Effective Date: December 11, 2017
Last Reviewed/Approved Date: December 13, 2021
Next Scheduled Review Date: December 13, 2022
Policy Type: Campus-Wide
Elon University provides a wide variety of computing, networking, and other technology facilities in order to promote and support academic pursuits and the University’s strategic mission. By accessing and using Elon Facilities, Elon Assets or Elon Data, all Community members agree to abide by the requirements listed below. This policy supersedes any other prior policies or requirements related to these topics and will be reviewed at least annually for potential updates.
- This policy applies to: All Elon University-owned or managed networks, network devices, computer systems, applications, or any other technology or computing assets (“Elon Assets”);
- All Elon University proprietary or confidential information, including intellectual property (“Confidential Information”)
- Any Elon owned or controlled individually identifiable personal data or other personal information for which the privacy, security, retention and confidentiality are regulated by applicable legal, regulatory and contractual requirements (“Elon Data”);
- Elon Confidential Information and Elon Data stored at third-party locations; and
- Any persons who access or use Elon Facilities or Assets, Confidential Information, Elon Data (the “Elon Community”), including faculty, staff, trustees, students, temporary employees, contractors, third-party service providers, business partners and alumni.
Availability: characteristic of the information by which it can be accessed by authorized persons when it is needed.
Confidentiality: characteristic of the information by which it is available only to authorized persons or systems.
Confidential Information: includes data and information regulated by state, federal or international laws, any data and information regulated by the Payment Card Industry and any Elon data and information that is not considered public.
- any equipment that is used in the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information, including printers, storage devices, computers, computer equipment, network equipment and systems and phone equipment and systems.
- any software or technology system used to store, transmit, process, create or present information or data for University use
- any data or information used by Elon community members in the course of doing business for and on behalf of Elon University.
Elon Data: any information resource that is maintained in electronic or digital format. Data may be accessed, searched, or retrieved via electronic networks or other electronic data processing technologies.
Information Security: preservation of confidentiality, integrity and availability of information.
Information Security Program: a segment of management processes that addresses the planning, implementation, maintenance, monitoring and improving information security within the University.
Integrity: characteristic of the information by which it is changed only by authorized persons or systems in an allowed way.
- Elon Senior Leadership (University President and members of Senior Staff) is responsible for ensuring the availability of resources to adequately monitor and implement this policy.
- Associate Vice President of Information Technology and Chief Information Officer is responsible for ensuring Elon’s access controls are effective and support the requirements of the University.
- Director of Information Security is responsible for designing and implementing access controls, including technical, administrative and physical controls that align to the University’s goals and objectives, address the security needs of the organization and reduce potential risk to an acceptable level.
- Supervisors / Department Heads / Managers are responsible for ensuring their departments and direct reports adhere to the controls implemented by Information Security.
- The Elon Community members must protect Elon Assets and Elon Data within their control from unauthorized access, modification, destruction, and disclosure and immediately report any violation of this policy to his/her supervisor or department head.
5.0 Policy Statements
Every Elon University Community member has a responsibility to use Elon’s technology resources, Elon Facilities, Assets and Data in a responsible manner. As such, Elon Community members must adhere to the following:
- Computer accounts are created for individuals and applications. Each account should only be used by the person or application to whom it has been issued.
- Each Elon Community member is responsible for all actions originating from the use of their account or network connection.
- Elon Assets, including University computer systems, facilities, technology equipment and network resources must only be used for non-commercial activities related to the educational mission of the University by its faculty, staff and students, and other approved University business partners or Elon Community members.
- Elon Community members must not impersonate others, misrepresent themselves or conceal their identity in any electronic communications.
- Elon Community members should assume all information and data on Elon’s information technology is owned by the University and is subject to review and/or audit by the University.
- Elon Community members should treat all data and information on Elon’s information technology as private, unless the information was specifically made public or accessible to the public.
- Elon Community members must not engage in illegal, disruptive and/or invasive actions using Elon computer systems and networks. Using Elon’s computer systems or Assets to engage in illegal activities and/or create and/or send computer viruses, threatening or harassing messages, spam, chain letters or excessive volumes of file transfers is explicitly prohibited, and is considered a violation of this policy.
- Elon Community members must not deliberately or unintentionally degrade or disrupt system or network performance, compromise or circumvent system or network security, or interfere with the work of others.
- Elon University is committed to respecting the intellectual labor and property of others. This commitment extends to all academic discourse, authors, producers and publishers in all media. Since electronic information is extremely portable and easily reproduced and transmitted, respect for the work and personal expression of others is especially critical and must be maintained to prevent copyright infringement.
- Guest Account (Non-Elon domain accounts) access to Elon-owned technology, data, information and business assets must be approved by the Associate Vice President of Information Technology and Chief Information Officer.
Sanctions for inappropriate use of Elon Facilities, Assets or Data, including copyright infringement may include, but are not limited to:
- Temporary or permanent revocation of access to some or all computing, networking and other technology facilities;
- Disciplinary action according to applicable University policies; and/or
- Legal action according to applicable laws and contractual agreements.
Individuals concerned about any violation of this policy are encouraged to contact the Associate Vice President of Information Technology/CIO or the Vice President for Finance and Administration. Individuals can also report suspected policy violations to email@example.com.