third occurrence of a user exceeding their bandwidth quota will result in analysis of their bandwidth usage and an audit of the user’s computer to search for Bit Torrent and/or file-sharing software.
      • The fourth occurrence of a user exceeding their bandwidth quota will result in their inability to access wireless internet connectivity. The user will be required to attend a session with the IT Training department where the bandwidth quota policy will be explained to them, along with copyright compliance regulations according to the Digital Millennium Copyright Act (DMCA) and the Higher Education Opportunity Act (HEOA). After that training their upload and download speed will be reduced to 256 kbps for the remainder of the 30-day period.
      • Users may purchase additional bandwidth at the rate of $1.00 per gigabyte. Purchasing additional bandwidth will return internet speeds to normal levels thru the remainder of the calendar month. 
      • All occurrences of exceeding bandwidth quotas will be reset to zero, at the beginning of each fall term.

Non Compliance

Students

  • Non-compliance to these standards by any student will be subject to disciplinary actions outlined in “the Liberty Way”.
  • For infractions not outlined in “The Liberty Way”, disciplinary actions will be at the discretion of the Office of Student Conduct.
  • Depending upon the nature of the infraction, the student may also be subject to local, state, federal or international penalties.

Faculty

Staff

  • Non-compliance to these standards by any staff member will be subject to disciplinary actions outlined in the "Employee Handbook".
  • For infractions not outlined in the "Employee Handbook", disciplinary actions will be at the discretion of the Department’s manager and/or Human Resources.
  • Depending upon the nature of the infraction, the staff member may also be subject to local, state, federal or international penalties.

Guests

  • Non-compliance to these standards by any guest may result in the revocation of all access to Liberty University computing resources.
  • Depending upon the nature of the infraction, the guest may also be subject to local, state, federal or international penalties.

Last updated July 7th, 2014