Computer Resource Access Policy

Acceptable Use Policy (AUP) for Technology Resources

Computing and data communications at Colorado State University-Pueblo are valuable and limited resources that serve a large number and variety of users. "Resources," are defined as, but not limited to, University technology devices, servers, network, storage systems, data, and system credentials. All users have the responsibility to make use of the Resources in an efficient, ethical, and legal manner. The Resources provide access to assets on and off campus and shall be used in a manner consistent with the instructional, research, and administrative objectives of the University community in general and with the purpose for which such use was intended. Such open access to the Resources is a privilege and imposes upon users certain responsibilities and obligations.

Access to the Resources is granted subject to University policies and local, state, and federal laws. Acceptable use is always ethical, reflects academic honesty, and shows restraint in the consumption of shared Resources. It demonstrates respect for intellectual property, protection of sensitive information, ownership of data, copyright laws, system security mechanisms, and individuals' rights to privacy and to freedom from intimidation and harassment. All activities inconsistent with these objectives are considered to be inappropriate and may jeopardize continued use of the Resources. The University will take action it deems necessary to protect the Resources from systems and events that threaten or degrade operations.

In consideration of being allowed to use the Resources, I understand and agree to the following:

  1. I shall not use the Resources for any illegal activity or for any activity prohibited by this policy (see subsequent pages for examples of inappropriate conduct that is prohibited) or the respective policies listed under the University Handbook.
  2. I agree not to use the Resources to infringe upon or otherwise impair, interfere with or violate any copyright or other intellectual property rights of another. This pertains to all copyrighted material, including, but not limited to music, video and software. I understand that I may be potentially liable for misuse of the Resources, including acts that are contrary to University policy. Except for such claims as may be covered by the Governmental Immunity Act (Colorado Revised Statutes 24-10-101 et seq.), I agree to be responsible for all claims arising from my misuse of the Resources and shall indemnify and hold harmless the University from any costs, expenses or liabilities that might be asserted or imposed upon it or any of its officers, agents or affiliates as a result of such misuse.
  3. I shall avoid any action that interferes with the efficient operation of the Resources or impedes the flow of information necessary for academic or administrative operations of the University.
  4. I shall protect the Resources from unauthorized use and acknowledge that I am responsible for reasonably securing the Resources that have been assigned to me, including implementing such measures as outlined within the University Security Guidelines and Procedures Policy and other Federal and State regulations such as FERPA. This also includes applying, in a timely manner, operating system and software patches, and implementing malware scanning that protects my computing device from unauthorized access.
  5. I will only use the Resources for their intended purpose. I will only access Resources that have been authorized for my use, or which are publically available. This also includes the responsibility of Supervisors/Sponsors to monitor their subordinates' use of the Resources and request cancellation of access to the Resources if the user resigns his/her responsibilities.
  6. I understand that the University retains all ownership rights to all its collective data. I acknowledge that, unless specifically authorized by a University official, copying University data to a personal device, storage location or any other media/network/resource which is beyond the University's direct control is prohibited.
  7. I understand that incidental personal use of CSU-Pueblo resources is permitted, which means:
    • Incidental personal use of electronic mail, Internet access, fax machines, printer, and copier is restricted to CSU-Pueblo approved users only and does not include family member or others not affiliated with the University.
    • Incidental use must not result in direct costs to CSU-Pueblo, cause legal action against, or cause embarrassment to CSU-Pueblo.
    • Incidental use must not interfere with the normal performance of an employee's work duties.
    • Storage of person email message, voice messages, files and documents with CSU-Pueblo's computer resources must be nominal.
    • CSU-Pueblo's Management will resolve incidental use questions and issue using these guidelines in collaboration with CSU-Pueblo's CIO, HR Manager, and Chief Counsel.
  8. I understand that CSU-Pueblo Resources users must not purposely engage in activity that may harass, threaten or abuse others or intentionally access, create, store or transmit material which CSU-Pueblo may deem to be offensive, indecent or obscene, or that is illegal according to local, state, or federal law.
  9. I acknowledge that the Acceptable Use Policy (AUP) will change from time to time depending upon the needs of the University. I understand that any new, official version of the AUP must be signed by me before my access to the Resources will be granted.

Examples of Inappropriate Conduct:

Conduct which violates this policy includes, but is not limited to:

  • Accessing another person's computer accounts, files, and/or data.
  • Using the Resources to gain unauthorized access to any computer system.
  • Using any means to decode or otherwise obtain restricted passwords or access control information.
  • Attempting to circumvent or subvert any Resources' security measures. Examples include creating or running programs that are designed to identify security loopholes, to decrypt intentionally secured data, or to gain unauthorized access to the Resources.
  • Engaging in any activity that might be purposefully harmful to the Resources or to any information stored thereon, such as creating or propagating malware, disrupting services, damaging files or making unauthorized modifications to the Resources.
  • Performing any act, intentionally or otherwise, that will interfere with the normal operation of the Resources.
  • Making, using, storing, installing, transmitting, or receiving unauthorized copies of any copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books, or other copyrighted sources, copyrighted music, movies, or software using the Resources or any file-sharing technology.
  • The University retains all ownership rights to all its collective data. Unless specifically authorized by a University official, copying University data to a personal device, storage location, or any other media/network/resource which is beyond the University's control is prohibited.
  • Harassing or intimidating others via electronic mail, news groups or Web pages.
  • Initiating or propagating electronic chain letters.
  • Initiating or facilitating in any way mass unsolicited, unofficial or unaffiliated electronic mailing, (e.g., "spamming", "flooding", or "bombing."). This includes any electronic mailing for personal profit or gain.
  • Forging the identity of a user or machine in an electronic communication.
  • Saturating the Resources to the exclusion of another's use, for example, overloading the network with traffic such as emails or legitimate (file backup or archive) or malicious (denial of service attack) activities.
  • Using the University's systems or networks for personal gain; for example, by selling access to your eAccount or to the Resources, or by performing work for profit with the Resources in a manner not authorized by the University.
  • Engaging in any other activity that does not comply with the general principles presented above.

Enforcement

The University considers any violation of this Acceptable Use Policy to be a serious offense. The University will take such action it deems necessary to copy and examine any data resident on the Resources and to protect the Resources from systems and events that threaten or degrade operations. Violations may be referred to the appropriate University entity for discipline.

Any breach of this Acceptable Use Policy will result in immediate revocation of access to ALL Resources and may result in further disciplinary action including termination and/or legal action.

Governance of These Policies

Information Technology Services (ITS) is responsible for these policies, including adoption, modification and change. Questions regarding this policy should be addressed to the Chief Information Officer of Information Technology Services.