Effective Date: December 11, 2017
Last Reviewed/Approved Date: May 01, 2021
Next Scheduled Review Date: May 01, 2022
Policy Type: Campus-Wide
Elon University provides a wide variety of computing, networking, and other technology facilities in order to promote and support academic pursuits and the university’s strategic mission. By accessing and using University information, data and technology equipment and resources, all community members agree to abide by the requirements listed below.
This policy applies to all Elon community members, including staff, students, faculty, alumni, business partners, contractors and third-party service providers who access Elon data, information and technology resources.
Information Resources / Technology Resources: include, but may not be limited to:
- All computer devices and peripherals
- Data and information printouts
- Fax machines
- All computer hardware and software
- Technology-related documentation
- Application programs
- Digital data, information and records
- Telecommunication equipment
- Mobile phones / computer devices
Confidentiality: characteristic of the information by which it is available only to authorized persons or systems.
Integrity: characteristic of the information by which it is changed only by authorized persons or systems in an allowed way.
Availability: characteristic of the information by which it can be accessed by authorized persons when it is needed.
Information Security: preservation of confidentiality, integrity and availability of information.
Information Security Program: a segment of management processes that addresses the planning, implementation, maintenance, monitoring and improving information security within the university.
- Elon Senior Leadership is responsible for ensuring the availability of resources to adequately monitor and implement this policy.
- Associate Vice President of Information Technology and Chief Information Officer is responsible for ensuring Elon’s access controls are effective and support the requirements of the University.
- Director of Information Security is responsible for designing and implementing access controls, including technical, administrative and physical controls that align to the university’s goals and objectives, addresses the security needs of the organization and reduces risk to an acceptable level.
- Supervisors / Department Heads / Managers are responsible for ensuring their departments and direct reports adhere to the controls implemented by Information Security.
- The Elon Community (i.e.: Staff, Faculty, Students, Alumni, Business Partners, Third-party Service Providers, etc.) should read and understand this policy. In addition, community members must protect regulated and sensitive data within their control from unauthorized access, modification, destruction, and disclosure.
5.0 Policy Statements
Every Elon University community member has a responsibility to use Elon’s technology resources, including data and information, in a responsible manner. As such, Elon community members must adhere to the following policy statements:
- Computer accounts are created for individuals and applications. Each account should only be used by the person or application to whom it has been issued.
- Each community member is responsible for all actions originating from the use of their account or network connection.
- Elon University computer systems, facilities, technology equipment and network resources must only be used for non-commercial activities related to the educational mission of the University by its faculty, staff and students, and other approved university business activities.
- Community members must not impersonate others, misrepresent themselves or conceal their identity in any electronic communications.
- Community members should assume all information and data on Elon’s information technology is owned by the University and is subject to review or audit by the university.
- Community members should treat all data and information on Elon’s information technology as private, unless the information was specifically made public or accessible to the public.
- Community members must not engage in illegal, disruptive and/or invasive actions using Elon computer systems and networks. Using Elon’s computer systems to engage in illegal activities and/or create and/or send computer viruses, threatening or harassing messages, spam, chain letters or excessive volumes of file transfers is explicitly prohibited, and is considered a violation of this policy.
- Community members must not deliberately or unintentionally degrade or disrupt system or network performance, compromise or circumvent system or network security, or interfere with the work of others.
- Elon University is committed to respecting the intellectual labor and property of others. This commitment extends to all academic discourse, authors, producers and publishers in all media. Since electronic information is extremely portable and easily reproduced and transmitted, respect for the work and personal expression of others is especially critical and must be maintained to prevent copyright infringement.
- Guest Account (Non-Elon domain accounts) access to Elon-owned technology, data, information and business assets must be approved by the Associate Vice President of Information Technology and Chief Information Officer.
Sanctions for inappropriate use of computing, networking and other technology facilities, including copyright infringement may include, but are not limited to:
- temporary or permanent revocation of access to some or all computing, networking and other technology facilities;
- disciplinary action according to applicable University policies; and/or
- legal action according to applicable laws and contractual agreements.
Individuals concerned about any violation of this policy are encouraged to contact the Associate Vice President of Information Technology/CIO or the Vice President for Finance and Administration/CFO. Individuals can also report suspected policy violations to firstname.lastname@example.org.